Page 3 of 4
Posted: Thu Sep 25, 2008 11:06 pm
by canine
WhiteKnight wrote:But I replace the DLL therefore ending a lot of security blockades.
Windows overall is riddled with security problems.
You need to have the source code to windows to effectively address the security concerns. Microsoft doesn't have the manpower to clear out the security problems. Hell, it's probably require a rewrite. The design is shot through with poor coding. Since no one else has access to the code, it's going to remain that way.
Posted: Thu Sep 25, 2008 11:33 pm
by WhiteKnight
Then what about Linux?
Linux seem to have full of problems with any computer I put it on. Security risk is massively high, I could even hack it myself. And where is the source code of it? Entire OS? I'm not sure about it programming capability since it seems to be inflexible(Checked out with GNU). I used Fedora 9, Ubuntu, and other Linux Operating Systems.
So therefore cause me to think that Windows is more reliable than Linux by the look of it.
Posted: Fri Sep 26, 2008 4:11 am
by canine
WhiteKnight wrote:Then what about Linux?
Linux seem to have full of problems with any computer I put it on. Security risk is massively high, I could even hack it myself.
Yes, you can hack Linux. It's designed that way. That's the point of it. But the fact that you can hack it means it has nearly flawless security.
Cracking is a different story, however.
It's nearly impossible to crack any GNU/Linux distributions. You could not do it.
I'm not trying to be rude, but if you think you cracked it, I'm under the suspicion that you are mistaken.
WhiteKnight wrote:
And where is the source code of it? Entire OS? I'm not sure about it programming capability since it seems to be inflexible(Checked out with GNU). I used Fedora 9, Ubuntu, and other Linux Operating Systems.
The entire source for most of the average GNU/Linux distribution is available online. And the programming capability with GNU tools is second to none. Programming on a GNU system is wonderfully excellent.
Also, there is no "Linux Operating System". Linux is just the kernel.
WhiteKnight wrote:So therefore cause me to think that Windows is more reliable than Linux by the look of it.
Windows is ridiculously unreliable in comparison to GNU/Linux.
Posted: Fri Sep 26, 2008 4:58 am
by WhiteKnight
Correct me if I'm wrong.
Are you saying that Windows are for quality and Linux is for performance?
I also in question why people called Linux an operating system though if you recall it to be a kernel.
If cracking Linux is impossible then what about gaining access to super user on SSH and attack with series of brute forces/dictionary attacks? It only a matter of time before it successfully enter. These are the following methods that I used against Linux.
GNU seems to be over riddle of exceptions meaning error handling therefore making this harder to program in "Form Application."
Hopes that reduce your number of questions.
Posted: Fri Sep 26, 2008 6:13 am
by canine
WhiteKnight wrote:Correct me if I'm wrong.
Are you saying that Windows are for quality and Linux is for performance?
I'm not sure what you mean. GNU/Linux has higher performance and quality than Windows. The code is more robust and better tested.
WhiteKnight wrote:I also in question why people called Linux an operating system though if you recall it to be a kernel.
Linux is a kernel. GNU/Linux is the combination of the Linux kernel with GNU userland tools to make a complete operating system. Most people refer to the whole thing as "Linux", though this is incorrect.
WhiteKnight wrote:If cracking Linux is impossible then what about gaining access to super user on SSH and attack with series of brute forces/dictionary attacks? It only a matter of time before it successfully enter. These are the following methods that I used against Linux.
Well sure, but that's if you choose a bad password. The one thing about security is that you can never fix the biggest security hole: people. People choose shitty passwords, like "sex" or their birthday, and then they wonder how their email/user account/etc was compromised. They chose bad passwords. Brute forcing a password is a security hole that can never be fixed and doing so doesn't constitute cracking.
Also, when a password attempt fails, there is a mandatory delay, so that a reasonably chosen password can escape brute-forcing.
WhiteKnight wrote:GNU seems to be over riddle of exceptions meaning error handling therefore making this harder to program in "Form Application."
Hopes that reduce your number of questions.
What?
I'm not sure what you mean.
Posted: Fri Sep 26, 2008 2:15 pm
by WarriorOfLight
ROFL that's funny
"Linux is impossible to crack"
OKay, if you think you are smart, and of course, are not going to believe me, check this out:
http://milw0rm.com/search.php?dong=Linux+Kernel
These are exploits just for kernel. Think how many holes are there in a complicated linux distribution.
If you know big shit, just one peacful advice - shut up.
Posted: Fri Sep 26, 2008 2:42 pm
by canine
WarriorOfLight wrote:ROFL that's funny
"Linux is impossible to crack"
OKay, if you think you are smart, and of course, are not going to believe me, check this out:
http://milw0rm.com/search.php?dong=Linux+Kernel
These are exploits just for kernel. Think how many holes are there in a complicated linux distribution.
If you know big shit, just one peacful advice - shut up.
I never said it was impossible to crack. Don't misquote me. I said it was exceedingly difficult to crack.
And the current version of the Linux kernel is 2.6.26.5. Those exploits are out of date.
Also there are few holes in GNU/Linux distributions. The point of free software is the fact that if you have more programmers staring at the same piece of code, the bug in it will be discovered and fixed long before a bug in a similar piece of code will be discovered by less programmers.
Anyhow...
The current state of the average GNU/Linux distribution today is that cracking IS virtually impossible. I use the adjective "virtually" because while bugs will be discovered, they'll either be innocuous and/or eradicated much quicker than they can be a problem, there is still a small chance of an exploit. Hell, no one with the average distro probably even ran those affected kernels, as distributions distribute modified kernels. Also, nothing else runs in such a way that they pose any sort of threat. Even many important daemons run with restricted rights.
So, you want to crack a GNU/Linux system? You're going to need to scour the kernel for bugs and then hope that someone is running the affected kernel.
Posted: Fri Sep 26, 2008 8:57 pm
by jack krauser
canine wrote:WarriorOfLight wrote:ROFL that's funny
"Linux is impossible to crack"
OKay, if you think you are smart, and of course, are not going to believe me, check this out:
http://milw0rm.com/search.php?dong=Linux+Kernel
These are exploits just for kernel. Think how many holes are there in a complicated linux distribution.
If you know big shit, just one peacful advice - shut up.
I never said it was impossible to crack. Don't misquote me. I said it was exceedingly difficult to crack.
And the current version of the Linux kernel is 2.6.26.5. Those exploits are out of date.
Also there are few holes in GNU/Linux distributions. The point of free software is the fact that if you have more programmers staring at the same piece of code, the bug in it will be discovered and fixed long before a bug in a similar piece of code will be discovered by less programmers.
Anyhow...
The current state of the average GNU/Linux distribution today is that cracking IS virtually impossible. I use the adjective "virtually" because while bugs will be discovered, they'll either be innocuous and/or eradicated much quicker than they can be a problem, there is still a small chance of an exploit. Hell, no one with the average distro probably even ran those affected kernels, as distributions distribute modified kernels. Also, nothing else runs in such a way that they pose any sort of threat. Even many important daemons run with restricted rights.
So, you want to crack a GNU/Linux system? You're going to need to scour the kernel for bugs and then hope that someone is running the affected kernel.
difficult to crack?
sooner or later hackers and crackers "win" all the progarmmers and all the time new security holes are found!!
there is no word such as "secure programm" or even a secure software
and this exploit you found are just for the public
cause i don't know if you have ever heard of 0-day exploits.
cause 0-day exploits are the ones that black hat discover and don't publish them for various of reasons such as script kiddies won't use them.
so my point is that there are thousand of exploits for linux and those exploits you just linked is just a very small part of them.
Posted: Sat Sep 27, 2008 2:51 am
by WhiteKnight
WarriorOfLight wrote:ROFL that's funny
"Linux is impossible to crack"
OKay, if you think you are smart, and of course, are not going to believe me, check this out:
http://milw0rm.com/search.php?dong=Linux+Kernel
These are exploits just for kernel. Think how many holes are there in a complicated linux distribution.
If you know big shit, just one peacful advice - shut up.
Do not insult him, just simply restrain some professional manners.
Posted: Sat Sep 27, 2008 3:17 am
by WhiteKnight
canine wrote:WarriorOfLight wrote:ROFL that's funny
"Linux is impossible to crack"
OKay, if you think you are smart, and of course, are not going to believe me, check this out:
http://milw0rm.com/search.php?dong=Linux+Kernel
These are exploits just for kernel. Think how many holes are there in a complicated linux distribution.
If you know big shit, just one peacful advice - shut up.
I never said it was impossible to crack. Don't misquote me. I said it was exceedingly difficult to crack.
And the current version of the Linux kernel is 2.6.26.5. Those exploits are out of date.
Also there are few holes in GNU/Linux distributions. The point of free software is the fact that if you have more programmers staring at the same piece of code, the bug in it will be discovered and fixed long before a bug in a similar piece of code will be discovered by less programmers.
Anyhow...
The current state of the average GNU/Linux distribution today is that cracking IS virtually impossible. I use the adjective "virtually" because while bugs will be discovered, they'll either be innocuous and/or eradicated much quicker than they can be a problem, there is still a small chance of an exploit. Hell, no one with the average distro probably even ran those affected kernels, as distributions distribute modified kernels. Also, nothing else runs in such a way that they pose any sort of threat. Even many important daemons run with restricted rights.
So, you want to crack a GNU/Linux system? You're going to need to scour the kernel for bugs and then hope that someone is running the affected kernel.
Sorry about my English and pretty commonly affected by my deafness.
I was talking about the issues of error handling in the GNU development and it seemly slowing my development time.
Because there are numerous of exceptions I have to handle on those programs and seemly more complex by security permission and access management.
Posted: Sat Sep 27, 2008 6:00 am
by canine
jack krauser wrote:
difficult to crack?
sooner or later hackers and crackers "win" all the progarmmers and all the time new security holes are found!!
What are you talking about? Not `sooner [nor] later' do the crackers win. It's not like people write a piece of software, release it and never touch it. If a problem is found, they fix it and release their fix. How does that imply that crackers eventually win?
It doesn't.
jack krauser wrote:
there is no word such as "secure programm" or even a secure software
and this exploit you found are just for the public
cause i don't know if you have ever heard of 0-day exploits.
cause 0-day exploits are the ones that black hat discover and don't publish them for various of reasons such as script kiddies won't use them.
so my point is that there are thousand of exploits for linux and those exploits you just linked is just a very small part of them.
No, the kernel is quite secure.
WhiteKnight wrote:
Sorry about my English and pretty commonly affected by my deafness.
I was talking about the issues of error handling in the GNU development and it seemly slowing my development time.
Because there are numerous of exceptions I have to handle on those programs and seemly more complex by security permission and access management.
I am not sure what you're doing, but all system calls have ways to tell if they worked or not. And it's important to check.
In the same way that writing to a file may fail if the hard drive doesn't have any more space, similar operations can fail.
It's always important to check for errors.
Posted: Sat Sep 27, 2008 6:37 am
by WhiteKnight
True, but too many exceptions to handle can creates chaos.
It sometime become a deadlock for me that I cannot have the program to do one job and it cause cascade of failures among different functions in that program. Also there is no workaround in some case.
Posted: Sat Sep 27, 2008 5:07 pm
by canine
WhiteKnight wrote:True, but too many exceptions to handle can creates chaos.
It sometime become a deadlock for me that I cannot have the program to do one job and it cause cascade of failures among different functions in that program. Also there is no workaround in some case.
Perhaps you're trying to do something that can't be done.
Don't blame GNU. It's excellently designed. It provides for ways to do anything you wish, while keeping the system secure. If you have problems, I can probably help you out. I can code in most popular languages, barring the really obscure or windows-exclusive.
Posted: Sat Sep 27, 2008 6:45 pm
by WhiteKnight
canine wrote:WhiteKnight wrote:True, but too many exceptions to handle can creates chaos.
It sometime become a deadlock for me that I cannot have the program to do one job and it cause cascade of failures among different functions in that program. Also there is no workaround in some case.
Perhaps you're trying to do something that can't be done.
Don't blame GNU. It's excellently designed. It provides for ways to do anything you wish, while keeping the system secure. If you have problems, I can probably help you out. I can code in most popular languages, barring the really obscure or windows-exclusive.
Thank for your explanation.
I will try and research on GNU a bit more and study more of it functions.
Posted: Sat Sep 27, 2008 9:27 pm
by canine
WhiteKnight wrote:
Thank for your explanation.
I will try and research on GNU a bit more and study more of it functions.
Yeah.
Also, GNU tools and libraries are ridiculously well coded. Richard Stallman is kind of a crackpot hippie, but he does know what he's talking about when it comes to coding. He holds the GNU project to
strict standards.
Basically this means that, as long as your computer has enough ram, you can throw any amount of data at a GNU utility, or have it operate in all sort of conditions, and it'll take it. If there's an error, it'll tell you. None of this "silent failure" bullshit that went down in the past, where it failed to tell you if something failed.
Will tell you the version of awk you have on your system. Windows, unless you go out of your way to install it, doesn't come with a version of it. I personally don't use awk, but it can be pretty handy if you can deal with its bizarre syntax.
Anyhow, If you get something that says "GNU Awk 3.1.5", you are running a GNU program and it'll run like a beast.
All GNU programs are well coded due to Stallman's influence.