Posts by securityfiend

HAH = BOFH

This is possible on Windows using DCOM. My team leader (a true BOFH) would run Excel on *my* pc while having the GUI on his PC...

This was in the mid-late 1990's on Win95...

He wrote an internal RAT / admin tool for the PC's that simplified our work no-end...

It has become the norm since the manufacturers have worked out:

"if a man* buys my device, I eat for a day. If I let him enter my walled garden, I earn an obscene executive bonus."

* Insert gender of choice

Icon because, well. They know what you read, watch, who you call, your taste in music, track your movements, who you are having an affair with, when you break the speed limit....

Maybe a tinfoil icon would be better...?

Charles Henry Boyle

*ahem*

As pressure drops, temperature falls too. The chamber will be cold enough for the experiment due to this effect. Conduction to the sides of the vessel will be significant but not by much. Convection to the glass plate may be significant until the low pressure puts an end to that.

Careful about letting the glass plate get frosted up. I want HD quality video (slomo of course) of the

ignition and H2O crystals are going to get in the way of my viewing pleasure...

Icon seems appropriate...!

About face...!

I agree with your sentiments but not necessarily your conclusion...

1) the code is closed (enough already not use it right here), the development and maintenance can't be controlled by the customer;

Are customers savvy enough to understand the code to "control" it...? Also, with a closed OS, the addition of malcode is significantly less likely than open source where *anyone* can edit it. Remember the unconfirmed NSA claim a few years back they put backdoors into Linux...?

2) MS Windows' the OS because of its architecture peculiarities is not secure due to its lack of permissions and setuid/setgid model, and existence of very vulnerable protocols like RPC;

Hm. There are plenty of hacks that leverage "S" or "G" to elevate privs. Also windows does have a full permissions model that has more functionality and granularity that anything I have seen except VMS. Regarding RPC, the protocol is not insecure. All the bugs in DCERPC are related to implementation or design faults of a particular interface. Implementation bugs are also not related to MS code. What about the rash of OpenSSH vunls that came out 5-6 years ago...? In reality, both Linux and MS offerings are likely to have implementation bugs. That is why testing is so important.

3) as a consequence of 2) any MS Windows Server host requires a 24/7 running resources-hungry antivirus software;

Hm.

A hypervisor shouldn't need to run an AV product. No-one should be using the hypervisor itself. all it does is schedule access to resources for guest VM's.

4) MS Windows products are not as easy configurable as their Linux/BSD-based counterparts...

YMMV. GPolicy is very powerful especially with AD but the concept *is* difficult to catch. However once you have it, it is arguably easier than the messed up config files on a Linux / BSD box...

I have not seen the MS System Centre solution but the rumour I heard surprised me about what it could do.,

For my opinion, I think HyperV is worthy of consideration. Your arguments present one point of view from a pro open source standpoint.

I'm a security guy and MS is no longer the automatic bad guy.

I am not an MS or Linux fanatic. I just use them for my job and this means living in the real world where often the reason for making a particular choice is financial or political.