Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Trading Discussion
Re: About Mt. Gox flaw from a security expert
by
Webengers
on 21/06/2011, 20:29:43 UTC
Quote from: Horkabork on June 20, 2011, 11:03:02 AM
Quote from: muad_dib on June 20, 2011, 10:00:17 AM
Quote from: Grinder on June 20, 2011, 09:41:37 AM

As an expert you should be aware that security and reliability is not the same thing. Also, if you look at the full table, the bottom two providers with a lot higher outage than everybody else run FreeBSD. If you calculate an average, FreeBSD will be much worse than the other solutions. Basically you can pretty much get any result you want from this list.

Reliability in strongly connected to Security. If you need to patch, reboot, or manage an intrusion then your reliability goes down. It also means that there is less security maintenance (even though freebsd update process is more obscure).

The table show us that if you want to be the most reliable, you need to choose unix.


Or you can count privilege escalation: 61 bugs in the last 7 years for linux, 3 for freebsd.

Or you can count vulnerabilities, even thought being freebsd smaller, this is a biased comparison.

Or you can do very rough estimation:

Google "Hacked by"+ linux: 2.3 millions results

Google "Hacked by"+ Freebsd: 230.000 results (one fold less!!!)


Anyhow let's put this way: My opinion is that FreeBSD is the most secure,  reliable and scalable OS. You think that Linux is more secure than FreeBSD.


I totally agree with you on this metric. Obviously, it follows with what I, a bona-fide security expert grade III red belt level with tactical upgrades and laser vision (tm), have always said: The most reliable, least vulnerable way to serve webpages is through a modified vintage 1995 Nintendo Virtual Boy.

Google agrees with me, as "Hacked by"+"virtual boy" has a mere 61,300 results.

Prove me wrong. I dare you, because I just bought a pair of x-pert system II zookas and a nintendo power glove. It's hooked to my keytar, with a wii wammy bar and a silicon 3d aggregator nanostruts mashup through UG ajax immersion portals.

Obviously, this is all coded in COBOL. It's the safest language.

Haha, Agreed. I'm not a Linux fanboy, but as soon as he started touting the security benefits of FreeBSD over the security Benefits of Linux he loses all credibility. The services that are normally exploited are generally run by multiple Unix clones. Securing a system takes an experienced *nix sysadmin and someone who understands networking and routing thoroughly, that's it.