So why're you still using a kernel whose main developer says he doesn't give a shit about security, /g/?
http://www.washingtonpost.com/sf/business/2015/11/05/net-of-insecurity-the-kernel-of-the-argument/
masturbating monkey pls go
i use Linux because my corporate overlords tell me not to use it
Linus doesn't even write code anymore.
Fuck off.
>>51293021
sweet damage control, linuxtard
where can i upvote ur post ?
>>51292928
Because I don't care about security either.
Let's face it, can anything be truly secure when the source code is out there for anyone to go through?
This is why I use superior OpenBSD.
>>51293046
Of course.
>>51293046
more secure as code which is closed for anyone
And that post isnt part of a series.
And you dint check lwn.org:
https://lwn.net/Articles/663474/
or you did, and this is bait. On wich I say, go home monkey, there is a update for your system.
>>51293057
Open source means anyone can investigate the code amd find vulnerabilities.
Closed source will be more like stumbling in the dark.
Don't get me wrong, I love the idea of open source since the community itself can help patch and improve the code, but closed source just feels more secure to me.
>>51292928
So why are you still posting this thread since /g/ already showed you that doesn't give a shit about it too?
>>51293074
Are you unfamiliar with reverse engineering?
>>51293074
>>51293046
Nigga, you just went full retard.
What are you, incapable of reading comprehension?
He doesn't say he doesn't give a shit about security.
He says he seeks the golden line between spending time on security and on perfecting and advancing the Kernel, otherwise no work would be done if he spent more time than necessary on security which can never ever be 100% proof because of the nature of software in general.
The real bitching is about a dumb broad leaving the Linux community because her programming and patches were shit,
and she covers up her dumb ass low quality brain by bitching about an "uncomfortable environment". Ergo feminists decided to bitch about an extreme point against Linus in retaliation.
Of course, nothing will change.
>>51293097
Okay explain how open source is more secure?
I'm not claiming to be an expert, that was just my opinion. How is it wrong?
>>51293084
That sounds like a lot more effort than copying and pasting from github.
>>51293103
Aren't feminists trying to hit him with rape charges?
>>51293103
Are you? It's pretty obvious here that he gives no fucks about security and would rather let other people do it instead:
>If I have to worry about that kind of scenario happening, Torvalds added with a wry grin, I won't get any work done.
LINUX, NOT EVEN ONCE.
>>51293074
Finding vulnerabilities in closed source/open source is about the same difficulty tbqh.
>>51293135
They are trying to do a honeypot allegedly. No proof is there, but i am inclined towards finding it believable considering the MO of feminists.
If you told me there would exist a secular equivalent of the Westboro Baptist Church like Feminism 10 years back, i would laugh at you. Yet here we are, the circumstances being exactly thus.
>>51293116
You are talking crap. The best safe in the world can be open source so everyone knows how the mechanism works, and it will still be the best sage in the world. And not only that, flaws are even easier to see and repair, and the users of the safe can higher professionals to inspect/fix the safety.
The proprietary shitty safe that you can buy at wallmart,on the other hand, will never be more secure than that.
"Well, anyway, the code, as I saw it, was neat. Real neat. Extremely neat. In fact, I found it painful to read after a while. It was so neatly laid out that I found myself admiring it. It seems to have been built like an aircraft. It has everything that opens and shuts, has code for just about everything I've ever seen considered on a scheduler, and it's all neatly laid out in clean code and even comments. It also appears to have been coded with an awful lot of effort to ensure it's robust and measurable, with checking and tracing elements at every corner. I started to feel a little embarrassed by what we have as our own kernel. The more I looked at the code, the more it felt like it pretty much did everything the Linux kernel has been trying to do for ages. Not only that, but it's built like an aircraft, whereas ours looks like a garage job with duct tape by comparison."
- Con Kolivas, http://ck-hack.blogspot.be/2010/10/other-schedulers-illumos.html
>>51293183
>everyone knows how the mechanism works
And everyone knows how to get in.
>>51293165
Seems you are after all incapable of reading:
>His broader message was this: Security of any system can never be perfect. So it always must be weighed against other priorities — such as speed, flexibility and ease of use — in a series of inherently nuanced trade-offs. This is a process, Torvalds suggested, poorly understood by his critics.
>>51293206
Is this bait? I'm too autistic to tell.
Are you writing from a world where Windows is OSS or smth?
>>51293234
I'm honestly having a hard time understanding how open source can be more secure. I'm an ausfag though so its a bit difficult to understand at the end of the day. Got an exam tomorrow and tired as fuck, so that isn't helping.
My point is that while the community can patch exploits in open source software, what's to stop others from exploiting them?
>>51293271
I was not saying it's more secure, maybe you were arguing with someone else who did, I'm just chiming in on things that look wrong to me. I'd say there is no difference between open/closed source. Nothing stops others from exploiting OSS bugs, just like nothing stops people from exploiting closed source programs bugs. And unless you're dealing with a heavily obfuscated binary looking for exploitable bugs is not particularly different in difficulty between oss/closed source.
>>51293271
Programmers make a lot of mistakes. This is not "in theory", this what actually happens. With open source, those mistakes are found quickly and fixed. Install latest version and you're safe. With closed source it is more difficult to find mistakes and those who search do not reveal their findings - they just exploit. That's the gist of it. So errors just stay in code.
>>51293324
> those who search do not reveal their findings - they just exploit
Why do you think that someone who finds an exploit for oss project just reports it and someone who finds an exploit in css project has to exploit it instead? Do you think that only criminals use disassemblers or smth? The logic of this is beyond me.
>>51293343
>Why do you think that someone who finds an exploit for oss project just reports
I don't think that.
But I do know that a lot of people find bugs in open source code and help with them.
And very few do with closed source.
You're thinking in extremes. Don't.
>>51293357
>But I do know ... very few do with closed source
That's not something I know though. Do you have any data to back this up? Plenty of people research and report vuln's to vendors. Even though vendors usually treat white hats like dirt under nails.
Also.
>With open source, those mistakes are found quickly and fixed
>install... and you're safe
>With closed source ... those who search do not reveal their findings
>You're thinking in extremes. Don't.
fuck off
>AshleyMadison.com, the Web site that facilitates extramarital affairs and suffered an embarrassing data breach in July, was reportedly running Linux on its servers
>Those problems did not involve the kernel itself
So why mention it you fucking retarded idiots? This segment alone validates Linus's statement:
>“There is no way in hell the problem there is the kernel,” Torvalds said. “If you run a nuclear power plant that can kill millions of people, you don’t connect it to the Internet.”
>Or if you do, he continued, you build robust defenses such as firewalls and other protections beyond the operating system so that a bug in the Linux kernel is not enough to create a catastrophe.
Also, Linus has a perfect point with the following:
>His broader message was this: Security of any system can never be perfect. So it always must be weighed against other priorities — such as speed, flexibility and ease of use — in a series of inherently nuanced trade-offs. This is a process, Torvalds suggested, poorly understood by his critics.
As far as what applies to the writers of this article, i think using Linus's words will suffice:
>One group he has dismissed as “masturbating monkeys.” In blasting the security features produced by another group, he said in a public post, “Please just kill yourself now. The world would be a better place.”
Fucking idiots.
>>51293324
>>51293320
That's a lot easier to understand.
Open source is more secure because of the community. Thanks anon.
>>51293032
le reddit fag appear
>>51293397
>One group he has dismissed as “masturbating monkeys.” In blasting the security features produced by another group, he said in a public post, “Please just kill yourself now. The world would be a better place.”
I fucking love Linus.
>>51293393
Replace "safe" with "safer" then.
I do not claim full protection form everything.
Trace the discussion to the beginning, and original claim is "OSS is generally more secure"
> Do you have any data to back this up?
There is quite obviously no stats gathered by anyone. It's just that looking for mistakes in OSS is easy because source is there, and in closed source software it's hard. That's why more are doing former.
You mentioned you don't understand why someone would think this way. Well, I gave you reasons. And when your response to those reasons is "give proof!", you just look plain stupid.
>>51293343
>The logic of this is beyond me.
Don't waste your time. People suffering from freetardation just don't listen, they're like religious nutjobs, for example:
Freetard: OSS sec vuln are found quickly and patched for the good of mankind, it's magical!
Sec expert: How do you know people don't search for vulns in OSS and keep it to themselves?
Freetard: That just does not not happen, it's open source, it's secure!
Religious nut: God is real, he is the saviour of man! Science is wrong!
Normal person: How do you know God is real, what if science proved God is real?
Religious nut: Because I said so, and if that happened then obviously God made science, omg look at all the medicine healing God gave us with science! I loooooooooooove God!
>>51293440
> That's why more are doing former.
Don't think so. Probably more people are _still_ looking for flash vulns than looking through mountains of oss code to find bugs.
>"safe" with "safer" then.
Well, that's a very different sentence now, isn't it? Like one wise anon once said:
>You're thinking in extremes. Don't.
Also: I don't need to trace the discussion to the beginning to point out that shit you're writing in your current post is just plain wrong. There is no discussion that could justify saying "install whatever and you're safe" or "people who have to RE to find bugs only exploit whatever bugs they find and don't report, that's just how I think but that's also why OSS is more secure"
>in OSS is easy because source is there, and in closed source software it's hard
Looking for mistakes in both is hard, you can just look at shellshock and heartbleed and see that even very simple, stupid-ass easy to spot bugs stay in code for years upon years. RE doesn't add that much of difficulty, the problem of verifying that something is secure lies in the complexity of the program and it doesn't matter if you have to deal with 1 million lines of code source tree or with 10 million instructions binaries: you're not gonna just stroll through all of this shit because nobody got time for that, you're gonna look for other ways to break the program: fuzzers, static analysis tools. And RE most of the time adds only a little bit of overhead.
>That's why more are doing former.
That's not necessarily true. Most people look for bugs in software that's used most or for bugs with the biggest impact, not in software that is just open.
>your response to those reasons is "give proof!", you just look plain stupid.
Your recap of the discussion is wrong by the way. You claimed some bullshit, I asked 'why are you claiming bullshit', you backpedaled a little bit and made a weaker claim, and I just asked 'why you claim that now?' and you fell back to 'that's just what I think'. w/e
>Security people are often the black-and-white kind of people that I can't stand. I think the OpenBSD crowd is a bunch of masturbating monkeys, in that they make such a big deal about concentrating on security to the point where they pretty much admit that nothing else matters to them.
>>51292928
Say goodbye to your smartphone, OP, you clueless nigger.
>>51293183
>it will still be the best sage in the world.
just like me :^)
