Tacti anti-monoculture argument

Story: Why Pwn2Own doesn't target LinuxTotal Replies: 5
Author Content
phsolide

Mar 08, 2011
2:20 PM EDT 		Somebody call Wagg-Ed quick! Shills and plants needed to "debunk" and "refute" an indirect reference to the Microsoft Software Monoculture Problem!

Quoting:you can't go to BestBuy and buy Linux with a specific distro on it that everyone uses that has widespread market share.


I don't disagree with that quote at all, it's the truth. It also states and supports the anti-monoculture argument against using MSFT software. in 2003, Dan Geer et al released a big ol' position paper on it, and it cost Geer his job. A few years later, Geer meditated on the whole episode: http://www.usenix.org/publications/login/2005-12/openpdfs/ge...

Whenever someone "big name" allows discussion of the issue, the Shills Fly: http://www.schneier.com/blog/archives/2007/05/dan_geer_on_tr...

Somebody get on the horn and order up some Shills, plants and trolls to slant the discussion of Pwn2own away from monoculture issues, and towards "they're all weak, everything can be pwned".
phsolide

Mar 08, 2011
2:26 PM EDT 		Oh, holy cow, a typo, in the title no less. TACIT not TACTI. Doggone these 10 thumbs.
tracyanne

Mar 08, 2011
6:28 PM EDT
Quoting:h4xor66 said:

i love how the linux newbs are screaming that linux is superior and cant be hacked ... the fact is linux is as easy if not easier to hack than windows xp, the challenge isn't in the OS it's in the browser that you are using, if you are using a browser and you have flash installed on the computer, then any good hacker can gain elevated privileges and do basically whatever they want to your box


So prove it.
mrider

Mar 08, 2011
6:52 PM EDT 		To finish tracyanne's post:

As my pappy used to say, "I'm from Missouri. Show me."

(To those not from the United States, Missouri is "The show me" state.)
helios

Mar 08, 2011
7:54 PM EDT 		Don't listen to their excuses...Linux was part of this in 2008 and it stood strong to the end. I remember something being said about "if we had another 20 minutes, we would have hacked it"....or words to that effect.

Then again, using MS Win7 as the benchmark is goofy on it's face.

Well, it's been three years and those "we hacked Linux" results haven't been published to my knowledge...and I believe it's more about not wanting to be embarrassed again than anything else.

Or so I'm guessin'.
tracyanne

Mar 08, 2011
9:12 PM EDT 		I love this comment on the CanWestSec website, regarding access to the WiFi network at the venue.

Quoting:2011-03-08-12:00:00 CanSecWest 2011 WiFi Weapon of Doom

This year we've decided to take a different approach for the CanSecWest wireless network. Our network will be fully encrypted using WPA2-Enterprise(EAP-PEAP) AES/CCMP only A total of five access points will provide coverage for the main conference hall:

- 3 in the 2.4Ghz (802.11g/n) range

- 2 in the 5Ghz (802.11n) range

Authentication and SSID information will be provided to attendees at the registration desk Your account will provide access through one 2.4Ghz and one 5Ghz access point If you are using a Windows XP/Vista/7 device, some manual configuration will be required (instructions and assistance will be available at the registration desk) For all others (IOS/OSX/Android/Linux/Symbian/Mobile 7) it should "just work"


Bolding is mine.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!