Hello, test
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or
start a discussion about anything related to embedded programming, microcontrollers, etc. There is not a lot of traffic in this group, but there are quite a number of regulars who will see posts and jump in if
there is something interesting to talk about. It's a sleepy group - we
just need someone to wake us up!
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or
start a discussion about anything related to embedded programming,
microcontrollers, etc. There is not a lot of traffic in this group,
but there are quite a number of regulars who will see posts and jump
in if there is something interesting to talk about. It's a sleepy
group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and
email and had to import settngs etc from a previous host. Long term association with Sun Sparc has been broken, as the cost of keeping
them powered up is becoming oppressive. This machine is running open
Indiana hipster, an open solaris fork and so far, seems very good. Mate desktop and a fresh zfs pool. almost duplicates the Solaris 10 used
for a decade or more. I try to evaluate several os's a year and have
looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird 102, replacing the old version 10, used for years here...
Chris
On 14/09/2022 13:07, chris wrote:
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or
start a discussion about anything related to embedded programming,
microcontrollers, etc. There is not a lot of traffic in this group,
but there are quite a number of regulars who will see posts and jump
in if there is something interesting to talk about. It's a sleepy
group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and
email and had to import settngs etc from a previous host. Long term
association with Sun Sparc has been broken, as the cost of keeping
them powered up is becoming oppressive. This machine is running open
Indiana hipster, an open solaris fork and so far, seems very good. Mate
desktop and a fresh zfs pool. almost duplicates the Solaris 10 used
for a decade or more. I try to evaluate several os's a year and have
looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird 102,
replacing the old version 10, used for years here...
Chris
This is not exactly on-topic for the group, but I expect people will
figure that out from the subject, and it's not as though on-topic
threads are getting lost in the crowd!
I haven't used a Sparc since a Sun-4 at university, nearly thirty years ago. I didn't think they had been much used for workstations for
decades (though they were of course found in some kinds of servers, big
iron and supercomputers until much more recently).
What factors lead you to OpenIndiana, rather than a more mainstream alternative like Linux or at least FreeBSD? Of course you can compile a
lot of *nix software for it, as it is a perfectly standard POSIX system,
but you're going to have a lot more challenge with anything pre-built.
And like it or not, that's almost unavoidable for a lot of embedded development.
Will try to bring it back on topic, but what factors ?. Have been
using Sparc based machines as a more secure solution for main server
tasks, but also ftp and web server, as well as a desktop for some
software and other development work.
Windows is here on sufferance
and run FreeBSD as the main software dev system. Always did like
Solaris, mainly for the zfs file system, zones and just the general robustness of the os and the hardware. Have built and used cross
gnu for both 68K and arm, and here's quite a bit of history that
openindiana will hopefully provide continuity for, even though some rebuilding will be needed. A bit of an experiment, but the cost of
energy, ever increasing, means some compromise needed in the number
and type of machines running 24x7. Save around 200 watts by replacing
the Sun and disk array with a 1U i5 based machine. If it doesn't
work out, Freebsd with zfs and jails will be the preferred solution.
FreeBSD is the os of choice now. Much more lean and less bloat than
Linux. Docs and package availability excellent. The Arm X
compiler tools being just a package install, for example and a full
set of gnu related tools out of the box as well. Still a makefile
environment here, xnedit editor, less is more etc...
On 9/14/22 14:36, David Brown wrote:
On 14/09/2022 13:07, chris wrote:
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or
start a discussion about anything related to embedded programming,
microcontrollers, etc. There is not a lot of traffic in this group,
but there are quite a number of regulars who will see posts and jump
in if there is something interesting to talk about. It's a sleepy
group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and
email and had to import settngs etc from a previous host. Long term
association with Sun Sparc has been broken, as the cost of keeping
them powered up is becoming oppressive. This machine is running open
Indiana hipster, an open solaris fork and so far, seems very good. Mate
desktop and a fresh zfs pool. almost duplicates the Solaris 10 used
for a decade or more. I try to evaluate several os's a year and have
looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird 102,
replacing the old version 10, used for years here...
Chris
This is not exactly on-topic for the group, but I expect people will
figure that out from the subject, and it's not as though on-topic
threads are getting lost in the crowd!
I haven't used a Sparc since a Sun-4 at university, nearly thirty
years ago. I didn't think they had been much used for workstations
for decades (though they were of course found in some kinds of
servers, big iron and supercomputers until much more recently).
What factors lead you to OpenIndiana, rather than a more mainstream
alternative like Linux or at least FreeBSD? Of course you can compile
a lot of *nix software for it, as it is a perfectly standard POSIX
system, but you're going to have a lot more challenge with anything
pre-built. And like it or not, that's almost unavoidable for a lot of
embedded development.
Will try to bring it back on topic, but what factors ?. Have been
using Sparc based machines as a more secure solution for main server
tasks, but also ftp and web server, as well as a desktop for some
software and other development work.
Windows is here on sufferance
and run FreeBSD as the main software dev system. Always did like
Solaris, mainly for the zfs file system, zones and just the general robustness of the os and the hardware. Have built and used cross
gnu for both 68K and arm, and here's quite a bit of history that
openindiana will hopefully provide continuity for, even though some rebuilding will be needed. A bit of an experiment, but the cost of
energy, ever increasing, means some compromise needed in the number
and type of machines running 24x7. Save around 200 watts by replacing
the Sun and disk array with a 1U i5 based machine. If it doesn't
work out, Freebsd with zfs and jails will be the preferred solution.
FreeBSD is the os of choice now. Much more lean and less bloat than
Linux. Docs and package availability excellent. The Arm X
compiler tools being just a package install, for example and a full
set of gnu related tools out of the box as well. Still a makefile
environment here, xnedit editor, less is more etc...
Chris
On 14/09/2022 18:41, chris wrote:
On 9/14/22 14:36, David Brown wrote:
On 14/09/2022 13:07, chris wrote:
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or
start a discussion about anything related to embedded programming,
microcontrollers, etc. There is not a lot of traffic in this
group, but there are quite a number of regulars who will see posts
and jump in if there is something interesting to talk about. It's
a sleepy group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and
email and had to import settngs etc from a previous host. Long term
association with Sun Sparc has been broken, as the cost of keeping
them powered up is becoming oppressive. This machine is running open
Indiana hipster, an open solaris fork and so far, seems very good. Mate >>>> desktop and a fresh zfs pool. almost duplicates the Solaris 10 used
for a decade or more. I try to evaluate several os's a year and have
looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird 102, >>>> replacing the old version 10, used for years here...
Chris
This is not exactly on-topic for the group, but I expect people will
figure that out from the subject, and it's not as though on-topic
threads are getting lost in the crowd!
I haven't used a Sparc since a Sun-4 at university, nearly thirty
years ago. I didn't think they had been much used for workstations
for decades (though they were of course found in some kinds of
servers, big iron and supercomputers until much more recently).
What factors lead you to OpenIndiana, rather than a more mainstream
alternative like Linux or at least FreeBSD? Of course you can
compile a lot of *nix software for it, as it is a perfectly standard
POSIX system, but you're going to have a lot more challenge with
anything pre-built. And like it or not, that's almost unavoidable for
a lot of embedded development.
Will try to bring it back on topic, but what factors ?. Have been
using Sparc based machines as a more secure solution for main server
tasks, but also ftp and web server, as well as a desktop for some
software and other development work.
More "secure" than what? Secure against what?
As long as you take a few basic precautions (such as a solid firewall),
a desktop is as secure as the person using it - regardless of the
system. If you run random programs from random places, click on random
links without thought, believe emails telling you about free bitcoins,
then you'll get in trouble. If you are careful, you won't. I have once,
in my 30 years or so as a professional developer, had malware on a
computer - when I accidentally booted from an infected 3.5" floppy.
Now, there is no doubt it is a lot easier to get problems accidentally
with Windows - the target is bigger, the software quality is often
poorer, the pressure to click "OK" is higher, and the sources are not controlled. But I think you would have a very hard time finding clear evidence or statistics showing significant security differences between
any of the *nix systems that is inherent in the system - it all comes
down to who uses it, and what programs they run.
Similarly, on the server side it is a matter of making sure that the
only ports accessible from outside, are the ones that you want to be accessible. Lock down "risky" ports appropriately, such as very good
password and/or passwordless keys for ssh, using connection limits to
stop brute force attacks, and so on. You do all this on your
firewall/router - the server system doesn't matter.
Then it is about the server software you run, and the website setup. The server OS is irrelevant in comparison. If you've got Java and use the
log4j (if I remember the name correctly) with its vulnerability, then
you are in /exactly/ the same position with Sparc/Solaris, NetBSD/68k, Linux/x86-64, or whatever. And if you've got a website that does not
have such risks, you don't have a problem.
Security is not an end result, it's a process. It is never absolute, and
too much security is as bad as too little (after all, your system can
always be made more secure by pulling out the plug). You want security
that is /good enough/. When you have less chance of script-kiddie and drive-by attacks than the chances of a lightning strike or flood, and
when targetted attacks are easier by breaking down your door and
stealing your server, your security is good enough (for now).
Windows is here on sufferance
and run FreeBSD as the main software dev system. Always did like
Solaris, mainly for the zfs file system, zones and just the general
robustness of the os and the hardware. Have built and used cross
gnu for both 68K and arm, and here's quite a bit of history that
openindiana will hopefully provide continuity for, even though some
rebuilding will be needed. A bit of an experiment, but the cost of
energy, ever increasing, means some compromise needed in the number
and type of machines running 24x7. Save around 200 watts by replacing
the Sun and disk array with a 1U i5 based machine. If it doesn't
work out, Freebsd with zfs and jails will be the preferred solution.
You saved 200 W ? I don't know what kind of traffic you are seeing and
what kind of site you are serving on your web server, but it can't be
too demanding if it ran on an old Sun machine. You could probably run it
on a Raspberry Pi 4, or an x86 mini PC like an ASUS PN50 or similar.
FreeBSD is the os of choice now. Much more lean and less bloat than
Linux. Docs and package availability excellent. The Arm X
compiler tools being just a package install, for example and a full
set of gnu related tools out of the box as well. Still a makefile
environment here, xnedit editor, less is more etc...
Chris
On 09/16/22 08:51, David Brown wrote:
On 14/09/2022 18:41, chris wrote:
On 9/14/22 14:36, David Brown wrote:
On 14/09/2022 13:07, chris wrote:
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or >>>>>> start a discussion about anything related to embedded programming, >>>>>> microcontrollers, etc. There is not a lot of traffic in this
group, but there are quite a number of regulars who will see posts >>>>>> and jump in if there is something interesting to talk about. It's >>>>>> a sleepy group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and >>>>> email and had to import settngs etc from a previous host. Long term
association with Sun Sparc has been broken, as the cost of keeping
them powered up is becoming oppressive. This machine is running open >>>>> Indiana hipster, an open solaris fork and so far, seems very good.
Mate
desktop and a fresh zfs pool. almost duplicates the Solaris 10 used
for a decade or more. I try to evaluate several os's a year and have >>>>> looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird 102, >>>>> replacing the old version 10, used for years here...
Chris
This is not exactly on-topic for the group, but I expect people will
figure that out from the subject, and it's not as though on-topic
threads are getting lost in the crowd!
I haven't used a Sparc since a Sun-4 at university, nearly thirty
years ago. I didn't think they had been much used for workstations
for decades (though they were of course found in some kinds of
servers, big iron and supercomputers until much more recently).
What factors lead you to OpenIndiana, rather than a more mainstream
alternative like Linux or at least FreeBSD? Of course you can
compile a lot of *nix software for it, as it is a perfectly standard
POSIX system, but you're going to have a lot more challenge with
anything pre-built. And like it or not, that's almost unavoidable for
a lot of embedded development.
Will try to bring it back on topic, but what factors ?. Have been
using Sparc based machines as a more secure solution for main server
tasks, but also ftp and web server, as well as a desktop for some
software and other development work.
More "secure" than what? Secure against what?
As long as you take a few basic precautions (such as a solid firewall),
a desktop is as secure as the person using it - regardless of the
system. If you run random programs from random places, click on random
links without thought, believe emails telling you about free bitcoins,
then you'll get in trouble. If you are careful, you won't. I have once,
in my 30 years or so as a professional developer, had malware on a
computer - when I accidentally booted from an infected 3.5" floppy.
Now, there is no doubt it is a lot easier to get problems accidentally
with Windows - the target is bigger, the software quality is often
poorer, the pressure to click "OK" is higher, and the sources are not
controlled. But I think you would have a very hard time finding clear
evidence or statistics showing significant security differences between
any of the *nix systems that is inherent in the system - it all comes
down to who uses it, and what programs they run.
Similarly, on the server side it is a matter of making sure that the
only ports accessible from outside, are the ones that you want to be
accessible. Lock down "risky" ports appropriately, such as very good
password and/or passwordless keys for ssh, using connection limits to
stop brute force attacks, and so on. You do all this on your
firewall/router - the server system doesn't matter.
Then it is about the server software you run, and the website setup. The
server OS is irrelevant in comparison. If you've got Java and use the
log4j (if I remember the name correctly) with its vulnerability, then
you are in /exactly/ the same position with Sparc/Solaris, NetBSD/68k,
Linux/x86-64, or whatever. And if you've got a website that does not
have such risks, you don't have a problem.
Security is not an end result, it's a process. It is never absolute, and
too much security is as bad as too little (after all, your system can
always be made more secure by pulling out the plug). You want security
that is /good enough/. When you have less chance of script-kiddie and
drive-by attacks than the chances of a lightning strike or flood, and
when targetted attacks are easier by breaking down your door and
stealing your server, your security is good enough (for now).
Windows is here on sufferance
and run FreeBSD as the main software dev system. Always did like
Solaris, mainly for the zfs file system, zones and just the general
robustness of the os and the hardware. Have built and used cross
gnu for both 68K and arm, and here's quite a bit of history that
openindiana will hopefully provide continuity for, even though some
rebuilding will be needed. A bit of an experiment, but the cost of
energy, ever increasing, means some compromise needed in the number
and type of machines running 24x7. Save around 200 watts by replacing
the Sun and disk array with a 1U i5 based machine. If it doesn't
work out, Freebsd with zfs and jails will be the preferred solution.
You saved 200 W ? I don't know what kind of traffic you are seeing and
what kind of site you are serving on your web server, but it can't be
too demanding if it ran on an old Sun machine. You could probably run it
on a Raspberry Pi 4, or an x86 mini PC like an ASUS PN50 or similar.
FreeBSD is the os of choice now. Much more lean and less bloat than
Linux. Docs and package availability excellent. The Arm X
compiler tools being just a package install, for example and a full
set of gnu related tools out of the box as well. Still a makefile
environment here, xnedit editor, less is more etc...
Chris
More secure in that X86 binaries won't execute on sparc or any other
arch hardware. A small point, but since many exploits depend on
getting a binary executable into the the target machine, then running
it, just one of the many things that constitute an overall security
frame work.
Assuming that any security can be broken given sufficient
resources, the idea is to make it as difficult as possible and not
worth the return on investment to try and break a given system.
Anyway, HP are to release a Proliant Arm based server in the next
year, which might be interesting. Arm in a commodity server package,
now all we need is an arm based workstation...
On 20/09/2022 13:30, chris wrote:
On 09/16/22 08:51, David Brown wrote:
On 14/09/2022 18:41, chris wrote:
On 9/14/22 14:36, David Brown wrote:
On 14/09/2022 13:07, chris wrote:
On 9/14/22 07:58, David Brown wrote:
On 13/09/2022 15:11, chris wrote:
Hello, test
Your Usenet setup is working. So now you can post your question or >>>>>>> start a discussion about anything related to embedded programming, >>>>>>> microcontrollers, etc. There is not a lot of traffic in this
group, but there are quite a number of regulars who will see posts >>>>>>> and jump in if there is something interesting to talk about. It's >>>>>>> a sleepy group - we just need someone to wake us up!
Good morning David. Have just upgraded the host I use for usenet and >>>>>> email and had to import settngs etc from a previous host. Long term >>>>>> association with Sun Sparc has been broken, as the cost of keeping >>>>>> them powered up is becoming oppressive. This machine is running open >>>>>> Indiana hipster, an open solaris fork and so far, seems very good. >>>>>> Mate
desktop and a fresh zfs pool. almost duplicates the Solaris 10 used >>>>>> for a decade or more. I try to evaluate several os's a year and have >>>>>> looked at Open Solaris in the past, but this is the first serious
evaluation. Still getting used to the bang up to date Thunderbird
102,
replacing the old version 10, used for years here...
Chris
This is not exactly on-topic for the group, but I expect people will >>>>> figure that out from the subject, and it's not as though on-topic
threads are getting lost in the crowd!
I haven't used a Sparc since a Sun-4 at university, nearly thirty
years ago. I didn't think they had been much used for workstations >>>>> for decades (though they were of course found in some kinds of
servers, big iron and supercomputers until much more recently).
What factors lead you to OpenIndiana, rather than a more mainstream
alternative like Linux or at least FreeBSD? Of course you can
compile a lot of *nix software for it, as it is a perfectly standard >>>>> POSIX system, but you're going to have a lot more challenge with
anything pre-built. And like it or not, that's almost unavoidable for >>>>> a lot of embedded development.
Will try to bring it back on topic, but what factors ?. Have been
using Sparc based machines as a more secure solution for main server
tasks, but also ftp and web server, as well as a desktop for some
software and other development work.
More "secure" than what? Secure against what?
As long as you take a few basic precautions (such as a solid firewall),
a desktop is as secure as the person using it - regardless of the
system. If you run random programs from random places, click on random
links without thought, believe emails telling you about free bitcoins,
then you'll get in trouble. If you are careful, you won't. I have once,
in my 30 years or so as a professional developer, had malware on a
computer - when I accidentally booted from an infected 3.5" floppy.
Now, there is no doubt it is a lot easier to get problems accidentally
with Windows - the target is bigger, the software quality is often
poorer, the pressure to click "OK" is higher, and the sources are not
controlled. But I think you would have a very hard time finding clear
evidence or statistics showing significant security differences between
any of the *nix systems that is inherent in the system - it all comes
down to who uses it, and what programs they run.
Similarly, on the server side it is a matter of making sure that the
only ports accessible from outside, are the ones that you want to be
accessible. Lock down "risky" ports appropriately, such as very good
password and/or passwordless keys for ssh, using connection limits to
stop brute force attacks, and so on. You do all this on your
firewall/router - the server system doesn't matter.
Then it is about the server software you run, and the website setup. The >>> server OS is irrelevant in comparison. If you've got Java and use the
log4j (if I remember the name correctly) with its vulnerability, then
you are in /exactly/ the same position with Sparc/Solaris, NetBSD/68k,
Linux/x86-64, or whatever. And if you've got a website that does not
have such risks, you don't have a problem.
Security is not an end result, it's a process. It is never absolute, and >>> too much security is as bad as too little (after all, your system can
always be made more secure by pulling out the plug). You want security
that is /good enough/. When you have less chance of script-kiddie and
drive-by attacks than the chances of a lightning strike or flood, and
when targetted attacks are easier by breaking down your door and
stealing your server, your security is good enough (for now).
Windows is here on sufferance
and run FreeBSD as the main software dev system. Always did like
Solaris, mainly for the zfs file system, zones and just the general
robustness of the os and the hardware. Have built and used cross
gnu for both 68K and arm, and here's quite a bit of history that
openindiana will hopefully provide continuity for, even though some
rebuilding will be needed. A bit of an experiment, but the cost of
energy, ever increasing, means some compromise needed in the number
and type of machines running 24x7. Save around 200 watts by replacing
the Sun and disk array with a 1U i5 based machine. If it doesn't
work out, Freebsd with zfs and jails will be the preferred solution.
You saved 200 W ? I don't know what kind of traffic you are seeing and
what kind of site you are serving on your web server, but it can't be
too demanding if it ran on an old Sun machine. You could probably run it >>> on a Raspberry Pi 4, or an x86 mini PC like an ASUS PN50 or similar.
FreeBSD is the os of choice now. Much more lean and less bloat than
Linux. Docs and package availability excellent. The Arm X
compiler tools being just a package install, for example and a full
set of gnu related tools out of the box as well. Still a makefile
environment here, xnedit editor, less is more etc...
Chris
More secure in that X86 binaries won't execute on sparc or any other
arch hardware. A small point, but since many exploits depend on
getting a binary executable into the the target machine, then running
it, just one of the many things that constitute an overall security
frame work.
There are perhaps two main kinds of malware, and three main kinds of
other attacks. (There are plenty of others, but they are relatively
rare in comparison.)
One kind of malware is Windows software. You don't get that without Windows, or at least Wine (and you are usually explicit about which
programs you run with Wine). The other kind of malware is scripts and
small bits of code, run on interpreted languages - bash, python, java,
etc. These run as well on a Sparc as anything else.
One kind of attack is targeting weak passwords or authentication.
Another is targeting poor security in websites. A third kind attacks
flaws in software and tries to inject code. It is only this third type
that is at all influenced by the processor you use.
Running on a Sparc rather than an ARM or x86 is at best a very small
security benefit. And for every person running a server program on a
Sparc, there are 10,000 others running it on x86 - there are more x86-specific attackers, but also many more x86-specific defenders. Sparc
has not been "mainstream" for decades, and does not see close to the
level of care and maintenance that you get in x86 and ARM. (Of course,
the majority of the code you are running is not sparc-specific.)
Assuming that any security can be broken given sufficient
resources, the idea is to make it as difficult as possible and not
worth the return on investment to try and break a given system.
True. But using a weird platform that "nobody" has ever heard of does
not necessarily help. The biggest risk for any significant web site is
the web site code - PHP, Java, etc., along with SQL flaws, not machine
code.
On 9/20/2022 17:20, David Brown wrote:
Running on a Sparc rather than an ARM or x86 is at best a very small
security benefit. And for every person running a server program on a
Sparc, there are 10,000 others running it on x86 - there are more
x86-specific attackers, but also many more x86-specific defenders.
Sparc has not been "mainstream" for decades, and does not see close to
the level of care and maintenance that you get in x86 and ARM. (Of
course, the majority of the code you are running is not sparc-specific.)
Begin mainstream unavoidably makes you more vulnerable, no matter
what the "defenders" do. In fact the way x86 and ARM code is going soon neither the attackers nor the defenders will know what is going on
(recently on a windows 10 laptop, after yet another update, their
player told me I had not enough memory on the machine to play
that video... The *entire* file (mp4) was 2G, the frame was 1920x1080,
laptop memory 8G. At 24 fps they can easily buffer >20 seconds ahead
in 4G memory - which they had free according to their "task manager"
or whatever it was.
Mass illiteracy in today's mainstream coding does not make you safer,
it just gives you a false feeling about safety because of being "like everyone else". The latter works to some extent say for food, buying
from a large chain lowers a lot your chances to be the first one
eating something poisonous before word goes out, but with code things
go just much faster.
Assuming that any security can be broken given sufficient
resources, the idea is to make it as difficult as possible and not
worth the return on investment to try and break a given system.
True. But using a weird platform that "nobody" has ever heard of does
not necessarily help. The biggest risk for any significant web site
is the web site code - PHP, Java, etc., along with SQL flaws, not
machine code.
Using a platform "nobody" has ever heard of does have huge security
benefits.
Good luck say accessing my sources which have never seen another but a
DPS machine.
On 20/09/2022 17:10, Dimiter_Popoff wrote:
On 9/20/2022 17:20, David Brown wrote:
Just to be clear - we are talking about security on *nix systems here. Windows, while much better than it used to be, has countless additional opportunities for malware and breakins. We are also talking primarily
about servers rather than desktops - it's the desktop user that is the
main security flaw on most desktops!
Mass illiteracy in today's mainstream coding does not make you safer,
it just gives you a false feeling about safety because of being "like
everyone else". The latter works to some extent say for food, buying
from a large chain lowers a lot your chances to be the first one
eating something poisonous before word goes out, but with code things
go just much faster.
I am assuming that he is running serious server software, rather than
some random code found somewhere. Yes, there is a lot of rubbish
software written by people who should be kept well away from any
computers - but that's not the kind of people that write apache,
pure-ftpd, or whatever server software he is using, nor the OpenSolaris, FreeBSD or Linux kernels. I am not suggesting that these programs are perfect, but you /do/ have to consider whether code that is massively
used, regularly checked and audited and backed by big names with lots of money and resources, is going to catch problems faster than something
used by perhaps a few hundred people. If a flaw is found in the PHP
runtime libraries, it will affect you whether you are using an
OpenSolaris descendent on SPARC or Red Hat on x86. But when the fix is
made the updated version will be in the Red Hat repositories as fast as possible - usually long before public announcements are made. When will your OpenSolaris system get fixed, do you think?
Any choices can have security implications, and there are no magic
bullets - choosing your platform and server software will make some
issues more likely, others less likely. All you can do is try to find a balance that reduces the risks to as low as practically achievable
within desired budget, administrator experience, etc.
Assuming that any security can be broken given sufficient
resources, the idea is to make it as difficult as possible and not
worth the return on investment to try and break a given system.
True. But using a weird platform that "nobody" has ever heard of
does not necessarily help. The biggest risk for any significant web
site is the web site code - PHP, Java, etc., along with SQL flaws,
not machine code.
Using a platform "nobody" has ever heard of does have huge security
benefits.
Good luck say accessing my sources which have never seen another but a
DPS machine.
Again, there are pros and cons. Sure, no one is going to find a flaw
based on their understanding of the source code. Equally, however, no
one is going to help /you/ find flaws in the design.
The success of open source, and its vastly better track record on
security in comparison to close source software, has shown that having
source code available and having lots of users and developers is a good
thing on balance. It's not perfect, and mistakes happen, but they are usually found and corrected faster, and the chances of long-lasting
flaws is smaller.
That does not mean it is the "best" model for all software or all uses, regardless of how you want to judge "best". But for general server software, you should have good reason before picking something other
than "industry best practice" software.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 299 |
Nodes: | 16 (2 / 14) |
Uptime: | 73:56:48 |
Calls: | 6,694 |
Calls today: | 4 |
Files: | 12,228 |
Messages: | 5,346,929 |
Posted today: | 1 |