[ Thanks to Kevin
Reichard for this link. ]
“I have a bone to pick with most, maybe all, Linux distributors:
Why in the world do they ship such security nightmares? To their
credit, many stay on top of security issues, sending urgent
messages to registered users and mailing list subscribers when a
potential security exploit is found in a particular package, along
with workarounds, updated packages, or both. But the way that a lot
of distributions install by default, this is a lot like putting
locking lug nuts on the wheels while leaving the doors unlocked and
the key in the ignition.”
“If you’re running Linux and you have a technically savvy
friend, have that friend do a port scan of your machine sometime
and send you the results. You will be startled and probably
confused. Unless you’ve engaged in the wholesale turning off of
services, your machine is more than likely wide open to script
kiddies and, potentially worse, people who really know what they’re
doing. The script kiddies are vandals. There are real criminals out
there, who steal stuff.”
“Linux is fundamentally a pretty secure system. Why should
distributors make it less so?”