Re: [Linux Security]

[SWAPS <swaps@xxxxxxxxxxxx>]

Krishnan Venkatachalam <vk@xxxxxxxxxxxx> wrote:
> I had an interesting discussion with a friend who thought that
> "Proprietary Unices" were a better hedge as regards security than an OS
> like Linux which is developed over the net and whose "Source Code" was
> freely available. His argument was that since the "Code" was available
> the OS could be compromised more easily.
> 
> My argument was that the security setup in any OS is more of an art and
> is a continuous process and, that a known "glitches" were any day better
> than unknown "holes" in a proprietary system and is a lot dependent on
> the person implementing it. I also mentioned about the prolific use of
> Linux on the Net.

There has been some discussion on this topic in this forum some time back. You
can look at the archives to re-live those times. The upshot is that security
is not implemented by hiding things but by implementing strong algorithms. 
To give an analogy: take the case of locks. Which one do you rely more, a lock
which uses number sequence to unlock (I think it is called combination lock)
or a traditional lock whose mechanism is known to everybody. In the first case
people can guess the numbers but in the second case he has to have the exact
key/impression. Linux does not hide the code but makes the result product
tough to break unless you get the right key.

HTH
- -swaps

____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.
- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/
Linux India is NOT a forum for Microsoft/India/Pakistan/US/UK bashing.
Flame baits will not be tolerated.  If you can appreciate satire read
http://www.templetons.com/brad/emily.html

------------------------------