The HeliOS Project is now.....

The HeliOS Project is now.....
Same mission, same folks...just a different name

Search the Blog of helios and all comments


Saturday, April 05, 2008

Pwn 2 Own - The Point That's Being Missed

As an advocate of Linux, it's hard not to gloat just a bit...the whole "last man standing" thing with the Pwn 2 Own competition having wrapped up.

Yep...couldn't take us down with a head start.

Is that broken glass I hear...someone must have broken a Window.

Hit the road Mac, and dontcha come back no more, no more, no more, no more...

Ok, that's enough.

For now.

Here's my point, short and sweet. The Linux box couldn't be hacked with the friggin' blueprints to the system right in front of them. Think about what you've just read. Vista?

Propware...closed code. Proprietary system...Fort Knox-type security on that code.

Mac? Ditto.

Linux? Open Source, open code, open system.

With all that "open-ness", it sure seems ironic that so many doors got slammed in so many faces. Now I don't know any of these guys personally but I know their abilities and their dedication from a professional standpoint. Some Vista fanboi went as far as to say they didn't try hard enough because they didn't want Linux to look bad.

For Ten Grand, I'd make my own sister look bad.

But then we'd split the money.

So no long rant or rave here...just pointing out the obvious. These guys had the keys in their hands and couldn't turn the lock.

I know how many people read this blog...and I also know how many people really care if others are ever freed from Microsoft shackles. We talk on a regular basis.

About 106 of you. The rest may have their reasons for not caring...maybe it's a lack of social skills. Maybe it's just that they don't have time.

Or maybe they are digital welfare recipients just waiting for their next distro/check to hit the mailbox/distrowatch so they can scoop up even more free, open source software.

And keep it for themselves while the person next to them struggles with viruses and a constant BSOD.

But for the 106 of you that do care...this is an excellent point to make when you explain to our Windows-enslaved brothers and sisters why they need to switch operating systems.

Oh, and that remark about digital welfare recipients? That wasn't nice of me at all. Truth of the matter is, we've gotten a rush of offers to help along with requests for assistance as to how they could best help. It has been encouraging. But the welfare remark? It was fairly pointed.

And I meant every word of it. If you are selfish enough to watch others struggle while you have the ability to help them and choose not to...

An observation from some back-water blogger shouldn't bother you a bit.

All-Righty Then


kozmcrae said...

It seems I was reacting more to that idiotic moniker the clueless press attached to the survivability of Linux in a hostile attack. I forgot about the fact that everybody has complete access to the GNU/Linux blueprint. Good point.

Now I'd like to play a little thought experiment. If the bad guys had access to all the OS X code, then I think the Mac would still have been busted in 2 min., on the first day though. Vista? That's a different ball of 7 lb. fishing line entirely. A lottery would need to be offered for would-be attackers. Only a few dozen chosen. In addition to the first-to-crack contest (precision time kept by OMEGA), different events like the "oldest security hole" and vulnerabilities that are associated with Easter eggs that reference Steve Ballmer could be held too. This is just what I came up with between a few mouthfuls of granola (whoops!).

Anonymous said...

Yeah, a point was missed all right.

You do realize that the author of the successful Windows hack said the same hack would have worked on OSX and Linux, because it was a cross platform flaw. The rules of the contest, however, did not allow the same hack to be used on more than one system. It just so happened that the attacker chose to use his one chance to use this exploit on Vista.

Don't gloat because you were chosen last for the dodgeball team.

kozmcrae said...

"You do realize that the author of the successful Windows hack said the same hack would have worked on OSX and Linux, because it was a cross platform flaw."

Very much so. But it appears that you didn't get the point that I don't buy into that "unhackable Linux" crap the press made up to hook readers into reading their nonsense. A bullet proof OS doesn't exist. Linux is hackable. But one of the main reasons I'm writing these words on a Linux computer is because it doesn't "invite" the bad guys in. Linux doesn't require any special attention or money to keep it safe. So just because that hack should have worked on Linux, it doesn't bring the Open Source operating system down to the abysmal level of Microsoft's offerings.

Unknown said...

I used to be quite good at making up excuses when I failed at a particular problem. to say that "I could have done it with a little more time" is as lame as the Windows Business Plan. reality, I am not gloating at all. To be honest? I can hack any Linux Machine made given the time...or almost any, if we're talking about regular desktops. In my black hat days, I chose my easiest targets...and trust me, IBM's fledgling system was as tough as Linux anyday.

No...Gloating I am not...bringing up a point I am. If he thought he had a shot with Linux he would have picked it instead of Windows. did you miss THAT point? To say that "with a little work he could have done it" may be true.

Fact is, he didn't

That negates all the "could have's he can sputter.


Anonymous said...

Well stated helios...he made a B-Line for the Windoze Box for a reason...a reson that is obvious to anyone who has a clue. Looks like your reader who made it a point to quote the hacker didn't take that into consideration.

Of course, when I'm trying to shoot someone's point down I try to muddy the argument as well. You seem to handle that tactic well.

Great read as always old boy.


Anonymous said...

Pwn2Own made headlines, whether the people reading them understood what the heck it was or not. I think that it could be a great opportunity to get organizations and businesses thinking about the possiblity of going to Linux. I know I have been advocating for it at my workplace, but this contest gives me a much more tangible argument to my tech-illiterate supervisors as to why its a good idea.