[linux-elitists] Firefox Profiles are a Good Idea

Karsten M. Self karsten@linuxmafia.com
Tue Dec 4 17:39:22 PST 2007


on Tue, Dec 04, 2007 at 05:04:30PM -0800, James Sparenberg (james@linuxrebel.org) wrote:
> On Saturday 01 December 2007 08:28:20 pm Ruben Safir wrote:
> > On Fri, Nov 30, 2007 at 09:32:14PM -0800, Don Marti wrote:
> > > begin Karsten M. Self quotation of Mon, Nov 26, 2007 at 
> 12:36:14PM -0800:

<Digressed thread on Firefox profile merits/demerits snipped>


> I've tended to notice that there seem to be two camps within the Linux 
> community.  
> 
> Camp #1  "I know what is best for you, so since I don't want to do it 
> you aren't allowed to do it."
> 
> Camp #2 "I don't care what features it has, as long as I'm not forced 
> to use the ones I don't like."  
> 
> I'll personally stick with camp #2 .... acknowledge that Nokia is in 
> camp #1 (long story) and move on.  
> 
> But really does it hurt you that someone else uses a product 
> differently than you?  

In an internetworked world, yes.  There are secondary effects, and some
of them (Slammer, SoBig, spam in general) can be quite noxious.

Take a look at the ills plaguing the legacy MS Windows computing world,
and note how many of them boil down to really, really stupid (and
far-to-evident) bone-headed design decisions made years ago.  Many of
which were pointed out as stupid well before they were exploited.

This isn't to say that there aren't security issues with GNU/Linux (or
Mac OS X, or $PLATFORM_OF_CHOICE), but relatively few of these are
actual structural, philosophical, designed-in, hard-wired problems.
Most are more of the "implimentation error" type.  Sure, there've been
cases of poorly designed apps (or even protocols), but the modular
nature of the system as a whole makes it possible to rip out and replace
much of this over time.

Among the better discussions of the *structural* and *cultural* problems
affecting security in GNU/Linux, legacy MS Windows, and other operating
systems are:

  - My own "Spyware, Adware, Windows, GNU/Linux, and Software Culture"
    http://linuxmafia.com/~karsten/Rants/spyware.html

  - Nick Petreley's "Security Report: Windows vs. Linux"
    http://www.theregister.co.uk/security/security_report_windows_vs_linux/


There was another reference, possibly various comments regarding MS
Windows NT in Eric Raymond's _The Art of Unix Programming_ which also
pointed to differences between Linux and Microsoft's platforms.  See:

    http://www.faqs.org/docs/artu/
    http://www.linuxtoday.com/news_story.php3?ltsn=2000-04-15-018-06-SC

... though I think Eric's somewhat given to hyperbole, his technical
points are generally pretty good.


I don't know that Mozilla is doing anything particularly harmful here,
though I'm not convinced that they aren't either.  I'm pretty damned
sure they're doing something that's not particularly necessary or useful
on any modern OS, as previously detailed.


For other bad examples closer to home, the long, tortuous journey of PHP
toward security awareness and implementation shows that it's not just
Mozilla and Microsoft that can screw it up badly.

    http://www.sitepoint.com/article/php-security-blunders
    http://www.devshed.com/c/a/PHP/PHP-Security-Mistakes/
    http://www.developer.com/lang/article.php/918141
    http://blog.php-security.org/


Peace.

-- 
Karsten M. Self <karsten@linuxmafia.com>        http://linuxmafia.com/~karsten
    Ceterum censeo, Caldera delenda est.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20071204/32840e3a/attachment.pgp 


More information about the linux-elitists mailing list