On Sep 27, 12:28 pm, "Ms. Polly Ester" <pes...******.net> wrote:
> http://news.yahoo.com/s/cmp/20070927...ylt=AiieE0MGKY...
>
> Fearing the restrictions it places on their work, the majority of open
> source software developers do not plan to publish code in the next year
> under a controversial new license authored by the main governing body for
> open source and free software, according to a survey released Wednesday.
>
> In addition, more than 40% of those surveyed said they won't ever publish
> their work under Version 3 of the General Public License, which was released
> earlier this year by the Free Software Foundation. "GPLv3 is controversial
> because it imposes restrictions on what you can do with programs," said John
> Andrews, CEO of survey taker Evans Data, in a statement.


More fragmentation to put some more nails in the Linux coffin.
At some point the Linux loons will figure out that all of these spin
offs are not a good thing for Linux.

With 700+ different versions of Linux and now new GPL3 it's just more
confusion for the suits that make the decisions.
Microsoft makes it easy for those types.
Linux makes it a clusterfsck.

pus.boy99******.com wrote:

> On Sep 27, 12:28 pm, "Ms. Polly Ester" <pes...******.net> wrote:
>> http://news.yahoo.com/s/cmp/20070927...ylt=AiieE0MGKY...
>>
>> Fearing the restrictions it places on their work, the majority of open
>> source software developers do not plan to publish code in the next year
>> under a controversial new license authored by the main governing body for
>> open source and free software, according to a survey released Wednesday.
>>
>> In addition, more than 40% of those surveyed said they won't ever publish
>> their work under Version 3 of the General Public License, which was
>> released earlier this year by the Free Software Foundation. "GPLv3 is
>> controversial because it imposes restrictions on what you can do with
>> programs," said John Andrews, CEO of survey taker Evans Data, in a
>> statement.
>
>
> More fragmentation to put some more nails in the Linux coffin.
> At some point the Linux loons will figure out that all of these spin
> offs are not a good thing for Linux.
>
> With 700+ different versions of Linux and now new GPL3 it's just more
> confusion for the suits that make the decisions.
> Microsoft makes it easy for those types.
> Linux makes it a clusterfsck.


There are more Linux clusters that windopws clusters.
There are more open source developers than Micoshaft developers.
75% of all new projects are open source.
Its time to switch to Linux and be done with.
See the advanced technology in action here
http://www.livecdlist.com
Just download and boot from CD.
All your drivers automagically configured.
No amount of Pistification of your Pista PC will
compare with a Linux PC.
http://www.distrowatch.com for more in depth reviews.

"7" <website_has_email@www.enemygadgets.com> wrote in message
news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...



> See the advanced technology in action here
> http://www.livecdlist.com
> Just download and boot from CD.

You must be joking.. nobody in their right mind would download a self
booting CD recommended by anyone they didn't know.
It could do absolutely anything to the machine you boot it on.
Its just the sort of thing a hacker would try to get you to do.
It would be a **** good way to root Linux boxes BTW.

In comp.os.linux.advocacy, 7
<website_has_email@www.enemygadgets.com>
wrote
on Thu, 27 Sep 2007 20:25:36 GMT
<4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk> :
> pus.boy99******.com wrote:
>
>> On Sep 27, 12:28 pm, "Ms. Polly Ester" <pes...******.net> wrote:
>>> http://news.yahoo.com/s/cmp/20070927...ylt=AiieE0MGKY...
>>>
>>> Fearing the restrictions it places on their work, the majority of open
>>> source software developers do not plan to publish code in the next year
>>> under a controversial new license authored by the main governing body for
>>> open source and free software, according to a survey released Wednesday.
>>>
>>> In addition, more than 40% of those surveyed said they won't ever publish
>>> their work under Version 3 of the General Public License, which was
>>> released earlier this year by the Free Software Foundation. "GPLv3 is
>>> controversial because it imposes restrictions on what you can do with
>>> programs," said John Andrews, CEO of survey taker Evans Data, in a
>>> statement.
>>
>>
>> More fragmentation to put some more nails in the Linux coffin.
>> At some point the Linux loons will figure out that all of these spin
>> offs are not a good thing for Linux.
>>
>> With 700+ different versions of Linux and now new GPL3 it's just more
>> confusion for the suits that make the decisions.
>> Microsoft makes it easy for those types.
>> Linux makes it a clusterfsck.
>
>
> There are more Linux clusters that windopws clusters.

True, but I'm not sure as to its relevance. Most users
won't play "build the grid". Of course, most users use
Microsoft (unfortunately for them), so there's some issues
there... :-)

> There are more open source developers than Micoshaft developers.

I wish I knew how to verify that. It's probably true, though
a lot of freeware / shareware source code is targeted at Windows.

> 75% of all new projects are open source.

Ditto.

> Its time to switch to Linux and be done with.

Conquering all of the world's desktop ... one user at a time. :-)

> See the advanced technology in action here
> http://www.livecdlist.com
> Just download and boot from CD.

One of the things Windows cannot do. (At least legally! :-) )

> All your drivers automagically configured.
> No amount of Pistification of your Pista PC will
> compare with a Linux PC.

Oh, but gotta love the hypnotically pretty backdrops... :-)

> http://www.distrowatch.com for more in depth reviews.
>


--
#191, ewill3@earthlink.net
Useless C++ Programming Idea #8830129:
std::set<...> v; for(..:iterator i = v.begin(); i != v.end(); i++)
if(*i == thing) {...}

--
Posted via a free Usenet account from http://www.teranews.com

Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>
> "7" <website_has_email@www.enemygadgets.com> wrote in message
> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>
>
>
>> See the advanced technology in action here
>> http://www.livecdlist.com
>> Just download and boot from CD.
>
> You must be joking.. nobody in their right mind would download a self
> booting CD recommended by anyone they didn't know.
> It could do absolutely anything to the machine you boot it on.
> Its just the sort of thing a hacker would try to get you to do.
> It would be a **** good way to root Linux boxes BTW.

100% wrong!!!

Linux distributions come with source code.
If you don't trust a distro, you can make it yourself
with the original source code.

Begs the question which corporation is gonna trust a micoshaft CD that has
no accompanying source code?
Micoshaft recommend their install CDs which are self booting
and you have no access to their source code to know
whats in a Micoshaft CD!!!

All Linux CDs come *WITH* source code so that you can be sure
that no viruses or other crap spyware and adware has been put into it.

That is a fundmantal distinction between open source Linux
and closed source untrustworthy Micoshaft sponsored products.

dennis@home wrote:

>
> "7" <website_has_email@www.enemygadgets.com> wrote in message
> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>
>
>
>> See the advanced technology in action here
>> http://www.livecdlist.com
>> Just download and boot from CD.
>
> You must be joking.. nobody in their right mind would download a self
> booting CD recommended by anyone they didn't know.
> It could do absolutely anything to the machine you boot it on.
> Its just the sort of thing a hacker would try to get you to do.
> It would be a **** good way to root Linux boxes BTW.

Idiot.

--
Operating systems:
FreeBSD 6.2, Debian 4.0
PCLinuxOS 2007, (K)Ubuntu 7.04
Ubuntu 7.10 "Gutsy" alpha - Tribe 5

On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>
> "7" <website_has_email@www.enemygadgets.com> wrote in message
> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>
>
>
>> See the advanced technology in action here
>> http://www.livecdlist.com
>> Just download and boot from CD.
>
> You must be joking.. nobody in their right mind would download a self
> booting CD recommended by anyone they didn't know.

Strangely enough, though 7 is a loon, he's not the sort of loon to
recommend you trash your machine from some roague CD. The list is genuine.

> It could do absolutely anything to the machine you boot it on.

Actually, no. Some don't even make it easy or possible to have write
access to your drives

> Its just the sort of thing a hacker would try to get you to do.
> It would be a **** good way to root Linux boxes BTW.

Well, I've used dozens of LiveCDs over the past few years, and not one has
ever harmed my PCs. On the contrary, they've helped me save data when
hardware went tit's-up.

--
Kier

"7" <website_has_email@www.enemygadgets.com> wrote in message
news:dOVKi.21730$c_1.2486@text.news.blueyonder.co. uk...
> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:
>
>>
>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>
>>
>>
>>> See the advanced technology in action here
>>> http://www.livecdlist.com
>>> Just download and boot from CD.
>>
>> You must be joking.. nobody in their right mind would download a self
>> booting CD recommended by anyone they didn't know.
>> It could do absolutely anything to the machine you boot it on.
>> Its just the sort of thing a hacker would try to get you to do.
>> It would be a **** good way to root Linux boxes BTW.
>
> 100% wrong!!!

You shouldn't be so certain, the Internet is full of nasty clever people
that will eat you for breakfast.

> Linux distributions come with source code.
> If you don't trust a distro, you can make it yourself
> with the original source code.
>
> Begs the question which corporation is gonna trust a micoshaft CD that has
> no accompanying source code?
> Micoshaft recommend their install CDs which are self booting
> and you have no access to their source code to know
> whats in a Micoshaft CD!!!
>
> All Linux CDs come *WITH* source code so that you can be sure
> that no viruses or other crap spyware and adware has been put into it.

Rubbish.
They don't all come with source, and you will find it hard to compile it and
make your own.
You have no way to actually know a live CD is safe unless you know where it
came from and you know they can be trusted.

>
> That is a fundmantal distinction between open source Linux
> and closed source untrustworthy Micoshaft sponsored products.

You are letting irrational hate get in the way of logic.
You would make an ideal target for a hacker.

William Poaster wrote:
> dennis@home wrote:
>
>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>
>>
>>
>>> See the advanced technology in action here
>>> http://www.livecdlist.com
>>> Just download and boot from CD.
>> You must be joking.. nobody in their right mind would download a self
>> booting CD recommended by anyone they didn't know.
>> It could do absolutely anything to the machine you boot it on.
>> Its just the sort of thing a hacker would try to get you to do.
>> It would be a **** good way to root Linux boxes BTW.
>
> Idiot.
>

<Are all the Linux Lunatic trolls posting to the Vista NG now? You and 7
are jokes. You two have been in bed with each other too many times.
Please, no one wants to see you two with your sloppy seconds sex act.>

7 wrote:
> pus.boy99******.com wrote:
>
>
>>On Sep 27, 12:28 pm, "Ms. Polly Ester" <pes...******.net> wrote:
>>
>>>http://news.yahoo.com/s/cmp/20070927...ylt=AiieE0MGKY...
>>>
>>>Fearing the restrictions it places on their work, the majority of open
>>>source software developers do not plan to publish code in the next year
>>>under a controversial new license authored by the main governing body for
>>>open source and free software, according to a survey released Wednesday.
>>>
>>>In addition, more than 40% of those surveyed said they won't ever publish
>>>their work under Version 3 of the General Public License, which was
>>>released earlier this year by the Free Software Foundation. "GPLv3 is
>>>controversial because it imposes restrictions on what you can do with
>>>programs," said John Andrews, CEO of survey taker Evans Data, in a
>>>statement.
>>
>>
>>More fragmentation to put some more nails in the Linux coffin.
>>At some point the Linux loons will figure out that all of these spin
>>offs are not a good thing for Linux.
>>
>>With 700+ different versions of Linux and now new GPL3 it's just more
>>confusion for the suits that make the decisions.
>>Microsoft makes it easy for those types.
>>Linux makes it a clusterfsck.
>
>
>
> There are more Linux clusters that windopws clusters.
> There are more open source developers than Micoshaft developers.
> 75% of all new projects are open source.
> Its time to switch to Linux and be done with.
> See the advanced technology in action here
> http://www.livecdlist.com
> Just download and boot from CD.
> All your drivers automagically configured.
> No amount of Pistification of your Pista PC will
> compare with a Linux PC.
> http://www.distrowatch.com for more in depth reviews.
>


So that what...just makes linux a bigger pile of crap?
Frank

In comp.os.linux.advocacy, 7
<website_has_email@www.enemygadgets.com>
wrote
on Thu, 27 Sep 2007 22:04:57 GMT
<dOVKi.21730$c_1.2486@text.news.blueyonder.co.uk >:
> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:
>
>>
>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>
>>
>>
>>> See the advanced technology in action here
>>> http://www.livecdlist.com
>>> Just download and boot from CD.
>>
>> You must be joking.. nobody in their right mind would download a self
>> booting CD recommended by anyone they didn't know.
>> It could do absolutely anything to the machine you boot it on.
>> Its just the sort of thing a hacker would try to get you to do.
>> It would be a **** good way to root Linux boxes BTW.
>
> 100% wrong!!!
>
> Linux distributions come with source code.
> If you don't trust a distro, you can make it yourself
> with the original source code.

Two words: compiler hack. While such are nowadays very
unlikely (especially since GCC builds itself using the
system's native compiler, then builds itself again using
itself -- and with Microsoft Windows far easier methods of
compromise are available, sad to say (!)), they're still
theoretically possible. Of course an audit of GCC's source
code might see the hack -- since GCC builds itself using
itself, a hack placed in the native compiler would most
likely vanish.

An urban legend has cc being hacked so that /bin/login
miscompiles in a subtle fashion, opening a hole
for an erstwhile hacker to wander in. Whether this
has actually ever occurred, I don't know offhand.
Snopes knows nothing about that particular
issue. Google coughed up a "baby_doe" attack:
http://www.mines.edu/fs_home/dlarue/cc/baby-doe.html .
This attack is fairly modern (1996), but was more of a
rootkit than a /bin/login recompile hack. (baby_doe
was the hostname of the machine that was compromised.)
A far more disturbing page (to Windows website
administrators) is
http://johnny.ihackstuff.com/ghdb.ph...=detail&id=327 .
Fortunately, that information is now over 3 years old.
Unfortunately, one wonders. Gentoo's package database
http://packages.gentoo.org/ is still down, reporting
a vaguely similar injection problem.

If I were feeling ultra-paranoid, I'd take a hex
keypad, some static RAM, a floppy controller chip[*], a display system (probably some LEDs and a
driver chip), and a floppy drive, and key in the
hexcodes myself. Of course, since the actual compiler
is at least 11 kB (spread out over several files in
/usr/libexec/gcc/i686-pc-linux-gnu/<version>)), not to
mention libc and a few other things, that might take
awhile....

>
> Begs the question which corporation is gonna trust a
> micoshaft CD that has no accompanying source code?

What CD? Most OEM systems are preloaded. At best, one
might get either an image CD prepared by the OEM, or a
Microsoft install kit, along with the preloaded system.

> Micoshaft recommend their install CDs which are self booting
> and you have no access to their source code to know
> whats in a Micoshaft CD!!!

Not quite true...though most people won't want to sign
NDAs. :-) I'm frankly not sure if money has to change
hands or not.

>
> All Linux CDs come *WITH* source code so that you can
> be sure that no viruses or other crap spyware and adware
> has been put into it.

Well...not quite true either, unless one goes through
all the trouble to compile the CD from scratch --
possible but would take some doing. (On Gentoo, I see
hints of options one might use while doing so; I've not
done sufficient research there to know precisely how
it's done. There is a Gentoo Linux LiveUSB HOWTO at
http://www.gentoo.org/doc/en/liveusb.xml , for those so
inclined; however, this is little more than copying the
CD image to the USB device.)

>
> That is a fundmantal distinction between open source Linux
> and closed source untrustworthy Micoshaft sponsored products.
>

At least with Linux one has a chance, if one's sufficiently
competent/technically inclined.
[*] one of the more interesting capabilities of the Amiga
was its ability to read and write somewhat arbitrary
floppy formats (including the IBM PC's), at least of
the 720kB-880kB era (the Manchester encoding was done by
the blitter). A Chinon modification is available to
read 1.44 MB diskettes (at half speed) but I don't think
I have such. The Amiga's native format can store up
to 880 kB, by mostly eliminating the inter-sector gap.
Since the Amiga is virtually immune to IBM PC viruses
(it's a different microprocessor!), it might be useful
here, and old Amigas are probably still flitting about.
Of course 720 kB isn't that big anymore...

--
#191, ewill3@earthlink.net
Conventional memory has to be one of the most UNconventional
architectures I've seen in a computer system.

--
Posted via a free Usenet account from http://www.teranews.com

7 wrote:
> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:
>
>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>
>>
>>
>>> See the advanced technology in action here
>>> http://www.livecdlist.com
>>> Just download and boot from CD.
>> You must be joking.. nobody in their right mind would download a self
>> booting CD recommended by anyone they didn't know.
>> It could do absolutely anything to the machine you boot it on.
>> Its just the sort of thing a hacker would try to get you to do.
>> It would be a **** good way to root Linux boxes BTW.
>
> 100% wrong!!!
>
> Linux distributions come with source code.
> If you don't trust a distro, you can make it yourself
> with the original source code.
>
> Begs the question which corporation is gonna trust a micoshaft CD that has
> no accompanying source code?
> Micoshaft recommend their install CDs which are self booting
> and you have no access to their source code to know
> whats in a Micoshaft CD!!!
>
> All Linux CDs come *WITH* source code so that you can be sure
> that no viruses or other crap spyware and adware has been put into it.
>
> That is a fundmantal distinction between open source Linux
> and closed source untrustworthy Micoshaft sponsored products.
>
>
<7 doesn't even know what it's talking about. The fool has no clue.
However, 7 likes to run its mouth. It was this one time 7 ran its mouth
about .Net in a neutral NG. 7 got its ass annihilated by developers who
were in that NG. It was another time 7 was in the Suse NG and needed to
open its mouth about something, and again, 7 got its ass annihilated in
the Suse NG. 7 no more knows what it's talking about than the man in the
Moon. And 7 should be ignored. :)>

On Thu, 27 Sep 2007 11:42:48 -0700, pus.boy99 wrote:

> On Sep 27, 12:28 pm, "Ms. Polly Ester" <pes...******.net> wrote:
>> http://news.yahoo.com/s/cmp/20070927/
tc_cmp/202101921;_ylt=AiieE0MGKY...
>>
>> Fearing the restrictions it places on their work, the majority of open
>> source software developers do not plan to publish code in the next year
>> under a controversial new license authored by the main governing body
>> for open source and free software, according to a survey released
>> Wednesday.
>>
>> In addition, more than 40% of those surveyed said they won't ever
>> publish their work under Version 3 of the General Public License, which
>> was released earlier this year by the Free Software Foundation. "GPLv3
>> is controversial because it imposes restrictions on what you can do
>> with programs," said John Andrews, CEO of survey taker Evans Data, in a
>> statement.
>
>
> More fragmentation to put some more nails in the Linux coffin. At some
> point the Linux loons will figure out that all of these spin offs are
> not a good thing for Linux.
>
> With 700+ different versions of Linux and now new GPL3 it's just more
> confusion for the suits that make the decisions. Microsoft makes it easy
> for those types. Linux makes it a clusterfsck.

pus.boy99 ....
aha hahaha HHA ha HA hAHh AHH AhHHAHAH Ah HA h HAH ...



--
Rick

"Kier" <vallon@tiscali.co.uk> wrote in message
news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk. ..
> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:
>
>>
>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>
>>
>>
>>> See the advanced technology in action here
>>> http://www.livecdlist.com
>>> Just download and boot from CD.
>>
>> You must be joking.. nobody in their right mind would download a self
>> booting CD recommended by anyone they didn't know.
>
> Strangely enough, though 7 is a loon, he's not the sort of loon to
> recommend you trash your machine from some roague CD. The list is genuine.

But I have no way to know that and I certainly aren't going to trust someone
shouting in a news group, anyone that does is being foolish.
It shows that people still don't understand the basics of security if they
do.
If you can't verify the source you may as well let the hacker sit at the
machine and give him the passwords.

>
>> It could do absolutely anything to the machine you boot it on.
>
> Actually, no. Some don't even make it easy or possible to have write
> access to your drives

You don't know how Unix works if you think that.
If you boot an entire OS it will be able to do anything it likes to your
drives unless you are running an encrypted file system that prompts you for
a password at boot before it can decrypt the drives. No Linux or windows
does that that I know of. You certainly can't do anything about it when the
source is available as if you store the password on the machine the rogue
software can use exactly the same mechanism to extract the password and
access the file system as the original OS. This is also true of windows but
someone has to disassemble the software and find the mechanism first so its
slightly more difficult.

>
>> Its just the sort of thing a hacker would try to get you to do.
>> It would be a **** good way to root Linux boxes BTW.
>
> Well, I've used dozens of LiveCDs over the past few years, and not one has
> ever harmed my PCs. On the contrary, they've helped me save data when
> hardware went tit's-up.

I have used live CDs too but not one that someone has been shouting about in
a news group.. you can't trust anyone these days.

Live CDs are one of the biggest security risks the average user is likely to
come across now floppies have gone (mostly).
(Any bootable device suffers from exactly the same security problems
whatever OS you are running on the machine.)
It doesn't take a lot of skill to put some malicious software on one and it
has total access to the machine be it windows or Linux or dos.
You have to be sure that it is what it claims before you boot it.
If it is malicious and you boot it the average user will never know anything
bad has happened.
They could easily be the Linux (and everything else) equivalent of the boot
sector virus that dos suffers from and there is no easy way for a user to be
sure other than from where they download it from.

Where is the definitive list of live CDs that have been verified and the
checksums and software to verify the cd before use? Who exactly is
responsible for doing that and do they have the skills to do it are a couple
of questions I would ask if I put a security hat on.

On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:

>
> "Kier" <vallon@tiscali.co.uk> wrote in message
> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk. ..
>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:
>>
>>>
>>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>>
>>>
>>>
>>>> See the advanced technology in action here
>>>> http://www.livecdlist.com
>>>> Just download and boot from CD.
>>>
>>> You must be joking.. nobody in their right mind would download a self
>>> booting CD recommended by anyone they didn't know.
>>
>> Strangely enough, though 7 is a loon, he's not the sort of loon to
>> recommend you trash your machine from some roague CD. The list is genuine.
>
> But I have no way to know that and I certainly aren't going to trust someone
> shouting in a news group, anyone that does is being foolish.
> It shows that people still don't understand the basics of security if they
> do.

That would be a social engineering type hack, right? I do take your point
in that regard. One of my favourite books is a fascinating exploaration of
the art, called 'A Complete Hacker's Handbook'.

> If you can't verify the source you may as well let the hacker sit at the
> machine and give him the passwords.

How come we don't see this happening, then? I have *never* heard of such a
thing being done. Probably it *could* be, somehow, but I know of not one
instance.

>
>>
>>> It could do absolutely anything to the machine you boot it on.
>>
>> Actually, no. Some don't even make it easy or possible to have write
>> access to your drives
>
> You don't know how Unix works if you think that.

It's not impossible, certainly, but without root access it's not easy. Of
course, some LiveCDs are desighed to do partitioning and rescue work, so
they by definition must be able to write to disc. But if you have
physical access, no system is really safe, however well-protected.

The ordinary user, however, is not going to be able to break his sytem
using a LiveCD. That was my initial point. LiveCDs don't usually touch
the underlying OS at all - in fact, with sufficient memory you can run one
without a hard disk in the machine at all.

> If you boot an entire OS it will be able to do anything it likes to your
> drives unless you are running an encrypted file system that prompts you for
> a password at boot before it can decrypt the drives. No Linux or windows
> does that that I know of. You certainly can't do anything about it when the
> source is available as if you store the password on the machine the rogue
> software can use exactly the same mechanism to extract the password and
> access the file system as the original OS. This is also true of windows but
> someone has to disassemble the software and find the mechanism first so its
> slightly more difficult.

The source isn't usually available on a LiveCD, no mater what 7 said.
There usually isn't room.

>
>>
>>> Its just the sort of thing a hacker would try to get you to do.
>>> It would be a **** good way to root Linux boxes BTW.
>>
>> Well, I've used dozens of LiveCDs over the past few years, and not one has
>> ever harmed my PCs. On the contrary, they've helped me save data when
>> hardware went tit's-up.
>
> I have used live CDs too but not one that someone has been shouting about in
> a news group.. you can't trust anyone these days.
>
> Live CDs are one of the biggest security risks the average user is likely to
> come across now floppies have gone (mostly).

Yes, no problems like that have been detected, to my knowledge.

> (Any bootable device suffers from exactly the same security problems
> whatever OS you are running on the machine.)
> It doesn't take a lot of skill to put some malicious software on one and it
> has total access to the machine be it windows or Linux or dos.

Less easily with Linux, but essentially, yes.

> You have to be sure that it is what it claims before you boot it.
> If it is malicious and you boot it the average user will never know anything
> bad has happened.
> They could easily be the Linux (and everything else) equivalent of the boot
> sector virus that dos suffers from and there is no easy way for a user to be
> sure other than from where they download it from.

Yet there doesn't seem to be one, does there? If it's that easy, why
isn't it being done?

>
> Where is the definitive list of live CDs that have been verified and the
> checksums and software to verify the cd before use? Who exactly is
> responsible for doing that and do they have the skills to do it are a couple
> of questions I would ask if I put a security hat on.

Well, I don't deny it's always good to cultivate good security habits,
whtever OS you're using. But, like I said, nothing like that ever seems to
have happened. I do vaguely recall there was a case where some dodgy rpms
or something got into a reputable distro repo, but it was very quickily
discovered and stopped. The transparency of open source tends to make such
things more difficult to get away with.

--
Kier