Art replied:

Rich wrote:

In infinite wisdom Martin answered:

Snipped

But I've seen many security problems on unix systems over the years,
usually of the buffer overflow variety that allows a root shell to
be obtained. Unix is no more secure than it's system admin. Now for
home systems this is rarely a big problem. But how many companies have
had credit card numbers stolen by a hacker, from unix based systems?
How many govt agencies have had sensitive information stolen, from
unix systems, by hackers? Check out "The Cuckoo's Egg".

http://www.amazon.com/exec/obidos/tg/detail/-/0743411463/102-9899101-0828923?v=glance

Reread it.

Just did.

quite a bit of that took place on DEC machines because

The reviews make no mention of the machines.

administrators were too lazy to change the password of certain
critical accounts.

I tend to think that when even system admins don't handle security
properly (and it's a job all by itself) the chances that home users
will do a better job are not that great. Linux may still be better,
err, out of the box, but it ain't perfect.

I've got Cliff Stoll's "Silicon Snake Oil", a very good book, but
I've not yet read "The Cuckoo's Egg", I'll take your word for it.

UNiX machines were only a small part of those

DEC does not necessarily mean VMS, the much hyped sun-killers were
unix machines. The Alpha is a pretty good processor to boot, although
it seems to have fallen with DEC.

broken into and many of those, only because someone had sent
a password to someone on a machine that had already been broken into.

There are many other ways however, the dictionary search for example.
Unix got around that with a 5 second wait between successive logins
(at least Solaris did). I find that's a bit long for a mistyped password,
so I cut it down to 2 or 3 seconds on machines I administer. Wonder
if linux does the same?

Rich

I'd strongly suggest that you don't just assume that linux is safe.
Hackers could discover a bug tomorrow and everything could change.
I'd still bet that Linux is better than windows, but I also bet that
few Linux owners keep their systems up to date or apply security patches.

Rich

Take your ignorant uninformed troll bait elsewhere.

Martin

Most of us take security very seriously.  And most distributions  of Linux
come wtih ftp and telnet turned "OFF"