[NTLUG:Discuss] Browser Security Question?

Robert Pearson rdpears at gmail.com
Thu Sep 16 02:03:55 CDT 2004 

>    tr_data1 wrote:
> > Robert Pearson has what I consider important questions about the
> > security of running M$ IE on Linux via Crossover/VMWare/etc. Not
> > intending to hijack his thread:
> >
> Greg Edwards wrote---
> It's not that IE is more secure when running in VMware...
>...
> Using IE in a VMware virtual machine should not be a major worry about your Linux
> environment, but your Windows environment is just as vulnerable as running
> Windows on a dedicated machine.
> 

I'm just a user. Don't claim to be an expert. As a user I do have
Security concerns about Windows running over Linux or Unix. VMware,
and all the others, may be robust enough to withstand the assault when
Linux or Macs grow in popularity enough to become a focus of the
hackers. "Techie" hackers might find it to be a real challenge to use
Microsoft products to bring down Mac's and VMware machines.

Historically Virtual Machines have not been completely Virtual. They
have been crashed by really errant applications. An errant application
is Operationally defined as an the occurrence of an event not defined
by the application or the Operating System. Usually a hardware
failure. Perhaps the Virtual technology has progressed to the point
that this type of failure is just a "bad memory". I don't know. Who
does?

In SMBs (Small to Medium Businesses) and up to the Enterprise there is
a great deal of "hardening" to control access to these machines. In
the SOHO to SMB range what affordable "hardening" steps are available
to a user?

Most of the members of this list seem to be "techie's" and personally
in the SOHO to SMB range of operation. At work it may be different.

Some of us are just users who cannot afford major down-time or a
Consultant to bail us out. Our focus is using the technology as a
"Profit Enabler" or a "Profit Enhancer" tool to make money. The
Strategy for avoiding Consultants and down-time we cannot afford, is
to make wise, educated choices about what to buy and install. That is
the goal. That is why I am moving to Linux slowly but steadily. I was
very glad to read the official statements, from sources I respect and
trust, recommending the move from Internet Explorer to Firefox. At
that point I made the move in a flash for both Linux and Windows. Same
for Open Office or Star Office on Linux.

I, personally, went through a little learning experience after using
apt-get to upgrade from Red hat 9 to FC1. The upgrade was fairly
painless. No major "gotchas" thanks to help from the NTLUG support
group, in particular Bryan Smith. However I had to learn "iptables" to
get my clock synching to an NTP server. Everything about NTP works but
I have a new and very different iptables file. I had to use lokkit to
get NTP to work and lokkit completely rewrote the
/etc/sysconfig/iptables file. The "iptables.save" file doesn't look
anything like the original iptables file either. The question still to
be answered is "Am I still secure, more secure or less secure?". I
don't know and it will take a lot of digging to figure it out.

Thanks,
Robert Pearson
rdpears at gmail.com

More information about the Discuss mailing list