The Lounge is rated PG. If you're about to post something you wouldn't want your
kid sister to read then don't post it. No flame wars, no abusive conduct, no programming
questions and please don't post ads.
Since when is Linux immune to viruses? Linux generally has been much less of a target, but it is probably going to be a bigger target now on the ISS. Who was the idiot at NASA that forgot to scan the Russian's computer for viruses *before* the launch?
> Since when is Linux immune to viruses?
There is some merit in the argument that WIndows is a bigger target because of its popularity.
However, Linux and the other Unix variants have a different security model. By default, you have *no* permissions, and they are granted to you explicitly.
Windows until recently wasn't of that ilk.
Most desktop versions of Linux are designed around the fact that you don't need to be root for general work and for those other occasions there is sudo (or the GUI equivalents).
Windows is in the unfortunate situation of having to support a lot of backward compatibility with its earlier incarnations that had a more relaxed attitude to security. Microsoft have done quite a lot in recent times and fair play to them. But they can't fix the holes and keep complete compatibility without introducing a lot of complexity and that complexity creates further holes to exploit.
I can see good engineering reasons to choose Linux over Windows. If you need an OS that is minimal, can run solid compiled C code on dedicated devices, is dedicated to one or two specific primary tasks, then Linux makes good sense when you have the support people with the UNIX and C coding background. I can see where this is a common requirement in spacecraft systems. The Linux kernel is faster than the Windows kernel, but it is also less capable than the Windows kernel.
If you need efficient multithreaded and multitasking from the OS, then Windows may be a better choice.
Both represent good choices for the tasks that they each do best, and both represent safe and secure choices.
Certainly within the user space, such things as viruses infecting a document with scripting capability are a threat on all platforms.
The issue for systems that use these things are their escalatability (is that really a word?).
What we desire in an OS is an enclosed walled garden environment for users sufficiently robust to protect the machine from the misdeeds of the user or anything that they may run.
The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system.
The best you can do it protect the system from unintentional drive-by attacks via open ports and web-based vectors.
If you have some malicious program or web page telling the user to do something stupid and the go ahead and do it, then well what can you do really?
The biggest threat to your machine is from the user themselves via social
engineering exploits. It's very difficult to protect against these
aspects. Doing your work as a non-privilege escalated user is a good
first step but the user is the weak point of the system.
And follow that thought through....
Operator misuse is the biggest hole in security and the NASA "fix" for that is to switch OSes?
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
One video like that makes up for fifty "undescribed" Lounge links I have clicked on that led to ear-murder, eyecide, etc.
That is close to physical perfection in physical balance !
“Humans are amphibians: half spirit, half animal; as spirits they belong to the eternal world; as animals they inhabit time. While their spirit can be directed to an eternal object, their bodies, passions, and imagination are in continual change, for to be in time, means to change. Their nearest approach to constancy is undulation: repeated return to a level from which they repeatedly fall back, a series of troughs and peaks.” C.S. Lewis
I am writing some software for a client and find some of their business processes and way of doing things a bit illogical and confusing. A number of times I have thought "Why do they do it that way, wouldn't it be simpler to do it this way instead. Plus it would make my life easier too". On the occasions I have brought this up, I am usually met with the reply "that's the way we do it".
Anyone else get this much? Do you persist and argue your point or just give them exactly what they ask for? It's not my place to change their business processes, so I'm inclined to give them what they want and take the money. However, I'm left with the feeling that the application was not as good as it could have been.
Usually when talking to the client they embrace any changes in processes with open arms, glad to have an outsider tell them that their processes are inefficient.
With the right approach, infinite patience, and a 'seeing things from their point of view' attitude, it can be done - but you need to be really certain you have all the information before persuading them to change processes!
Write software to cater for existing processes - you get paid and all is well.
Change their processes and write software to support the change and you still have a fight to get the users to adopt it - and they will be negative. And if you miss something (usually because they just haven't told you about it) it will be entirely your fault.
Anyone else get this much? Do you persist and argue your point or just give them
exactly what they ask for? It's not my place to change their business processes,
so I'm inclined to give them what they want and take the money. However, I'm
left with the feeling that the application was not as good as it could have
Of course... it happens all the time.
Here's one way to consider things: You are professionally obliged to inform the client that you believe that their process could be improved by X, Y and Z. BUT... at the end of the day, it's the client's call, and if they don't want to, then develop what you have been asked to develop. So long as you have informed the client, you have met your professional obligations.
Quad skating his way through the world since the early 80's...
As has been pointed out, as a professional you should be enlightening your client as to potential process improvements, I say potential because you do NOT know their business practices as well as they do. And the LIE even if only by omission. 3 months after your system goes to production some pillock will come back to you with "oh I forgot to tell you this requirement". It may justify their entire approach (probably not).
At the end of the day you build to your clients requirements even if it seems idiotic in your opinion.
Never underestimate the power of human stupidity