Page 8 of 14 FirstFirst ... 678910 ... LastLast
Results 71 to 80 of 131

Thread: Valve's Gabe Newell Really Hates Windows 8

  1. #71
    Join Date
    Jan 2009
    Posts
    1,519

    Default

    Quote Originally Posted by Kano View Post
    @89c51

    I am pretty sure you can study lots of things without needing autocad, solidworks or photoshop. Btw. for 3d modelling you can use Maya which runs on Linux (and was working 1998 or so on IRIX). If you can not live without photoshop you should try wine. google paid lots of money to support it.

    http://appdb.winehq.org/appview.php?appId=17
    Yes you can but you don't decide what you will study based on what software runs on your computer. (at least i didn't )

    What i mean is that certain industries use certain software and most companies have workflows based on this and demand certain knowledge. This also forces universities to follow the industry "trend".

    This doesn't mean that you cannot do stuff with alternative software but in many cases the "industry standard" is not cross platform and you are "forced" in another platform.

  2. #72
    Join Date
    Jun 2009
    Posts
    1,021

    Default

    Quote Originally Posted by TobiSGD View Post
    In short: The Windows security model is not bad per se, in fact it is pretty good. What is bad is the users that don't want to give up some convenience for having a secure system. But that is not the fault of the kernel.
    well you are technically wrong in one sense in 2 points:

    1.) winblows security barries are there i give you that but the implementation is no good and regularly hack any version of windows is a coffe cup away and well UAC/ntfs ACLS/ASLR/disable bit/TXT/etc. are mostly very bugged and are very easy to bypass, after that just hide your exploit processes and be happy for a while[i do some work as legal cracker now and then for bussiness in my country], well these days is even easier just exploit IE/MSN/.NET runtime to gain access to the kernel tho. [note this is without user intervention at all and giving the sysadmin 48 hours to pimp their security in Server/stations][on a good point windows firewall can be annoying if the admin is picky].

    funny note after many years of cracking UAC has never asked me anything while breaking half the freaking OS but it annoys me to no end when im using actual safe stuff LOL

    2.) Linux/BSD/Unix: here you are very wrong, these OSes are designed lot more securely from the start and they actually know quite a deal on how protect themselves so even as root is really hard to exploit/hack/virus/[put here] those kernel at least in a reasonable timeframe. Sure in linux as root you can install a keylogger or change the root/user password to mess with the guy for example but try to hide the actual process to make it invisible to the OS or try to access the memory reserved by another application to sniff a password, etc. in resume is not easy at all in fact you need to burn your braincells looking for an unknown security fail[to make it funnier in the kernel itself for the specific task you need to perform] write the exploit and pray the kernel just don't panic and bitch you out.[assuming a clean uber insecure linux here without any security measure active at all]

    to fuck things more the linux kernel reserve memory and upload itself on ram which force you to work the exploit hot[on live ram] and the mofo really work hard to prevent you from you asm your way in plus you cannot talk directly to the hardware but you have to kindly ask the linux kernel to do it for you[unless you can DMA your way with a firewire cable jajaja but again is not easy and i think someone already posted a way to partially fixit][i won't even talk about jails or cgroups or virtualization or bypass iptables(PAAAIIINNN), etc]

    so if you attack a machines with a relative updated system and you manage to get the root password you are still worlds of pain away from your goal and well viruses i don't think they will be too hot on linuxes[they are HUGE BLOBS and require very extremely nit picked kernel version]

    now i agree user is another security flaw but unixes kernel are rough enough to hold just fine the integrity of the OS, now like i said trivial stuff like attaking evolution mail client or getting your bookmarks from firefox or putting some annoying keylogger is doable but those are userspace apps and pose no threat to the kernel[unless a major security flaw is found but moslty those lives for hours]

    sure both can be compromised but is like say "i keep my money in a shoebox with a key cuz well vaults can be opened too" <-- that is true but the amount of time/ resources / knowledge / thief are not equal at all, any idiot with a knife can take your shoebox and get you money but you need higly trained[prolly military training]/heavily armed with very expensive tools to break a bank vault hence why the 500 most powerful supercomputer in the world use linux and not windows[windows can be clustered too and after paying millions of dollars in hardware you won't go cheapo on windows for a license, is the security and tools that make the difference since this computers moslty handle extremely sensitive data][ok some are for reaserch and stuff so i mean financial/military/weaponry sectors, happy?]

  3. #73

    Default

    Quote Originally Posted by asdx View Post
    Please guys answer me 1 question:

    Will Gabe/Valve help us with the S3TC patent issues? I've recall he would help solve this problem?

    Yes or no?
    answer: Yes (if possible)

  4. #74
    Join Date
    Apr 2011
    Posts
    296

    Default

    Quote Originally Posted by jrch2k8 View Post
    well you are technically wrong in one sense in 2 points:

    1.) winblows security barries are there i give you that but the implementation is no good and regularly hack any version of windows is a coffe cup away and well UAC/ntfs ACLS/ASLR/disable bit/TXT/etc. are mostly very bugged and are very easy to bypass, after that just hide your exploit processes and be happy for a while[i do some work as legal cracker now and then for bussiness in my country], well these days is even easier just exploit IE/MSN/.NET runtime to gain access to the kernel tho. [note this is without user intervention at all and giving the sysadmin 48 hours to pimp their security in Server/stations][on a good point windows firewall can be annoying if the admin is picky].

    funny note after many years of cracking UAC has never asked me anything while breaking half the freaking OS but it annoys me to no end when im using actual safe stuff LOL

    2.) Linux/BSD/Unix: here you are very wrong, these OSes are designed lot more securely from the start and they actually know quite a deal on how protect themselves so even as root is really hard to exploit/hack/virus/[put here] those kernel at least in a reasonable timeframe. Sure in linux as root you can install a keylogger or change the root/user password to mess with the guy for example but try to hide the actual process to make it invisible to the OS or try to access the memory reserved by another application to sniff a password, etc. in resume is not easy at all in fact you need to burn your braincells looking for an unknown security fail[to make it funnier in the kernel itself for the specific task you need to perform] write the exploit and pray the kernel just don't panic and bitch you out.[assuming a clean uber insecure linux here without any security measure active at all]

    to fuck things more the linux kernel reserve memory and upload itself on ram which force you to work the exploit hot[on live ram] and the mofo really work hard to prevent you from you asm your way in plus you cannot talk directly to the hardware but you have to kindly ask the linux kernel to do it for you[unless you can DMA your way with a firewire cable jajaja but again is not easy and i think someone already posted a way to partially fixit][i won't even talk about jails or cgroups or virtualization or bypass iptables(PAAAIIINNN), etc]

    so if you attack a machines with a relative updated system and you manage to get the root password you are still worlds of pain away from your goal and well viruses i don't think they will be too hot on linuxes[they are HUGE BLOBS and require very extremely nit picked kernel version]

    now i agree user is another security flaw but unixes kernel are rough enough to hold just fine the integrity of the OS, now like i said trivial stuff like attaking evolution mail client or getting your bookmarks from firefox or putting some annoying keylogger is doable but those are userspace apps and pose no threat to the kernel[unless a major security flaw is found but moslty those lives for hours]

    sure both can be compromised but is like say "i keep my money in a shoebox with a key cuz well vaults can be opened too" <-- that is true but the amount of time/ resources / knowledge / thief are not equal at all, any idiot with a knife can take your shoebox and get you money but you need higly trained[prolly military training]/heavily armed with very expensive tools to break a bank vault hence why the 500 most powerful supercomputer in the world use linux and not windows[windows can be clustered too and after paying millions of dollars in hardware you won't go cheapo on windows for a license, is the security and tools that make the difference since this computers moslty handle extremely sensitive data][ok some are for reaserch and stuff so i mean financial/military/weaponry sectors, happy?]
    Personal Linux experiment: I cant run a keylogger on userspace.

  5. #75
    Join Date
    Aug 2007
    Posts
    6,598

    Default

    Try this:

    http://average-coder.blogspot.de/201...keylogger.html

    Seems to use only LD_PRELOAD.
    Last edited by Kano; 07-26-2012 at 08:19 PM.

  6. #76
    Join Date
    Sep 2008
    Location
    Vilnius, Lithuania
    Posts
    2,406

    Default

    About viruses, take a look at this:
    http://librenix.com/?inode=21
    Mind you, it's rather dated, but it's still quite to the point. I had another, better link, but I can't find it at the moment. Basically, Linux is a lot more popular than Windows already - it runs on most servers and most hand-held devices, yet you don't see viruses interfering there. And it's a very viable target - heck, who would bother infecting a client, if they can infect the server and therefore have it infect thousands of clients at once? But they just can't do that.

  7. #77
    Join Date
    Jul 2008
    Posts
    649

    Default

    Gabe like open plattforms lol, and brings closed drm Systems to them ^^

    But I think he is right, there are 2 big issues about linux, yes yes there are hundret small things too, but mostly thats because linux is not as big as it could be not the reason that it is not big.
    one is the oem-systembuilder versions of windows or that nearly nobody sells linux-pcs... there something changes slowly if you think android as a "linux" there are big changes ^^
    and the other is games, yes... thats holds back the most geeks and kids that use their pc at home to not install it.

    The Noobs will not install linux whatever happens there, even if all adobe software and each single game and microsoft office is portet to linux they by them selve will not install linux. But maybe the kids and geeks that changes to linux because maybe of the games will install it to them maybe...

    Gamers mostly dont really care if they use ms office or libreoffice or they use openoffice under windows anyway...

    And office users are not the big problem, they will use what the companys will tell them to use... so if you get ~50% of the desktop users, and companys can count that people have used linux and they have not to pay much schooling on this part, they will switch sooner or later, for companys linux is a bigger advantage anyway...

    and even if that would happen that 80% of the privat people would use linux but 90% of companys would use windows, what I cant believe, it would be more important, because linux is primary about freedom for people not for companys. Whatever, the problem is, let libreoffice only be as 90% that good that ms office is (what I dont think but lets say it for a moment) there is a smaler gap than on the gaming front which is nearly dead under linux, yes there are the free games, and maybe a hand full of f2p clients, but the major games are not there, and for most wine is no alternative.

    So bringing linux here from 10% of the gaming capabilities from windows zu 50-90% will boost linux very much, and then the egg-chicken problem gets away much... more users, more companies that will port stuff or fix drivers, better drivers more software more users...


    So even I will not use that steam under linux because I dont trust companies and dont want to run their blobs on my linux to loose control over my pc, I think that its great that valve does that.

  8. #78

    Default

    Quote Originally Posted by TobiSGD View Post
    Pure non-sense. The "Windows on top of DOS" model was last implemented with Windows ME in 2000, about 12 years ago. After that all newer versions were built on top of the NT kernel, a modern kernel that has nothing to do with DOS at all and needed in its first versions at least a 80386 to work (same as Linux). All modern versions have a very good security model, more advanced than the pure UNIX permission system. It is more something that you can compare with SELinux. The problem is that Microsoft disables most of it by default on consumer versions of Windows, for a very simple reason: most users don't want it. They disable even UAC, because they don't want to make one extra-click i exchange for being more secure.

    If you want to compare two OSes then make some serious research before posting such BS, otherwise you just sound like a trollish Linux zealot.
    That's a whole of bullshit. Windows 7 is also using parts from DOS and this is proven. The answer lays in the vulnerabilities that comes from... DOS! Don't make me laugh saying about it's crappy security model, because it's just ridiculous:

    http://www.h-online.com/open/news/it...x-1632632.html

    According to Google developer Chris Evans, Chrome 20's native 64-bit Flash plugin is, at least in the current Ubuntu 12.04, isolated within a seccomp sandbox. It thus complements the Pepper Flash sandbox in what Evans refers to as "double bagging". Because the Windows sandbox essentially relies on the integrity levels introduced in Vista and therefore permits processes to read whatever they like, the doubled-up Linux sandbox is – leaving aside external wrappers such as Blitzableiter – probably currently the safest method for executing Flash content in a browser.
    Btw. where the hell comes from messed up question: Abort, Retry, Ignore? :>

    http://answers.microsoft.com/en-us/w...0-c0811e2223ae

    Btw2 some poor people think it's, because of a... virus!

    http://forums.lotro.com/showthread.p...re.-(201)-HELP
    Last edited by kraftman; 07-27-2012 at 06:30 AM.

  9. #79

    Default

    Quote Originally Posted by TobiSGD View Post
    Huh? What the hell is a single user kernel? NT is clearly a multi-user system, with several different system users running at the same time.
    This just proves you have no clue. It's a single user system that tries to transform into multi-user one. However, it's security suffers badly from it's origins.

    No, they do it because they don't know what they are doing.
    UAC is broken mess:

    http://www.istartedsomething.com/200...vulnerability/

    Ubuntu is not all Linux. Yes, there are some distros that make it actively harder to run as root all the time, but none of them makes it impossible. It is in fact very easy to circumvent such restrictions and many users that come from Windows actually want to do that, because they don't know what they are doing.
    Distros that assume that the user knows what he is doing don't have such restrictions at all, it is no problem to run Arch, Slackware or Gentoo as root all the time. This is not something that is magically different on Linux. The first thing that makes your system secure or insecure is the user, not the OS.
    This has nothing to reality. Linux has proper security models while Windows has broken ones. Windows is also using much less restrictive security model and IE is its integral part that makes it security mess.

    So now you are changing from "NT is shit" to "NT's users are shit". Why is a kernel shit because it is used by dumb users? If I run Linux as root all the time does that make Linux shit?
    It's shit, because they made it like that. Users can't do much to protect themselves. It's not about running it as root, but it's about bad design.

    In short: The Windows security model is not bad per se, in fact it is pretty good. What is bad is the users that don't want to give up some convenience for having a secure system. But that is not the fault of the kernel.
    In short: saying Windows "has" security model is ridiculous and if we agree it has something like that it must be said it's a broken mess.

  10. #80
    Join Date
    Aug 2007
    Posts
    6,598

    Default

    I don't think that linux desktops are more secure than win by definition. at least with physical access you dont need a livesystem to get full (root) access to user data - btw that works on os x as well. So lets think about remote access, there you are as save as the apps you run. Every app has flaws, most important for home users are most likely all web browsers, mail clients, instant messaging or office apps. Faults in those apps are used to install malware - currently mainly on windows because of much more users - but do you want to say that flash/java is more secure when you use firefox on linux than on win? You are just lucky that the malware authors target win in most cases, same for os x users. You see that same on android, every system that is popular has got lots of malware (often hidden in pirated apk). Currently you are usually save enough without any anti virus tool in the background - but you can be sure in the case that linux desktops are more popular this will change.

    For web servers you already have got lots of attack vectors, mainly because of wrongly parsed vars. Most likely you don't read news about stolen passwords/sql databases. Do you really want to say all those systems run windows? Basically it would not matter much, the most exploited bugs are not inside the os kernel. Of course when you have got already a remote shell you want more, like root access...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •