Adam's rant on Linux security

Adam forwarded me a link to his latest blog post about Linux security. It's quite amusing to read (I suspect someone must have told him how uber secure Linux is). Anyways, it's completely true so for all the pundits who preach on how much more secure Linux is than Windows …

more ...

Mandriva update statistics

Some statistics, before I go on holidays until the end of the year.

Looking at bugfix updates, we've seen a steady increase since I've kept track (going back to 1999, although I think in 1999 it was only a half-year of doing updates).

  • 1999: 13
  • 2000: 24
  • 2001: 25
  • 2002 …
more ...


Security holes in other distros

Found another good comic inspired by the Debian OpenSSL issue (no, it will never get too old for me). Forget where I came across this one though... just saw it in my downloads folder as I was doing some cleaning up. It's quite funny though, because it also pokes at …

more ...

Security, Open Source Style

The announcement just went out for the newly formed oss-security group (which is a similar concept to the private vendor-sec group, but open to anyone interested in helping promote and work with security in open source projects). I've mentioned oss-security before, but the "official" PR just came out (thanks to …

more ...


The path of least-patching

It's been an amusing morning reading more takes on the Debian OpenSSL issue. While I was in the know before most others due to vendor-sec, and was able to quickly verify this didn't affect Mandriva, the fallout still continues. For those that think otherwise, this is a big issue, and …

more ...

Static User/Group Mappings

/start rant

Switching my servers from Annvix to Mandriva is absolutely maddening. The biggest problem is dynamic uid/gid mappings. Do you know how frustrating it is to have apache uid 77 on one machine and uid 92 on another? Or svn is gid 75 on one and gid 76 …

more ...