OT: my broadband

We will take that as a 'no' then.

Problem is most of the Mac users I encounter fall into two categories; a small collection (probably 10%) of technical clued up ones who are basically after an industrial strength BSD box with a decent UI and know what they are doing, and then the majority who are completely non technical and bought a mac either because it was standard for their industry (e.g. publishing) or because they were told it was "easy", or frequently "because it looks nice". The latter camp are highly unlikely to go trawling through newsgroups prior to doing upgrades etc.

Given the number of LAMP stacks that get hacked every day on public web servers, that would not appear to be the case....

(obviously public facing Linux servers are far more open to attack than desktop machines)

cable

True enough but they still spent the money digging holes, laying ducts etc. So they shoved in coax and twisted pair shotgun cable back then suitable fibre kit was either sodding expenesive or more likely non-existant. These days the sensible thing would be to bung in fibre, ONTs are less than £100.

Does anybody know the "reach" of the coax systems?

You can go and look yourself. Or maybe you can't?

Well here is an exploit for linux

And here is "how to" use Libre office to gain the access to run the exploit.

Are you still sure you are secure?

Well I haven't ever got anything on windows and I have been running it since 3.0. I doubt you would know if you had been rooted, yiou don't even think its possible so you never check.

What software does the router run? linux like both of mine do?

If you are happy to believe that just because you are running Linux you are invulnerable - well, that's fine, I'm not going to argue with you any more than I argue with the JWs who came around the other day.

But I'm glad you aren't in my IT department.

Andy

It might help to put in a link

He probably is sure.

Andy

BTW these sort of answer the "well the linux fixes are always done quickly"

CVE-2004-1137 DoS Exec Code 2005-01-10 2010-08-21 allowed arbituary code to run for five years.

Or this one fixed a couple of months ago.

CVE-2004-0888 DoS Exec Code Overflow 2005-01-27 2013-08-28 allowed arbituary code to run for 8 years.

TNP can google for the CVE codes if he wants to name them.

They'd be in shit creek whatever platform they ran, then. They'll be slightly safer off-Windows, as all the phishing mails I get that ask you to click on this .zip attachment so thoughtfully provided, contain .exe files.

"its a pre-compiled exploit and has been verified for list servers. It might working on other 2.6.32-X kernels too. "

Shhesh., 2.6.32 kernel, ? Pre compiled? List serveres?

Who runs a list server on their desktop?

Who is still running 2.2.32?

Haven't seen that in the last two years..

Who is still running 32bit?

-Version- Kernel : Linux 3.5.0-42-generic (x86_64) Compiled : #65-Ubuntu SMP Tue Oct 1 23:38:22 UTC 2013 C Library : Unknown Default C Compiler : GNU C Compiler version 4.7.2 (Ubuntu/Linaro

4.7.2-2ubuntu1) Distribution : Linux Mint 14 Nadia Desktop Environment : MATE

-Misc- Uptime : 24 days, 0 hour and 55 minutes Load Average : 0.33, 0.32, 0.43

Page intentionally left blank?

More than ever if that's the best you can come up with..

all vulnerabilities fixed years ago.

only two of passing interest as they are not DOS but actual ability to execute code and so on and since Libre office runs as a user it can't ROOT itself can it?

Libre office Version 4.0.4.2

I am sure it might have. Presumably no one ever used it though.

cant be arsed. some theoretical vulnerability that wasn't in fact usable as an exploit that no one bothered to patch because it represented no real threat.

Indeed. MacOSx is broadly similar to Linux, except you get it in one flavour that you cant do much to configure, and it cost overall 3-10 times more.And the support is worse overall.

How would you know, you aren't good enough to know if they had.

It scored highly on the threat level. It wasn't fixed because the idea that people read the source code and identify the bugs just doesn't happen. Security based on that idea just doesn't work.

Do you want the CVE codes for the OSx vulnerabilities published last month?

Do you really think there aren't more vulnerabilities introduced with every new release of linux. Some of the vulnerabilities were introduced by the fixes if you actually look.

with that attitude,I am glad you never were in mine.

I paid people to deliver results and security, not to use sophistry and political means to win arguments and lose customers

Well if you had to pay people to do the job don't go around telling others how to do it when you are plainly wrong about what you say. If the person you paid told you what you keep saying then find someone else to pay.