[liberationtech] Concerns with new Stanford University security mandate
Guido Witmond
guido at witmond.nl
Thu Jan 30 01:21:44 PST 2014
On 01/29/14 23:38, Jonathan Wilkes wrote:
> On 01/29/2014 04:50 PM, Guido Witmond wrote:
>> On 01/29/14 19:57, Jonathan Wilkes wrote:
>>> On 01/26/2014 08:12 AM, Guido Witmond wrote:
>>>> BigFix: the missing package manager for Windows. What every
>>>> self respecting unix/linux/bsd/etc system already has. Good.
>>> How is a centralized service that requires the user to download
>>> and install a binary from the web anything like apt?
>>>
>>> Don't get me wrong, nearly anything is better than just bare
>>> Windows.
>>>
>>> But an honest, courageous approach would actually encourage the
>>> oddball student who runs Debian Wheezy or whatever else that is
>>> lightyears ahead of Windows in terms of security. Does this
>>> security mandate do that, or does it merely hope that the ideal
>>> of academic freedom will just get fed up and go find some other
>>> domain to bother?
>> I fully agree, being Microsoft free since 1999, myself. However,
>> the apt-package manager doesn't upgrade anything compiled into
>> usr/local, hence, the need for a scanner.
>
> Hi Guido, Before I write anything else: Is the BigFix client free
> software? Couldn't figure it out from a quick look at the website.
I wouldn't know. Being an IBM acquisition, my first guess would be that
it is proprietary.
If you want something to scan you linux/bsd-box, there are good tools
available. Even good-old tripwire could help you. Or Samhain, that also
checks for setuid executables.
regards, Guido.
More information about the liberationtech
mailing list