Re: Security followup

Subject: Re: Security followup
From: Jan Henning <henning -at- r-l -dot- de>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Wed, 15 Jan 2003 21:16:49 +0100


To a security person, Linux CAN is and is in the same category as Windows: its
a platform, its in use, and it has security vulnerabilities. It is possible to
hack into Linux boxes.

This is true, and also goes for most other OSes and server platforms.

Tech writers are, however, not security persons, and for those of us who do not wish to become security experts, the situation is a little different.

There are a number of products and product categories that expose their users out of the box to significant security risks - i.e., they need to be configured to offer a reasonable level of security that other products have out of the box. The most important of these products are:

- Internet Explorer and Outlook running on Windows (not on the Mac)

- Windows

- Microsoft Office (because of macro viruses)

- IRC clients (to varying degrees)

- peer-to-peer file exchange software (to varying degrees)

As Andrew said, many or most of these products can be secured, but doing so requires a certain knowledge.

By contrast, using Linux and Mac OS X systems is, so far, much safer, as measured by the statiscal risk of damage. Whether this is due to inherent differences or due to the differences in installed base is, for the single user, largely moot: If you're using Windows/Word/IE, you're in the zone of fire. If you're using Mac OS X/FrameMaker/Mozilla, you're not. You can build a blockhouse in the first case and may catch a stray bullet in the second, but the a priori risks are vastly different.

So, if you are concerned about security, you may consider limiting your use of the above products. Clearly, this is easier with some of them than with other. (Although just which are easier may differ from person to person :-)

Regards
Jan Henning

--------------------------------------------------------------------
Jan Henning
ROSEMANN & LAURIDSEN GMBH
Am Schlossberg 14, D-82547 Eurasburg, Germany

Phone: +49 700 0200 0700, Fax: +49 8179 9307-12
E-Mail: henning -at- r-l -dot- de, Web: www.r-l.de
--------------------------------------------------------------------


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A new book on Single Sourcing has been released by William Andrew
Publishing: _Single Sourcing: Building Modular Documentation_
is now available at: http://www.williamandrew.com/titles/1491.html.

Help Authoring Seminar 2003, coming soon to a city near you! Attend this
educational and affordable one-day seminar covering existing and emerging
trends in Help authoring technology. See http://www.ehelp.com/techwr-l2.

---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.



References:
Re: Security followup: From: Andrew Plato

Previous by Author: Re: Deadlines
Next by Author: Re: Security followup
Previous by Thread: Re: Security followup
Next by Thread: Re: Security followup


What this post helpful? Share it with friends and colleagues:


Sponsored Ads