[Tfug] Multiple distros for security?
Paul Lemmons
paul at lemmons.name
Fri Jan 23 15:42:20 MST 2009
Matt Jacob wrote:
> Hi everybody,
>
> The question, then, is whether there is enough merit in distro
> diversification to outweigh the added complexity and management time.
>
> Thanks!
>
> Matt
>
Matt, it could also be argued that if you have three distro's you triple
your chance of getting stung by a 0-day exploit. Granted you are only
1/3rd compromised but how is that really worse than being 100%
compromised? You are still in a bad way.
One could also argue that most of the major distro's feed from the same
source pool. If one distro is compromised then they are probably all
going to experience the same problem. So you will have complicated your
life with no real benefit.
I would say that if you select a single distro and get really good at it
and you get one that has a history of of both notifying you and turning
things around quickly when there is a problem. You would be making the
right choice. Do a little research there are a number of good choices
out there.
That will be 2 cents please.. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3296 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20090123/f4d38f67/attachment-0002.bin>
More information about the tfug
mailing list