terça-feira, agosto 12, 2008

the easy road to heaven is hell

I have installed a new linux distro on my laptop. A friend told me about linux mint and when I saw it my eye balls where falling on to screen. I so wanted it!! It promised to be light and It came with a pretty gnome, a packet manager (synaptic) and of course it replaced

mount -t vfat /dev/sda1 /mnt/usb

konqueror /mnt/usb

by a confortable click on media:/

it recognized my graphics board, my sound card, my weird keyboard keys. It allowed me to install php5, mysql , and of course apache with a bunch of clicks. It let me sudo ifconfig without editing the sudoers file. And here I was all happy with my favorite apps. Until I got sick of the looks and got sick of it being so slow, and jamming whenever the networkconnection was not on, because it was trying to upate my system. So I changed to XCFE.. and It got a little faster.

But here's the real surprise! Somehow I messed up my system, or got hacked or just completely forgot what root password I put in the first place. Irrelevant for the matter. So here I am scratching my head... how the hell am I gonna fix this without reinstalling the system... and all of the sudden it strikes me! I've been sudoing so much stuff can I sudo passwd root? I CAN!

sudo passwd root

just prompts my userpasswd and a new password for root after. This was, on one side of the question... most pleasent. I reset my password. On the other hand it worries me, and somehow makes me sad. Anyone with acess to my shell could change my root passwd. I?m thinking about keeping logs of all commands on all shells by all possible logged in users . A little paranoid I guess.. but hey just because you're not looking for them it does not mean they are not there. :P

The easier to use, the less boring the system... more easily hacked. So where the hell are we gonna find the balance between user friendly and cracker enemy? Is there ever gonna be such a thing? How can you tell what you are going to deny? Allow? Are we gonna tell mary the hot teenager she can't allow her computer to behave like a server on any occasion, because a server is something that provides services, and that means it gives out information to anyone that asks it, even if it is only a request for authentication. By Saying no, it says go another way. But saying not this service it says try another service How are we going to tell mary what the hell a service is? can't open doors, she can't have telnet enabled, if someone is sending a lot of tcp/IP packets with sync on it it smells like port scan. How are we gonna tell mary what a port scan is? Does she care? She pushes the button and puff there's myspace, hi5, facebook. There's msn, ICQ. All sorts of blogging and posting and sharing. And mary... Mary's got fotos, texts, she's got 80% of her life on the computer. Cellphones that auto-sync with the pc, they allow you to save messages, appointments.... all so easy... all so windows... window without blinds.

I need to sleep.

gux_# shutdown -h now