# Moving from PCBSD



## nu2fbsd (Feb 26, 2010)

post removed


----------



## SirDice (Feb 26, 2010)

nu2fbsd said:
			
		

> Because of the threat of viruses on Windows.


That's the wrong reason. Just because FreeBSD (or Linux, OS-X or anything else) isn't vulnerable to Windows malware this doesn't mean it cannot get infected with malware.



> I downloaded the livefs.iso of version 8.0 but could not use it. I burned it onto a CD but when I booted from the CD, there was nothing. In Windows Vista I opened the disk to find nothing on it? I am confused and frustrated that this has happened. What could be wrong? I am now downloading the memstick file and going to try to install via that. Hope I can do that successfully.


Make sure the hash checksum is correct before burning.


----------



## Speedy (Feb 26, 2010)

> I downloaded the livefs.iso of version 8.0 but could not use it. I burned it onto a CD but when I booted from the CD, there was nothing.


Hmmm ... define nothing? Nothing like empty? Nothing like garbage? Nothing like weird stuff you didn't know what to do with?


----------



## Speedy (Feb 26, 2010)

SirDice said:
			
		

> That's the wrong reason. Just because FreeBSD (or Linux, OS-X or anything else) isn't vulnerable to Windows malware this doesn't mean it cannot get infected with malware.


That's a good reason. A computer virus needs a vulnerability to exploit. There is long list of unpatched security holes in MS Windows, some of them known for years. Add silly default permission policy, etc, and you get an OS that should not be connected to the internet.
POSIX compatible operating systems are inherently secure. It takes a stupid admin to make them vulnerable.

This is rather old article, but still good reading:
http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/

Of course, nothing is 100% secure. But FreeBSD box can be exposed to the internet without creating an instant botnet member.


----------



## SirDice (Feb 26, 2010)

Speedy said:
			
		

> That's a good reason. A computer virus needs a vulnerability to exploit. There is long list of unpatched security holes in MS Windows, some of them known for years. Add silly default permission policy, etc, and you get an OS that should not be connected to the internet.
> POSIX compatible operating systems are inherently secure. It takes a stupid admin to make them vulnerable.


Wrong. Seriously. There's nothing inherently more secure on *nix then it is on Windows. Believing this only means you do not have enough knowledge about either system. If you don't use MAC I'll even go as far as stating that the Windows security model is a lot better, more fine grained control and auditing. 



> Of course, nothing is 100% secure. But FreeBSD box can be exposed to the internet without creating an instant botnet member.


Wrong again. I can write a perfectly working spambot that will run without a hitch on the most restricted account on FreeBSD. In contrast my Windows machines do not have anti-virus, firewalls and all that other crap. My machines have NEVER been infected with anything (I smell malware a mile away). 

If you run a vulnerable website it really doesn't matter what OS runs it. You will get pwn3d. 

If you are a user that clicks on everything and runs untrusted programs (as most windows users seem to do) changing to another OS won't help you. You will get pwn3d.


----------



## thuglife (Feb 26, 2010)

wow, i like this community more and more each and every day.


----------



## achix (Feb 26, 2010)




----------



## Speedy (Feb 27, 2010)

> In contrast my Windows machines do not have anti-virus, firewalls and all that other crap. My machines have NEVER been infected with anything (I smell malware a mile away).


 
That says it all, doesn't it? 
Nowadays most effort is done to infect remote machines and stay unnoticed. And they are successful. 
And then somebody comes and tells something like above!
Kits sold underground are guaranteed to infect any Windows computer that visits malicious website. Regardless Windows version, regardless what browser is used. They are guaranteed to work for six months, if MS happens to patch the vulnerability they use you'll get free upgrade. 

Windows machine directly exposed to the internet gets broken into as soon as it is found. Last time I checked the time to break in was under a minute. 

Anti-virus/malware works by blacklisting known threats. You cannot take seriously an operating system which uses blacklisting as primary defense. Does not pass common sense test. 

I'll stop here. Hopefully most people will get the message. 
I do not hope I can convince someone who confuses infected website with infected operating system, or who thinks "fine grained permissions" compensate for security holes.

As long as I'm considered this thread is closed. I've better things to do than argue with simpletons, this is also not what these forums are for.

Everybody have a good day now.


----------



## nu2fbsd (Feb 27, 2010)

What is pwn3d?
Thanks for sharing from your knowledge and experience. 
If FreeBSD does get infected with malware how would a newbie like me know and what can be done?
I had not checked the hash checksum. I define nothing by a blank screen, there is no output on the screen.


----------



## Oko (Feb 27, 2010)

SirDice said:
			
		

> If you don't use MAC I'll even go as far as stating that the Windows security model is a lot better, more fine grained control and auditing.



Well, I guess all of us using OpenBSD will then have to switch to Windows since OpenBSD doesn't have MAC.


----------



## thuglife (Feb 27, 2010)

Better [conceptual] security model does not translate to better security, especially when you compare
a broken code base and a group of motivated people that are paranoid about what they do.



> There's nothing inherently more secure on *nix then it is on Windows.



I agree with this but given the actual implementation i would choose Windows only as my last resort.
I mean they rewrote(?!?) the TCP stack for vista and there are bugs like this. 

It's about people and their goals / motivation, Windows NT and NTFS have a nice design.
The actual result is an other story.


----------



## Beastie (Feb 27, 2010)

nu2fbsd said:
			
		

> What is pwn3d?


http://en.wikipedia.org/wiki/Pwn


----------



## oliverh (Feb 28, 2010)

Oko said:
			
		

> Well, I guess all of us using OpenBSD will then have to switch to Windows since OpenBSD doesn't have MAC.



*snicker*

There is a really big difference between Windows and the rest of the operating system world, you have to believe in Windows, but you can trust in UNIX. UNIX-people did their homework to some degree, whereas Windows-people are trying to sell some phrases and Linux is a copycat of those phrases. Being an administrator on UNIX is almost heaven on earth, being something like an administrator on Windows is just hell on earth.


----------



## jims (Feb 28, 2010)

I'm going to have to second SirDice here (Mostly). I wouldn't run a windows machine without firewalls and antivirus.

I haven't had an infected/hacked Windows machine between my desktops/servers since 1998. Likewise my FreeBSD/Linux installs have been unmolested (to my knowledge).

Likewise, I've had users where I've worked refused to believe their Mac or Linux box was compromised because "It's not Windows". Even if it was a compromised account and not root, that doesn't mean it wasn't doing bad things. Windows /was/ by far the most compromised system, but it was also the most popular.

The biggest threats to system security is bad administration, followed by bad users with too many rights. Too many rights on the latter is a default by Windows, but one that can be corrected by any decent admin.  Really, 90% of what a non admin needs to know is: "When it comes to the internet, paranoia is your friend. Assume everyone IS out to get you until proven otherwise. Even then, still suspect them."



That said, as you can see, it's a controversial topic. Everyone has their opinion, and I'm fairly sure nobody is right. It's probably too complex for anyone to wrap his/her head around, and everyone seems to gloss over certain parts to the benefit or detriment of the opinion of an operating system. You have to find what ends up being best for you.


Back to the more important topic. The checksum can be downloaded from where you got the ISO. You then have to calculate the checksum of the ISO you downloaded, and verify they are the same. I am not sure how to do this in a trivial manner in windows (I have cygwin installed, and it is trivial at that point, but installing cygwin tends to take a long time). In *nix you have md5[sum]? and sha256[sum]? applications (name varies by OS - last I used it on both, Linux and FreeBSD had differing names (one ended in sum, one didn't). `ls /bin /usr/bin/ /usr/local/bin | grep md5` should tell you the name format.


----------

