Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Is OpenVZ 6 still secure? - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is OpenVZ 6 still secure?

2»

Comments

  • LosPollosHermanosLosPollosHermanos Member
    edited January 2020

    LosPollosHermanos said: There are still people using OVZ 5 nodes without problems.

    Irrelevant.

    These security discussions are always kind of cringey to read imo. 99% of the comments are just people saying stuff they have 0 understanding of because anyone can tell you things are not secure. If it's connected to the internet it will never be secure. That doesn't really answer the question.

    What is the question? Seems to me the question is "what can we do to make things as secure as possible?"

    Another annoying thing lazy google commandos do is post some security vulnerability they found by spending 5 seconds doing a search without really inderstanding the implications. Again, it's not based on any sort of expertise or deep understanding.

    ...which you possess? Though later you say you don't, so...

    I'm happy to admit that I am not a security pro. But I know enough that using unpatchable, out of date software is a mistake. This is because I don't know the code perfectly. If I knew the code backwards and forward, that would be a different story. But in this case I don't, no one does, and you certainly don't either.

    And of course you have the reasoning "why even take a chance" as justification. Again, doesn't answer the question of if something is secure and/or how secure and is one of the laziest responses possible, most likely coming from someone who is too lazy to take the time to understand any of it themselves.

    Bullshit. You're arguing that unless someone has read all of /usr/src and knows it perfectly to the point that they can guarantee to themselves that there's no security bugs, they're "too lazy to take the time".

    You are ALWAYS taking a chance just by connecting something to the internet. I am not claiming to be an expert but I my approach is quite different and based on what I have read from a cross-section of actual security experts who truly understand what 'security' means. I am running old stuff a lot of people will tell you not to run because there are dragons and scary stuff booga booga. The difference is that I took the time to understand the implications, assessed the risk based on my usage profile, and in many cases implemented my own security fixes as needed. So I don't live in fear of the unknown like a lot of people because I took the time and put in the effort to understand.

    LOL...so you are maintaining OVZ 5 or 6 with your own security patches?

    We're not talking about some wordpress theme that you've touched up when there's a timthumb bug.

    Your attitude is nonsensical. You're too studly to upgrade but you're not an expert. But you've implemented your own security fixes and done your own analysis because you're an expert. Booga booga indeed.

    Who are these "actual security experts" who'd advise running out of date, unpatchable software? All the ones I've read advise keeping your shit patched up. Where do you think best practices like that come from? Answer: actual security experts.

    Ironically, doing the work of upgrading systems to OVZ 7 sounds a lot less lazy to me than "assessing the risk based on my usage profile" and saying you don't need to upgrade.

    Maybe you should learn how to do some of this stuff before criticizing those of us who can.

  • defaultdefault Veteran

    I also cancelled all my servers with OVZ6. Technology evolves.

Sign In or Register to comment.