Sean wrote: > Does haiku even offer any reasonably easy exploits ? it lacks many features > AFAIK that would offer a path of explotation to begin with. > I had a hardcore linux hacker in my house try to hack my haiku machine for > giggles once. He didnt get anywhere with it. You won't get very far trying to hack Haiku in its default settings; there shouldn't even be any open ports. If SSH is turned on, it will be as hard to hack as any other system using a current OpenSSH package. The only real threat is via bugs in user applications like the WebPositive, MediaPlayer, Mail, or ImageShow (resp. the add-ons juggling the data in the background). IOW you will somehow need the user to open your files or web site that exploits a bug, and manage to execute code on his system. While we use ASLR, and the no-execute bit, there might be ways to work around those. Since you usually run as root, once someone manages to run code locally, it can do all sorts of damage, and not just to your own files, but it could also install a key logger, for example. The latter is something that multi user might actually be able to prevent, the rest is pretty much the same as on any other system with those security features. In theory, that makes it more secure than FreeBSD, for example, which does not support ASLR yet AFAIK. Also, Windows only has it enabled for applications that are built with that feature. And since we're using (with the exception of ffmpeg) up to date open source libraries, I think there should not be much of a problem using Haiku on a network (compared to other systems). Bye, Axel.