Are you a real Linux Pro ?

mikeckm

http://www.linuxfoundation.org/p ... nd-user-report-2014

睇完笑左

ronstudio

Actually in HK really not much people talking about Linux, most corporation may not even care about it. Even for securities firm which involve money transaction, I wonder how much would those company put the resources on it?
http://hk.apple.nextmedia.com/financeestate/art/20140303/18643777
巡查逾廿間持牌法團　防黑客入侵　證監揭業界保安漏洞

mikeckm

Actually in HK really not much people talking about Linux, most corporation may not even care about  ...
ronstudio 發表於 2014-3-3 12:59

香港好多細證券行，都係幾部電腦裝左第三代自動對盤系統客戶端，加部 Tower Server，裝左個條 Cert經VPN，加隻 Appliance Firewall，就算數，幾年前上份工有個 Project 係幫一間呢類型公司做 Infra，前個掛個舊同事上去 onsite，大家食飯講起，原來由頭到尾都無人 Audit 過，隻 Sonicwall d rule 自起好無改過和無人睇過 d log，大把 Common Port 開曬，呢 d 公司只係睇 Budget，已為有隻 Firewall 就無事！唔洗跟唔洗做野。

ronstudio

For those ATS/MWS system, maybe this could still be fine. As they may be the leased line to HKEX for placing orders only. But these days if those securities firm want to support online trading, which are now facing the Internet directly, it should be a very dangerous thing without corresponding knowledge behind the security.

It's quite easy to think of the risk involved. An online securities system must somehow link to a database for checking the client's portfolilo, cash balance and stock holding. So someone who gained access to these online trading system potentially means obtaining the info of the client database as well.

haha, maybe while we keep complaining the companies not focus enough on IT investment, actually the IT knowledge of most of us not good enough to exploit the security risk of these system. So there is really no demand for those companies to increase their funding on IT investment at all.