| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Mar 2007 15:22:48 -0500 (EST) From: bugtraq@...security.net To: Mark@...software.com (Mark Litchfield) Cc: bugtraq@...urityfocus.com, vulnwatch@...nwatch.org Subject: Re: Your Opinion I think an issue is that if they are providing an OS and charging for it, that it should have these security features by default. The user shouldn't have to pay additional money to ensure the initial product they purchased is secure. Not to mention of course certain vendors are going to start seeing a drop in business for certain products. I wonder will this turn out like the IE/Netscape browser wars a few years ago? Regards, - Robert Auger http://www.cgisecurity.com/ Application Security news and More http://www.webappsec.org/ http://www.qasec.com/ > I have heard the comment "It's a huge conflict of interest" for one company > to provide both an operating platform and a security platform" made by John > Thompson (CEO Symantec) many times from many different people. See article > below. > > http://www2.csoonline.com/blog_view.html?CID=32554 > > In my personal opinion, regardless of the vendor, if they create an OS, why > would it be a conflict of interest for them to want to protect their own OS > from attack. One would assume that this is a responsible approach by the > vendor, but one could also argue that their OS should be coded securely in > the first place. If this were to happen then the need for the Symantec's, > McAfee's of the world would some what diminsh. > > Anyway I am just curious as to what other people think. > > Thanks in advance > > Mark >
Powered by blists - more mailing lists