lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 12 Nov 2003 22:49:49 +0100
From: Mikael Olsson <>
Cc: martin f krafft <>,,
   full-disclosure people <>
Subject: Re: Funny article wrote:
> Certainly a vulnerability in Apache should not be a strike 
> against Linux, should it?

Of course it should.  You don't just "run an OS". Obviously, you
want your machine to actually do something useful.

Granted, you shouldn't count bugs in every single piece of 
linux/bsd software, the same way you shouldn't count bugs in
every piece of windows software out there, but counting bugs in 
the most commonly used ones is most certainly reasonable.

Well, that is, unless you restrict the bug count to only bugs 
in core OS functionality in _both_ cases, but, as I said, that's
not a very meaningful study.

(Note this is does _not_ mean that I think that Linux + popular
 software has more bugs than Windows + popular software.)

> I like how the article quoted Steve Ballmer comparing Windows 2000 Server and
> W2K3 Server with Red Hat 6. Why doesn't Ballmer compare the state of the art
> Windows OS' available at the time RH6 came out? Did Windows NT 4 not stack up
> as well against RH6 as W2K/3?

Agree fully.

Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW:

Full-Disclosure - We believe in it.

Powered by blists - more mailing lists