lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070316202248.29347.qmail@cgisecurity.net>
Date: Fri, 16 Mar 2007 15:22:48 -0500 (EST)
From: bugtraq@...security.net
To: Mark@...software.com (Mark Litchfield)
Cc: bugtraq@...urityfocus.com, vulnwatch@...nwatch.org
Subject: Re: Your Opinion

I think an issue is that if they are providing an OS and charging for it, that it should have these security features
by default. The user shouldn't have to pay additional money to ensure the initial product they purchased
is secure. Not to mention of course certain vendors are going to start seeing a drop in business for certain products. I wonder
will this turn out like the IE/Netscape browser wars a few years ago?

Regards,
- Robert Auger
http://www.cgisecurity.com/ Application Security news and More
http://www.webappsec.org/
http://www.qasec.com/


> I have heard the comment "It's a huge conflict of interest" for one company 
> to provide both an operating platform and a security platform" made by John 
> Thompson (CEO Symantec) many times from many different people.  See article 
> below.
> 
> http://www2.csoonline.com/blog_view.html?CID=32554
> 
> In my personal opinion, regardless of the vendor, if they create an OS, why 
> would it be a conflict of interest for them to want to protect their own OS 
> from attack.  One would assume that this is a responsible approach by the 
> vendor, but one could also argue that their OS should be coded securely in 
> the first place.  If this were to happen then the need for the Symantec's, 
> McAfee's of the world would some what diminsh.
> 
> Anyway I am just curious as to what other people think.
> 
> Thanks in advance
> 
> Mark 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ