[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070316202248.29347.qmail@cgisecurity.net>
Date: Fri, 16 Mar 2007 15:22:48 -0500 (EST)
From: bugtraq@...security.net
To: Mark@...software.com (Mark Litchfield)
Cc: bugtraq@...urityfocus.com, vulnwatch@...nwatch.org
Subject: Re: Your Opinion
I think an issue is that if they are providing an OS and charging for it, that it should have these security features
by default. The user shouldn't have to pay additional money to ensure the initial product they purchased
is secure. Not to mention of course certain vendors are going to start seeing a drop in business for certain products. I wonder
will this turn out like the IE/Netscape browser wars a few years ago?
Regards,
- Robert Auger
http://www.cgisecurity.com/ Application Security news and More
http://www.webappsec.org/
http://www.qasec.com/
> I have heard the comment "It's a huge conflict of interest" for one company
> to provide both an operating platform and a security platform" made by John
> Thompson (CEO Symantec) many times from many different people. See article
> below.
>
> http://www2.csoonline.com/blog_view.html?CID=32554
>
> In my personal opinion, regardless of the vendor, if they create an OS, why
> would it be a conflict of interest for them to want to protect their own OS
> from attack. One would assume that this is a responsible approach by the
> vendor, but one could also argue that their OS should be coded securely in
> the first place. If this were to happen then the need for the Symantec's,
> McAfee's of the world would some what diminsh.
>
> Anyway I am just curious as to what other people think.
>
> Thanks in advance
>
> Mark
>
Powered by blists - more mailing lists