| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: peter at trusteddebian.org (Peter Busser) Subject: openssh remote exploit Hi! > Really ? I think you'll find that there are quite a number of people, > aside from myself, who think that the "1 exploit in X years" is on one > end of it as misleading and the other end, a lie, excluding this current > openssh problem. It's a statistic. 'nuf said. > Some people, like you, believe openbsd/openssh is the best software > that exists today. Others don't and I'm sure there are examples and > counter examples to prove either side. My only advice is try not to > take criticism of it personally. Q. What is the difference between a used car sales person and a computer sales person? A. The used car sales person knows when he is lieing. Decades of research on computer security have not provided any proof for the believe that you can turn an insecure operating system (like UNIX) into a highly secure system. It is like transforming a family car into an F1 racing car by putting an F1 motor in and attaching spoilers. Somehow I don't think such a car will win any race. Yet in the IT security field, a number of people claim that it is possible and that you can win every race too. Groetjee, Peter Busser -- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
Powered by blists - more mailing lists