| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3FB31EB3.8090604@linuxbox.org>
From: ge at linuxbox.org (Gadi Evron)
Subject: Microsoft prepares security assault on Linux
> IMHO the open source crowd fixes bugs a magnitude faster than the m$ lusers - check www.guninski.com,
>there are dates on which vendors were notified. Check the unpatched
exploder page to get an idea.
As much as generally and usually I'd vigorously agree with you, there is
a lot to be said for:
1. A serious (note serious) commercial company that has a crew working
on addressing security concerns, and updating the product.
2. A commercial company providing with liability (and responsibility)
for the software you use (in other words - someone to blame).
3. No source available for people to examine, thus making it, to a
level, harder to locate security "holes" - for outsides in any case.
I can come up with a few more.. but basically all I am saying is,
support open source, don't condemn commercial software. There is a
difference between the two ideologies, and one should follow/support
whichever suits him/her best. Constructive vs. destructive attitudes? :o)
--
Gadi Evron (i.e. ge),
ge@...uxbox.org.
The Trojan Horses Research mailing list - http://ecompute.org/th-list
My resume (Hebrew) - http://vapid.reprehensible.net/~ge/resume.rtf
PGP key for ge@...uxbox.org -
http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
Note: this key is used mainly for files and attachments, I sign email
messages using:
http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc
Powered by blists - more mailing lists