[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040227223058.GA11508@piper.madduck.net>
From: madduck at madduck.net (martin f krafft)
Subject: Re: Knocking Microsoft
also sprach James P. Saveker <james@...goat.net> [2004.02.27.2115 +0100]:
> I do not understand why people knock Microsoft so much in regard to security
> today. I regularly hear people talking about how many vulnerability's
> Microsoft has and how poor this is.
Because their design is flawed. They made software to be colourful,
and now they try to make it secure. UNIX was made to be secure, and
now they are adding colours.
> As everybody subscribing to this list and similar zone-h, bugtraq
> etc will know Linux has many warnings posted also.
Yeah sure, but these get fixed within hours, and you can't forget:
UNIX has 15 different web server, 15 different mail servers, 15
different this and 15 different that, where Windoze has 1 and 1 and
1 and 1. Thus, multiply the windows bugs by 15 and then try again!
Also, most Linux bugs are local exploits. Or at least: there are far
fewer remote exploits for Linux than for Windows. We are talking
about servers. What's more dangerous?
> Yet I rarely hear people talking about that and indeed how it is
> far more difficult to keep linux distro's up to date.
Obviously you've never tried Debian. You can't get it easier than
that. And hardly much more secure at the same time.
> Windows has a far greater end user base than any other operating
> system. It would be a fair assumption to then say that perhaps
> virus writers and "hackers" are going to look for ways to exploit
> windows far more than other "end user" system in order to gain
> greater penetration.
Agreed. If they own the market, they should take proper care
according to that responsibility. In the future, when Linux will
take over more and more, you'll see the benefit of building things
atop a secure base rather than the way Microsoft does things.
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@...duck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
"there are two major products that come out of berkeley: lsd and unix.
we don't believe this to be a coincidence."
-- jeremy s. anderson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040227/2bfb0e03/attachment.bin
Powered by blists - more mailing lists