lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3753.202.27.185.71.1081376192.squirrel@www.crypt.gen.nz>
From: kerry at crypt.gen.nz (Kerry Thompson)
Subject: Vulnerability response times -- MS and others

hggdh said:
[snip]
>
> Anyways... the report seems to indicate that Microsoft is the fastest
> on solving security issues.
>
> Comments?
>
>  --Comparing Windows and Linux Security
> (30 March 2004)
> Forrester Research has released a report titled "Is Linux More Secure
> Than Windows?"
[snip]

That explains something. I was being interviewed a couple of days ago by a
local ComputerWorld journo about my SELinux work and had been explaining
techo stuff like mandatory access controls and stuff, then he dropped that
question on me

"Research shows MS releases patches faster than Linux vendors. Which is
more secure Windows or Linux?"

Threw me completely. Its crap question to get when you're on the spot
thinking about other things and they want a short answer. I ummed and
ahhed for a minute, and was tempted to retort with something cynical like
"which is the better car - Toyota or Mazda?", but then I thought this guy
is being serious. I responded with something like "Its marginal. Any
competent sysadmin makes the question almost redundant. If any manager
asks such a question he needs to hire a better sysadmin". I don't know if
they'll publish that, I hope not because I certainly don't have a
reasonable overview of the whole MS-Linux security landscape.

Sometimes I think the media guys try to ignite the old OS religious wars
just to get extremist comments. They need a bucket of water throwing over
them.

Kerry.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ