| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dcopley at eEye.com (Drew Copley) Subject: (IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs > -----Original Message----- > From: Georgi Guninski [mailto:guninski@...inski.com] > Sent: Thursday, July 01, 2004 12:41 AM > To: Drew Copley > Cc: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] (IE/SCOB) Switching Software > Because of Bugs: Some Facts About Software and Security bugs > > your long post seems like an advanced FUD to me. No, it comes from working in the software field... in development and QA... "Fear, uncertainity, and doubt"? I said nothing scary... should not be scary to anyone... I surely said nothing which would make anyone "doubt", and I surely said nothing to make someone unsure -- so please do not falsely accuse me because you *think* I said something. If you have a problem with something I say, please point it out. Otherwise, please do not slander me because you think you have a problem with something I have said. It seems you missed what I was saying and just skipped over everything. I will be blunt and say, you must think I said something positive about Microsoft and not positive about open source. So, you are attacking me. However, I did not. So, please do not force me to waste my time to defend something I did not even say, that is really annoying. > > according to your reasoning there should be a lot of worms > and exploits for > apache because of its market share. fact is ii$ is plagued by > worms and > exploits though it has a small market share. That is not my reasoning. That is not what I said. Yes, Apache is an example of a really good software product. It has been really well tested. The last notable IIS bug, the chunked encoding bug from last year... was later cut and paste to test with Apache. It worked on Apache. Then, we tested it on Netscape Enterprise. It worked there. We might assume, therefore, since the same complicated bug was on each system and one of these systems was open source that... the bug came from Apache. But, so did the feature. This bug was last Spring, though, late Spring. Yes, it was found by us, as most IIS bugs have been. Not that I like IIS... These things said, it might be noted, the default landscape of both Apache and now, Windows 2003 IIS, are both extremely sparse. They do not have webdav or anything like this. But, I am not sure why you are trying to put words in my mouth... You test Linux. You use Linux. You used to test Windows. You used to use Windows. I am sure you, no doubt, have serious hatred of Microsoft. That is extremely obvious. But, you have been attacked viciously by them in the press over and over again. No offense... just telling the truth as I see it... > > On Wed, Jun 30, 2004 at 01:55:17PM -0700, Drew Copley wrote: > > There has been a great deal of talk about people > > switching to Mozilla because of this recent Internet > > Explorer issue. > > > > >
Powered by blists - more mailing lists