lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: mvp at joeware.net (joe) Subject: IE Web Browser: "Sitting Duck" I don't think anyone can propose a realistic test at this point in time. I don't think one is possible until you get some sort of large non-techno weenie installed based going for the *nix or another OS for that matter. As another poster pointed out, the diversity and chaos in the open source world right now helps contribute to its safety as there is no large exposed surface in terms of Microsoft large. Plus MS simply makes good news. Once more non-weenies hit the OS and start doing things, something will start to take a majority because friends will tell their other friends about this specific version and the people running it won't be of the type to keep swapping things around and trying other things and someone will come up with some decent marketing or distribution method that appeals to the mass market. In terms of marketing and distribution right now from what I see that could very well be Lindows aka Linspire. I'm waiting for them to start giving away Lindows PCs to schools actually like Apple did/does. They have Apple beat because while a school could get it cheap, little billy at home wasn't so lucky as mom and dad looked at the price in the store and said no way. Do that with Lindows PCs, then mom and dad go to Walmart because billy talks about how he likes it so much and low and behold they see on shelf a whole PC for $300 or so dollars. Hopefully they keep Lindows on it instead of realizing, hey this isn't what mommy and daddy like and go to ebay and buy a pirated copy of XP that can't be updated with security fixes because MS in its infinite wisdom decided that people who don't buy legit don't get to have security. You want to complain about MS, complain about that. I can say in my experience that I have seen fewer RSTS/E worms and viruses than *nix but it doesn't mean it is more secure. At that point though there weren't lists going around distributing the holes to the kids to exploit and people going oh my god, DEC is evil, RSTS/E sucks, SunOS is MUCH better and more secure. If we found a really bad issue, we would tell DEC and we would tell any companies we were friendly with that we knew were running the same thing. I guess we weren't quite as religious then. If we wanted religion, we went to church. We simply used computers to do our jobs. joe -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Bruce Ediger Sent: Wednesday, July 07, 2004 8:41 AM To: FULL-DISCLOSURE@...ts.netsys.com Subject: RE: [Full-Disclosure] IE Web Browser: "Sitting Duck" <SNIP> Can you propose a test of the install-based theory? If not, I wish you wouldn't use it, it's little more than special pleading for the use of Microsoft products.
Powered by blists - more mailing lists