lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <001e01c48566$57469b60$9c03973f@LUFKIN.DPSOL.COM>
From: purdy at tecman.com (Curt Purdy)
Subject: [ok] RE: MS should re-write code with security in mind

Clairmont, Jan M wrote:
> M$ should just bite the bullet and re-write windows with 
> security in mind, give it a true process scheduler, multi-user
> with windows as a client server processes.
<snip>

It ain't gonna happen.  There is so much legacy code, dating all the way
back to NT 3.5 in 2K XP that no-one really knows how it works.  Of course,
that is the beauty of open-source, lots of people know how Linux works.  

Of course you don't have to be open-source to be secure, as Netware was
always built with security in mind.  Novell engineers have a saying, "We
patch Netware twice a year whether it needs it or not."  I hate to see it
go.  I love SuSE linux, am running the 64-bit version on AMD, but I wish
they were keeping the Netware kernal also, for my security-critical clients.
Sadly, the days of not having to run around patching servers all the time
will be gone after Netware 7.

BTW, when I have to run windows (rarely), I start a VMWare session under
SuSE, do what I need, and close it out as quickly as possibe, after checking
for patches of course ;)

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 2384 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040818/06f6f999/winmail.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ