lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1156487157.15480.54.camel@wssyg02.sygroup-int.ch>
Date: Fri, 25 Aug 2006 08:25:57 +0200
From: Tonnerre Lombard <tonnerre.lombard@...roup.ch>
To: Ajay Pal Singh Atwal <ajaypal@...bec.org>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Microsoft product vs Microsoft patch

Salut,

On Fri, 2006-08-25 at 08:54 +0530, Ajay Pal Singh Atwal wrote:
> Ahhh well maybe we are forgetting the actual **for_real_men**
> technique for patching vulnerabilities and problems that can only be
> applied to GNU/ Linux like systems.
> 
> The diff files (aka patch files), applied directly to the source code,
> can you match their efficiency in terms of bandwidth.

Excuse me, do you happen to use Gentoo? ;-)

No customer in the right mind would do this though, especially since you
can get problems with compiler bugs easily so no manually compiled
package can ever be supported by any manufacturer, simply because the
binary might always come out different, depending on the system
configuration. Thus, there wouldn't be any way for the distributor to
test and torture the packages, so no distributor in the right mind would
ever want to waste time supporting your build.

Binary patches, like with xdelta, don't share these problems. They do
have a whole lot of different problems though which invalidate the
measurement as well.

				Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33    Roeschenzerstrasse 9
Fax:+41 61 383 14 67    4153 Reinach BL
Web:www.sygroup.ch      tonnerre.lombard@...roup.ch

Download attachment "signature.asc" of type "application/pgp-signature" (825 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ