lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <fe53c8c00807180923o432f24b0v82a44967c8749dca@mail.gmail.com>
Date: Fri, 18 Jul 2008 21:53:57 +0530
From: "Joel Jose" <joeljose420@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Dailydave] Linux's unofficial
	security-through-coverup policy

motivation to commit crime is well documented. Loads of hardwork must
never result in a crime because of a silly error. I understand that no
solution can be found if taken in isolation. But, why confuse others?.
Why de-categorise it? Security has been a well-known category. Why the
hurry to change it now? It makes one wonder, is there no hidden agenda
to it. Well.. may be its all true that it was just for "correcting
priorities". But  am sure that it wont stop the security errors or the
people who correct them. I just voiced my "initial" feelings. Lets see
how things come by.

joel.

On Fri, Jul 18, 2008 at 9:38 PM,  <Valdis.Kletnieks@...edu> wrote:
> On Fri, 18 Jul 2008 21:07:47 +0530, Joel Jose said:
>
>> abetting the crime. But a GUI crash is always less severe. People can
>> quickly loose trust in the software and the services that depend on
>> them can be irrecoverably damaged.
>
> If continual GUI crashes cause people to lose trust in the operating
> system, that's *more* severe for that system than the occasional security
> issue.
>
>>                                     Think about it.... there are more
>> people engaged in penetrating, propagating security holes than filing
>> common bug reports.... it definitely isn't a time-waster for them.
>
> Do you have any numbers to back that up?  RedHat/Fedora's bugzilla is
> sitting at well over 450,000 bugs now.  Remember that *for the user who
> files the common bug report*, it's not a time-waster for *them* either.
>



-- 
As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
 - Christopher Dawson, The Judgment of Nations

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ