Re: M$ attack on Common Sense

conover_at_email.rahul.net
Date: 09/14/03

  • Next message: Kenneth Porter: "i8253 count too high, RH9 on HP ze4365us"
    Date: Sun, 14 Sep 2003 06:19:22 +0000 (UTC)
    
    

    Max Burke writes:
    > > conover@email.rahul.net scribbled:
    > > Sure, Jean-David. There are a lot of effective solutions to the buffer
    > > overrun problem. Some, as you point out, are quite straight
    > > forward-even elegant in their simplicity.
    >
    > > My point was, though, that a quarter of a century old commercial
    > > software company shouldn't be having these kinds of problems.
    >
    > Neither should Linux/OSS given that so many users [supposedly] eyeball
    > the code to prevent such things happening.....
    > Any Linux/OSS user want to explain why they still do happen in
    > Linux/OSS?
    >
    > FYI
    > http://www.partyvibe.com/flavour/linux/security.htm
    > http://www.linuxsecurity.com/advisories/index.html
    > http://www.opennet.ru/base/linux/
    > http://www.securityfocus.com/news/19
    > http://lists.debian.org/debian-security-announce/

    But its unclear whether Linux has more bugs, or the OSS peer review of
    code finds more-which are disclosed publicly. However, another
    important URL:

        http://www.cert.org/summaries/CS-2003-03.html

    where the CERT incident response team issued 15 advisories for
    Microsoft products, 3 for Cisco, and 0 for all brands of Unix and
    Linux, in the last 90 days.

    But you are right. Both Linux and Microsoft have far too many security
    bugs, in comparison to the other OSs like Solaris or the BSDs, or even
    OS-X.

    August was not a good month for Linux, either:

        http://www.globetechnology.com/servlet/story/RTGAM.20030911.gtlinuxsep11/BNStory/Technology/

    from a cracked systems POV. (Look at BSD's numbers in that page.)

            John

    -- 
    John Conover, conover@email.rahul.net, http://www.rahul.net/~conover
    

  • Next message: Kenneth Porter: "i8253 count too high, RH9 on HP ze4365us"

    Relevant Pages

    • Re: M$ attack on Common Sense
      ... >> overrun problem. ... But its unclear whether Linux has more bugs, or the OSS peer review of ... Microsoft products, 3 for Cisco, and 0 for all brands of Unix and ... Linux, ...
      (alt.computer.security)
    • Re: M$ attack on Common Sense
      ... >> overrun problem. ... But its unclear whether Linux has more bugs, or the OSS peer review of ... Microsoft products, 3 for Cisco, and 0 for all brands of Unix and ... Linux, ...
      (comp.os.ms-windows.nt.admin.security)
    • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
      ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
      (microsoft.public.windowsxp.general)
    • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
      ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
      (microsoft.public.windowsxp.basics)
    • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
      ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
      (microsoft.public.windowsxp.accessibility)