Security: Unix versus Windows
From: Jeroen van Drie (jvdev_at_3va.net)
Date: 11/03/03
- Previous message: Thompson, Michael: "RE: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
- In reply to: Lucas Holt: "Re: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
- Next in thread: Warwick Molloy: "Re: Security: Unix versus Windows"
- Reply: Warwick Molloy: "Re: Security: Unix versus Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: secprog@securityfocus.com Date: Mon, 3 Nov 2003 18:19:25 +0100
We all know that most operating systems and software suffer from identical
flaws no matter what their origin and dev model is. Whatever can be said in
favour of one development model can equally be argued against it. For example
the fact that Windows is closed source means joe avg can't audit the source
for vulnerabilities to fix them while at the same time joe avg can't audit
the source for vulnerabilities to exploit them. And this single point can be
argued to great depth and always ends in one side questioning the other sides
understanding of the subject matter.
My personal belief is that the open source development model is superior to
closed source equivalents including microsofts on many fronts including
security. But I am an open source jesuit and the debate is so religiously
controversial it is like the marihuana debate where one half claims it's
harmless if not healthy and the other claims it's harmful and dangerous.
Studies are always biased, reality is never objective and the debate could
have been engendered by the jesuites.
And never shall the twain meet. I'm not at all sure if the discussion we are
having here is worth having anymore.
How about what Bill Joy Co fouder of Sun had to say about C though?
http://www.interesting-people.org/archives/interesting-people/200310/msg00034.html
quote "You have to find a way to structure your systems in a safer
way. Writing everything in Java [a programming language created by Sun]
will help, because stuff written in antique programming languages like C [a
widely used language created by Bell Labs in the early 1970s] is full of
holes. Those languages weren't designed for writing distributed programs to
be used over a network. Yet that's what Microsoft still uses. But even Java
doesn't prevent people from making stupid mistakes."
To what degree does Java lean on libraries that have been written in C though?
- Previous message: Thompson, Michael: "RE: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
- In reply to: Lucas Holt: "Re: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows"
- Next in thread: Warwick Molloy: "Re: Security: Unix versus Windows"
- Reply: Warwick Molloy: "Re: Security: Unix versus Windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
