Re: Ten least secure programs
From: Chris Berry (compjma_at_hotmail.com)
Date: 07/02/03
- Previous message: Erik !: "Re: Ten least secure programs"
- Maybe in reply to: Patrick Boucher: "Re: Ten least secure programs"
- Next in thread: Tim Greer: "Re: Ten least secure programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Wed, 02 Jul 2003 13:39:49 -0700
>From: "Nick Warr" <nick@mobilia.it>
> > Well, I wasn't concerned with feature or useability bugs, only security
> > ones, so I don't agree. If your IE is fully patched and configured it's
>not
> > that bad. (though I personally use Mozilla instead because of the nice
> > features).
> >
>
>Why then are you putting sendmail on the list?
>Sendmail can be quite secure if kept up to date patchwise and configured
>properly (although I'd use qmail or postfix personally).
I was trying to point out that Sendmail has a long history of new exploits.
While IE also has something of the same, I haven't noticed that any of the
other browsers were any better, in fact I'd say netscape 4.x was worse. I
personally feel that browsers in general are vulnerable, but there isn't
much you can do about that since I'm not prepared to give up using the web.
>I really don't see where you're coming from with this list, you need to
>decide on your criteria, and stick to them.
>1. Inherently Flawed (kind of hard to quantify, but I guess outlook's
>execute code without user input is probably a good example, or telnet's
>complete lack of encryption).
That's mostly what I was looking for, programs etc. whose basic design is
poor and has a tendency to produce a higher amount of security problems than
their alternatives, my apologies if I was a bit unclear.
Chris Berry
compjma@hotmail.com
Systems Administrator
JM Associates
"Encrypt everything, and ask questions later."
_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
- Previous message: Erik !: "Re: Ten least secure programs"
- Maybe in reply to: Patrick Boucher: "Re: Ten least secure programs"
- Next in thread: Tim Greer: "Re: Ten least secure programs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
