Re: M$ attack on Common Sense

conover_at_email.rahul.net
Date: 09/14/03


Date: Sun, 14 Sep 2003 06:19:22 +0000 (UTC)

Max Burke writes:
> > conover@email.rahul.net scribbled:
> > Sure, Jean-David. There are a lot of effective solutions to the buffer
> > overrun problem. Some, as you point out, are quite straight
> > forward-even elegant in their simplicity.
>
> > My point was, though, that a quarter of a century old commercial
> > software company shouldn't be having these kinds of problems.
>
> Neither should Linux/OSS given that so many users [supposedly] eyeball
> the code to prevent such things happening.....
> Any Linux/OSS user want to explain why they still do happen in
> Linux/OSS?
>
> FYI
> http://www.partyvibe.com/flavour/linux/security.htm
> http://www.linuxsecurity.com/advisories/index.html
> http://www.opennet.ru/base/linux/
> http://www.securityfocus.com/news/19
> http://lists.debian.org/debian-security-announce/

But its unclear whether Linux has more bugs, or the OSS peer review of
code finds more-which are disclosed publicly. However, another
important URL:

    http://www.cert.org/summaries/CS-2003-03.html

where the CERT incident response team issued 15 advisories for
Microsoft products, 3 for Cisco, and 0 for all brands of Unix and
Linux, in the last 90 days.

But you are right. Both Linux and Microsoft have far too many security
bugs, in comparison to the other OSs like Solaris or the BSDs, or even
OS-X.

August was not a good month for Linux, either:

    http://www.globetechnology.com/servlet/story/RTGAM.20030911.gtlinuxsep11/BNStory/Technology/

from a cracked systems POV. (Look at BSD's numbers in that page.)

        John

-- 
John Conover, conover@email.rahul.net, http://www.rahul.net/~conover


Relevant Pages

  • Re: M$ attack on Common Sense
    ... >> overrun problem. ... But its unclear whether Linux has more bugs, or the OSS peer review of ... Microsoft products, 3 for Cisco, and 0 for all brands of Unix and ... Linux, ...
    (comp.os.linux.misc)
  • Re: M$ attack on Common Sense
    ... >> overrun problem. ... But its unclear whether Linux has more bugs, or the OSS peer review of ... Microsoft products, 3 for Cisco, and 0 for all brands of Unix and ... Linux, ...
    (alt.computer.security)
  • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
    ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
    ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
    (microsoft.public.windowsxp.hardware)
  • Re: ***** sp2 bREAKS eVERYTHING!!!!! *****
    ... to do is to solve customers problems associated with MS unfinished products. ... > I have no doubts about Linux reliability, it is renown for such stability. ... > the site is and what such download is, ... I use non Microsoft products wherever possible which requires no activation. ...
    (microsoft.public.windowsxp.general)