Bugtraq mailing list archives

Re: LAMP vs Microsoft

From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Sun, 16 Jul 2006 12:33:58 +0200 (CEST)

On Tue, 11 Jul 2006, Bob Beck wrote:

And I think vulnerabilities disclosed are a much better indicator
of the changes to QA/development of products than any hyperbole
from those responsible (be it management or developers.)


      No, I think vulnerabilities disclosed is simply a measure of how much
development and deployment is happening on the platform. period.


I think that is rather inaccurate. I know companies like ISS claim on
internal presentations that they do a lot of code auditing for companies
like Microsoft. These audits are never publicly available and may contain
significant numbers you can not see with closed-source products. The same
procedure simply is not availble to open-source products which are
developed in a completely different way.

So I think that unless one can get these indoor figures out on the street
there is no way you can compare figures.

Hugo.

-- 
        I hate duplicates. Just reply to the relevant mailinglist.
        hvdkooij () vanderkooij org             http://hvdkooij.xs4all.nl/
                Don't meddle in the affairs of magicians,
                for they are subtle and quick to anger.

Current thread:

Re: LAMP vs Microsoft, (continued)
- Re: LAMP vs Microsoft Jarrod Frates (Jul 10)
- Re: LAMP vs Microsoft Bob Beck (Jul 10)
  - Re: LAMP vs Microsoft Darren Reed (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 15)
    - Re: LAMP vs Microsoft Darren Reed (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 15)
    - Re: LAMP vs Microsoft Bob Beck (Jul 18)
    - Re: LAMP vs Microsoft Darren Reed (Jul 22)
    - Re: LAMP vs Microsoft George Capehart (Jul 18)
    - Re: LAMP vs Microsoft Darren Reed (Jul 18)
    - Re: LAMP vs Microsoft Hugo van der Kooij (Jul 18)
  - Re: LAMP vs Microsoft Joel Maslak (Jul 15)
- Re: LAMP vs Microsoft Steven M. Christey (Jul 12)