RE: (IE/SCOB) Switching Software Because of Bugs: Some Facts About Software and Security bugs

["Drew Copley" <dcopley () eEye com>]

> -----Original Message-----
> From: Barry Fitzgerald [mailto:bkfsec () sdf lonestar org] 
> Sent: Wednesday, June 30, 2004 3:07 PM
> To: Drew Copley
> Cc: full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] (IE/SCOB) Switching Software 
> Because of Bugs: Some Facts About Software and Security bugs
>
> Drew Copley wrote:
>
> > Conclusion: Mozilla may be better. I think there is some strong
> > chance of that. But only marginally. It has had bugs. It has a lot
> > of features, which means a lot of potential for security issues. They
> > have kept their browser more conservative then Microsoft has kept
> > Internet Explorer. Traditionally, Mozilla developers have been
> > far more "RFC compliant" - as the saying goes then Microsoft. 
> >
> >
> >
> >  
>
> Hello Drew,
>
>        I'll start with my own disclaimer.  I have been a Free 
> Software 
> developer in the past and my bias is hereby established. 
>
>        However, while I agree with the general point that any 
> piece of 
> software will have bugs and switching simply because a bug has been 
> found is a bad idea, to say that is not to say that all bugs 
> are equal.  
> (I know that that's not what you were saying, but I know that someone 
> will read into what was said that way.)  I'm sure that MS Calc has 
> bugs.  I know, though, that MS Calc's bugs are, most likely, 
> not going 
> to allow black hats to compromise systems and steal people's data. 

I covered this in the paper.

I realize it was really long, apologies for that.

Of course, there is a factor of "footprint" or "landscape".


<snip>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html