Full Disclosure mailing list archives
Re: [Dailydave] Linux's unofficial security-through-coverup policy
From: Valdis.Kletnieks () vt edu
Date: Fri, 18 Jul 2008 12:08:00 -0400
On Fri, 18 Jul 2008 21:07:47 +0530, Joel Jose said:
abetting the crime. But a GUI crash is always less severe. People can quickly loose trust in the software and the services that depend on them can be irrecoverably damaged.
If continual GUI crashes cause people to lose trust in the operating system, that's *more* severe for that system than the occasional security issue.
Think about it.... there are more people engaged in penetrating, propagating security holes than filing common bug reports.... it definitely isn't a time-waster for them.
Do you have any numbers to back that up? RedHat/Fedora's bugzilla is sitting at well over 450,000 bugs now. Remember that *for the user who files the common bug report*, it's not a time-waster for *them* either.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coverup policy M. Shirk (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Robert Peaslee (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Blue Boar (Jul 17)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy staff (Jul 17)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 18)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coveruppolicy Garrett Groff (Jul 16)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Dave Aitel (Jul 17)
- Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Steve Grubb (Jul 17)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 17)