Re: UnixWare

[aem () symbiosis ahp com (a.e.mossberg)]

> From the desk of Gene Spafford:

> * Footnote: I'm running a security research lab here.  We've got a
> half-dozen projects under way on tools for existing systems, including
> Tripwire.  I approached one major vendor about some support for the
> next version of Tripwire and some work on an intrusion detection
> system.  The response: "We are not concerned about the security of our
> systems."  A second major vendor appears to have no one internally who
> is responsible for research into improved system security or tools for
> their products.  Sun Microsystems is the only vendor which has
> provided support for our work; I note they are also one of the few
> Unix vendors with active, visible internal research, accessible
> response personnel, and who make a real attempt to widely-publicize
> fixes in a timely manner -- without charge, too.  They aren't perfect,
> but they're trying.  Can the same be said about *your* vendor?  And if
> not, why are you giving them your business?


Since we've bought HP systems, I've seen HP go from having little
visible concern on security problems to significant active work on
providing access to their security staff and issuing, very quickly,
patchs for problems, which are now publically accessible.


So, yes, the same can be said of HP. 


aem
-- 
Andrew Mossberg      Network Administrator   Symbiosis Corporation,  Miami FL
(305) 597-4110 fax 597-4002, MD5OfPublicKey: 15784D117CC103912AEC427A3A99BA83