Dailydave mailing list archives
Re: [Full-disclosure] Linux's unofficial security-through-coverup policy
From: "Thomas Ptacek" <tqbf () matasano com>
Date: Fri, 18 Jul 2008 10:49:58 -0500
And Linus's point is that many of those regressions matter *more* than most security bugs, because they can totally hose your system too - corrupt filesystems, cause system hangs and lockups, poor performance, and who knows what else.
And this is where Linus lapses into crazy talk, because data corruption bugs are far less important than vulnerabilities that can compromise my mom's credit card numbers and bank accounts. Bugs don't have adversaries. Vulnerabilities do. But I feel Linus' pain. -- --- Thomas H. Ptacek // matasano security read us on the web: http://www.matasano.com/log _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy M. Shirk (Jul 16)
- Message not available
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Message not available
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Dave Aitel (Jul 17)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Thomas Ptacek (Jul 17)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 18)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Thomas Ptacek (Jul 19)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy nnp (Jul 19)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy pageexec (Jul 19)
- Re: [Full-disclosure] Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: [Dailydave] [Full-disclosure] Linux's unofficial security-through-coverup policy Steve Grubb (Jul 17)