Full Disclosure mailing list archives
Re: Microsoft prepares security assault on Linux
From: "Charles E. Hill" <chill () herber-hill com>
Date: Wed, 12 Nov 2003 16:15:14 -0800 (PST)
<snip>
2. A commercial company providing with liability (and responsibility) for the software you use (in other words - someone to blame).
What commercial software company actually offers guarantees and some form of liability? I've *never* heard of anyone successfully suing MS or Oracle or anyone else for their software screwing up. SAYING you can blame Microsoft is one thing -- doing it (other than pointing fingers) is another.
3. No source available for people to examine, thus making it, to a level, harder to locate security "holes" - for outsides in any case. Gadi Evron (i.e. ge), ge () linuxbox org.
You mean like the backdoor inserted -- by company programmers -- into Borland's/Inprise's Interbase database? The one that wasn't discovered until the program was open sourced - several YEARS later? Yes, it had been exploited for YEARS by the hacking community. Putting it bluntly, auditing takes time and skill. Closed source companies main priority are NOT stability and security, but "good enough" so they can sell more software. Dedicating programmers to do nothing but fix bugs is a waste of company resources, after that "good enough" line is crossed. At least with open source I have the option of either fixing little bugs myself, or paying someone to do it. With closed source, my business is at the mercy of the software company. Charles E. Hill Senior Partner Herber-Hill LLC _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: [Full-Disclosure] why commcerical software *could* be better [WAS: Re: Microsoft prepares security assault on Linux], (continued)
- Re: [Full-Disclosure] why commcerical software *could* be better [WAS: Re: Microsoft prepares security assault on Linux] Jeremiah Cornelius (Nov 12)
- Re: [Full-Disclosure] why commcerical software *could* be better [WAS: Re: Microsoft prepares security assault on Linux] vb (Nov 12)
- Re: why commcerical software *could* be better Gadi Evron (Nov 12)
- Re: why commcerical software *could* be better vb (Nov 12)
- clarification - reasons as to why commercial software *could* be better Gadi Evron (Nov 12)
- Re: clarification - reasons as to why commercial software *could* be better Brent J. Nordquist (Nov 13)
- Re: clarification - reasons as to why commercial software *could* be better vb (Nov 13)
- Re: why commcerical software *could* be better David Maynor (Nov 12)
- Re: why commcerical software *could* be better [WAS: Re: [Full-Disclosure] Microsoft prepares security assault on Linux] Georgi Guninski (Nov 12)
- Re: why commcerical software *could* be better Gadi Evron (Nov 12)
- Re: Microsoft prepares security assault on Linux Charles E. Hill (Nov 12)
- Re: Microsoft prepares security assault on Linux vb (Nov 13)
- Re: Microsoft prepares security assault on Linux Luis Bruno (Nov 13)
- kievonline.org "were back" Maxime Ducharme (Nov 13)
- AW: kievonline.org "were back" Michael Linke (Nov 13)