Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Funny article

From: David Maynor <dave () 0dayspray com>
Date: Wed, 12 Nov 2003 19:46:04 -0500
On Wed, Nov 12, 2003 at 10:49:49PM +0100, Mikael Olsson wrote:

Of course it should.  You don't just "run an OS". Obviously, you
want your machine to actually do something useful.


I disagree. If its a 3rd party app if should not count against the OS
unless every instance of the OS runs that app.


Granted, you shouldn't count bugs in every single piece of 
linux/bsd software, the same way you shouldn't count bugs in
every piece of windows software out there, but counting bugs in 
the most commonly used ones is most certainly reasonable.


What about apps that run on both windows and linux? When you start
counting 3rd party apps in the equation, you are throwing a horrible
slant into the mix. This is similar to getting a new 3rd party part for
your car then blaming the carmaker when that part fails. Microsoft needs
to include things like apache becasue the make both their OS and the
webserver, so a comaprsion of security flaws broken down by responsible
groups would make Microsoft look horrible.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: