Full Disclosure mailing list archives
Re: [Dailydave] Linux's unofficial security-through-coverup policy
From: "Joel Jose" <joeljose420 () gmail com>
Date: Fri, 18 Jul 2008 21:53:57 +0530
motivation to commit crime is well documented. Loads of hardwork must never result in a crime because of a silly error. I understand that no solution can be found if taken in isolation. But, why confuse others?. Why de-categorise it? Security has been a well-known category. Why the hurry to change it now? It makes one wonder, is there no hidden agenda to it. Well.. may be its all true that it was just for "correcting priorities". But am sure that it wont stop the security errors or the people who correct them. I just voiced my "initial" feelings. Lets see how things come by. joel. On Fri, Jul 18, 2008 at 9:38 PM, <Valdis.Kletnieks () vt edu> wrote:
On Fri, 18 Jul 2008 21:07:47 +0530, Joel Jose said:abetting the crime. But a GUI crash is always less severe. People can quickly loose trust in the software and the services that depend on them can be irrecoverably damaged.If continual GUI crashes cause people to lose trust in the operating system, that's *more* severe for that system than the occasional security issue.Think about it.... there are more people engaged in penetrating, propagating security holes than filing common bug reports.... it definitely isn't a time-waster for them.Do you have any numbers to back that up? RedHat/Fedora's bugzilla is sitting at well over 450,000 bugs now. Remember that *for the user who files the common bug report*, it's not a time-waster for *them* either.
-- As soon as men decide that all means are permitted to fight an evil, then their good becomes indistinguishable from the evil that they set out to destroy. - Christopher Dawson, The Judgment of Nations _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coverup policy M. Shirk (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Robert Peaslee (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Blue Boar (Jul 17)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy staff (Jul 17)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Valdis . Kletnieks (Jul 18)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Joel Jose (Jul 18)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 16)
- Re: Linux's unofficial security-through-coveruppolicy Garrett Groff (Jul 16)
- Re: [Dailydave] Linux's unofficial security-through-coverup policy Dave Aitel (Jul 17)
- Re: [Full-disclosure] [Dailydave] Linux's unofficial security-through-coverup policy Steve Grubb (Jul 17)
- Re: Linux's unofficial security-through-coverup policy Brad Spengler (Jul 17)