, SecurityFocus 2000-04-17
Is Open Source really more secure than closed? Elias Levy says there's a little security in obscurity.
Expand all |
Post comment
Netscape developers are weenies!
2000-04-17
Anonymous (2 replies)
Anonymous (2 replies)
Bug *fixes*...?
2000-04-17
Anonymous (2 replies)
Anonymous (2 replies)
Re: bug fixes
2000-04-17
David Terrell <dbt (at) meat (dot) net [email concealed]> (2 replies)
David Terrell <dbt (at) meat (dot) net [email concealed]> (2 replies)
Examine the record...
2000-04-17
Anonymous (1 replies)
Anonymous (1 replies)
Comparing Apache and IIS is wrong
2000-04-17
Anonymous (2 replies)
Anonymous (2 replies)
You've made several critical mistakes in your comment.
2000-04-17
Bruce Perens <bruce (at) perens (dot) com [email concealed]> (3 replies)
Bruce Perens <bruce (at) perens (dot) com [email concealed]> (3 replies)
Sorry about the bad formatting.
2000-04-17
Bruce Perens <bruce (at) perens (dot) com [email concealed]>
Bruce Perens <bruce (at) perens (dot) com [email concealed]>
Re: Bruce Parens' Defense of Open Source
2000-04-17
David Terrell <dbt (at) meat (dot) net [email concealed]> (2 replies)
David Terrell <dbt (at) meat (dot) net [email concealed]> (2 replies)
How to respond to past reports of vulnerability
2000-04-17
Bruce Perens <bruce (at) perens (dot) com [email concealed]> (1 replies)
Bruce Perens <bruce (at) perens (dot) com [email concealed]> (1 replies)
Re: How to respond to past reports of vulnerability
2000-04-18
David Terrell <dbt (at) meat (dot) net [email concealed]> (1 replies)
David Terrell <dbt (at) meat (dot) net [email concealed]> (1 replies)
I don't think you get what he's talking about, Dave...
2000-04-19
Barry Fitzgerald <reaperx1 (at) netscape (dot) net [email concealed]> (1 replies)
Barry Fitzgerald <reaperx1 (at) netscape (dot) net [email concealed]> (1 replies)
Thanks for the additional info but...
2000-04-17
Anonymous (1 replies)
Anonymous (1 replies)
Trust-worthyness and ability to spot bugs
2000-04-17
Bruce Perens <bruce (at) perens (dot) com [email concealed]>
Bruce Perens <bruce (at) perens (dot) com [email concealed]>
Skill is always at a premium
2000-04-17
Christopher Petrilli <petrilli (at) amber (dot) org [email concealed]> (1 replies)
Christopher Petrilli <petrilli (at) amber (dot) org [email concealed]> (1 replies)
Who found the sendmail bug?
2000-04-17
Brett <disfunct (at) radiusnet (dot) net [email concealed]> (1 replies)
Brett <disfunct (at) radiusnet (dot) net [email concealed]> (1 replies)
Morris didn't find the Sendmail bug
2000-04-20
Rick Smith <rick_smith (at) securecomputing (dot) com [email concealed]>
Rick Smith <rick_smith (at) securecomputing (dot) com [email concealed]>
to expand on what i said earlier.
2000-04-17
Brett <disfunct (at) radiusnet (dot) net [email concealed]>
Brett <disfunct (at) radiusnet (dot) net [email concealed]>
So what you're saying is that open source software is often as insecure as closed-source software is most of the time.
2000-04-18
Anonymous
Anonymous
Correct the facts and the conclusions stand strong
2000-04-21
Rick Smith <rick_smith (at) securecomputing (dot) com [email concealed]>
Rick Smith <rick_smith (at) securecomputing (dot) com [email concealed]>
Original Bugtraq mailing list description?
2000-04-21
Robert Quinn <rquinn (at) pobox (dot) com [email concealed]>
Robert Quinn <rquinn (at) pobox (dot) com [email concealed]>
but the strengths in having source code are:
1 - problem can be solved (nearly) immediately
2 - more likely to notice other holes while fixing
existing hole.
it is true that most don't (moreover, can't) audit every
line of code running on their system, however, it only
takes one person able to audit a piece of software to
provide the fix (or exploit:) to everyone.
</pre>
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/19/1384#1384