Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Microsoft: Closed source is more secure
Kevin Poulsen, SecurityFocus 2001-04-12

Redmond's security response chief warns the RSA Conference of the perils of open source.

Comments Mode:
Security under MS products VS. Linux, *BSD 2001-04-12
giard.pascal (at) teccart.qc (dot) ca [email concealed]
Now I know 2001-04-12
Anonymous
Crock of sh*t... 2001-04-12
Jim Powers
wow, that's a lot of spin 2001-04-13
wiggum
OpenBSD 2001-04-13
Carl Thomas
MS - Lipner Comments 2001-04-13
Nilanjan Chaks
RE: Microsoft: Closed source is more secure 2001-04-13
Kimico Myers
opensource less secure? 2001-04-13
osiris
Microsoft should get a clue. 2001-04-13
Reaperx1
He's low on credibility 2001-04-13
Ajay Shah
I don´t a gree that Open Source Software is "Boring and Expensive" 2001-04-13
Manuel
Wha?? 2001-04-13
bleezer (at) plz (dot) com [email concealed]
FUD 2001-04-13
x3co
Closed source more secure? Really? 2001-04-13
counter_counterinsurgency (at) nospam.hotmail (dot) com [email concealed]
Is Microsoft code more secure than open alternatives? 2001-04-13
Larry Fahnoe <fahnoe (at) FahnoeTech (dot) com [email concealed]>
Open Souce security 2001-04-13
Charles E. Hill
Microsoft: Closed source is more secure FSVO secure 2001-04-13
Shmuel (Seymour J.) Metz <shmuel (at) acm (dot) org [email concealed]> (2 replies)
Closed source burdened by "boring, expensive" QA 2001-04-16
counter_counterinsurgency (at) nospam.hotmail (dot) com [email concealed]
Microsoft: Closed source is more secure FSVO secure 2001-04-17
bassethound2 (at) yahoo (dot) com [email concealed]
Amazing who __finds__ the holes in Windows 2001-04-13
Will
Going through the motions != Security 2001-04-13
topeka (at) catchen (dot) org [email concealed]
Closed source software is secure 2001-04-13
soumyac (at) bigfoot (dot) com [email concealed]
An observation 2001-04-13
Harry G
Which explains why... 2001-04-13
Con Zymaris, CEO Cybersource Pty. Ltd. Australia
MS product line the best proof against Steve Lipner's arguments. 2001-04-14
SM
nobody buys ms argument 2001-04-16
j lock <jlock (at) compooter (dot) net [email concealed]>
So lipner finds security boring, huh? 2001-04-16
KSAJ
Open vs. closed not necessarily it.... 2001-04-16
abostaph (at) usa (dot) net [email concealed] (1 replies)
Open vs. closed not necessarily it.... 2001-04-16
Microsoft Defender (2 replies)
Open vs. closed not necessarily it.... 2001-04-18
Draconis
Open vs. closed not necessarily it.... 2001-04-18
abostaph (at) usa (dot) net [email concealed] (1 replies)
Open vs. closed not necessarily it.... 2001-04-18
M$ Defender
I hope Mr Lipner reads this 2001-04-17
dirge
Security Vulnerability Open Source vs Closed Source 2001-04-17
Rod <snaketails (at) optushome.com (dot) au [email concealed]>
who gets cracked more? 2001-04-18
TauRine (1 replies)
who gets cracked more? 2001-04-18
M$ Defender (3 replies)
who gets cracked more? 2001-04-18
brian (1 replies)
who gets cracked more? 2001-04-18
M$ Defender
You totally missed the point - look at the subject line. Are you really telling me that because more security hole alerts come out for Linux that means it is MORE secure? This is the exact rationale you guys have been using against Microsoft and now faced with numbers suddenly more problems means more security.

Microsoft software is SUPPOSEDLY designed by teams of professionals using proven development lifecycle methodologies that ensure reliability, security, usability, etc. Sometimes these processes fail - no doubt. But I trust in them more that I trust in fly-by-night freeware written by who-knows-who over-caffineated Jolt cola consumers.

How can those of us in the security communtity who hold dear policies and processes in our security practices suddenly think that those processes do not apply to software development? If open source software means that the rest of the world will find the security holes then isn't THAT just doing what you accuse Microsoft of doing - making the end user a beta tester????

Think on that a while. I believe 90% of the posters on this list a simply repeating the Linux party line and have no idea of what it takes to develop real software. There is a double standard out there and I believe a large portion of this crowd is being highly hypocritical.

Be introspective here - there is middle ground - but the solution begins when the bigotry ends.....

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/191/5341#5341
who gets cracked more? 2001-04-18
dirge
who gets cracked more? 2001-04-19
Bruce Garlock
His arguments contradict each other! 2001-04-19
nobody important
Closed Source products often contain obvious bugs 2001-04-19
A Reader
Interesting admission from Mr Lipner 2001-04-19
Iter







 

Privacy Statement
Copyright 2009, SecurityFocus