When talking about source code, yes. However, if I get into a box, and I know what exactly runs on it, I can just wait for a vulnerability to pop up, and with a little bit of luck, I'll be in before they patch. Security is to be made in layer, one being secure software, another is running it in chroots/jails, one is being a little careful with telling everybody what it runs on. Of course plenty of others, this was an example.
Lucas > Security is never made by obscurity. When it is, it's easily corrupted by a > good hacker. > > On 9/5/05, Lucas <[EMAIL PROTECTED]> wrote: >> >> I'd be reluctant to ask for too specific information, people might not >> want to fill >> out a survey out of fear for security breaches? Besides, it's about BSD >> certification, not Apache or [insert random third party app] >> certification. >> >> Just my two cents, >> >> Lucas >> >> > On 9/5/05, J. Rafael Gómez G." <[EMAIL PROTECTED]> wrote: >> >> I'm 100% agree with you. Another one that is relate to your question: >> >> >> >> What proprietary and non-proprietary software are you using with your >> BSD >> >> system (or systems)? I think that an OS is as powerful as the third >> parties >> >> apps you can run on it. >> >> >> > >> > yes Rafel that is a good suggestion! >> > >> > Since we are anyway taking the survey let us try to get as much >> > information as possible :-) >> > >> > kind regards >> > >> > Siju >> > _______________________________________________ >> > BSDCert mailing list >> > [email protected] >> > http://lists.nycbug.org/mailman/listinfo/bsdcert >> > >> >> >> _______________________________________________ >> BSDCert mailing list >> [email protected] >> http://lists.nycbug.org/mailman/listinfo/bsdcert >> > _______________________________________________ BSDCert mailing list [email protected] http://lists.nycbug.org/mailman/listinfo/bsdcert
