-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 12 November 2003 22:33, Gadi Evron wrote: <SNIP> > As much as generally and usually I'd vigorously agree with you, there is > a lot to be said for: > 1. A serious (note serious) commercial company that has a crew working > on addressing security concerns, and updating the product.
Not bloody well manifested by the evidence in hand now, is it? I would say that eEye has been a better crew working on windows security concerns than MS. > 2. A commercial company providing with liability (and responsibility) > for the software you use (in other words - tech support and someone > to blame). Liability? Oh, yeah. MS makes hay about IBM not indemnifying Linux users (as if IBM supplied distros!) How much money is MS shelling out to cover costs incurred by Melissa/Nimda/Code Red/Slammer/Blaster/etc. ? Smoke screen and BS. > 3. No source (!!) available for people to examine, thus making it, to a > level, harder to locate security "holes" - for outsides in any case. Almost every one of the vulnerabilities that I reference were discovered by independent 3rd parties, with access only to derived binary objects. MS - with privileged access to sources - never discovered any of these flaws internally. > I can come up with a few more.. but basically all I am saying is, > support open source, don't condemn commercial software. There is a > difference between the two ideologies, and one should follow/support > whichever suits him/her best. Constructive vs. destructive attitudes? I assert -unoriginally- that the reasons to oppose closed-source software are considerations of freedom and access, not quality. That said, the arguments are not with commercial software as a class, but with Microsoft. This relates to specific practices and products - all of which are agrivated by a monopoly position in the market. > Don't allow bad examples to cloud your better judgment. > Or good ones. ;-) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/sqJwJi2cv3XsiSARAgEVAJkBGKG8xXdCrfUtga1APhOicSU5/wCgiDGg jyqs53MXFSRRlMkesdxJrWY= =ruy4 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
