> Uh, no. Where do you get that from? >From a good chunk of the Linux admins I know. > If you think editing configuration files and changing settings is > "modifying > Linux", then I can equally claim you have to "modify Windows" to harden > it.
Sure. I've never said or implied otherwise. > Recompiling is not modifying. What is it then? If I need to recompile the kernel to support something new, lets say a new version of ipTables, am I not modifying things? > So you're proving my point. ;-) What possible incentive could Microsoft > have to improve its security, if you (and others) answer my question > the way you do? (I'd actually appreciate a "Yes" or "No" answer rather > than a paragraph.) Because unlike you seem to portray it, there isn't some mutual exclusion. One doesn't need to ignore security to choose other things. Likewise one doesn't need to ignore other things when choosing security. As for the incentive though, customer satisfaction is certainly a healthy one. Do you not do things because it satisfies your customers? As for a yes or a no, it unfortunately isn't that simple a question or response. The best I can offer is a firm "it depends". > Except we give out source code and permission to modify it and have it > audited for security (even for our commercial software.) Sure, but this is just another "commercial software bad, open source good" point. As previously mentioned, I don't want to waste time arguing those. It's pointless IMO for reasons I previously cited. Also, I don't want to argue *your* product. I merely used it as an example. > Of course I think you're wrong. They essentially dumped IE on the market > in order to kill Netscape. > > But that's OK. Linux is doing to MS what MS did to Netscape, except > through > ethical means rather than dumping. Bah. There is little to no difference. The claims of "ethical" go back to another religious war. As others have requested, and as I have mentioned, I'm not going to continue with a religious debate over operating systems. My point, as Mike Marshall also mentioned, has been made. > I'll rephrase it: Today, insecurity is one of the most important threats > to a business's profit. Sure, which is why Microsoft and pretty much everyone else is working on insecurity issues. Thanks for the lively discussion. I'm going to end it from my end at least though. Take it easy. Wes Noonan [EMAIL PROTECTED] http://www.wjnconsulting.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
