[EMAIL PROTECTED] (Randal L. Schwartz) writes: > So why is it, with Microsoft and all of their billeeeunnss of dollars, > that they wouldn't spend at least SOME MORE of that BEFORE they > release their code? OpenBSD manages a decent security review and a > right mindset towards security on the annual amount of money that Bill > Gates makes every time he takes a dump.
I haven't seen the Win32 source code, but I'd bet that OpenBSD is considerably easier to audit - I have a growing suspicion that Win32 is just too complex to be properly secured. A lot of recent patches have had unintended consequences or have been marked as having new functionality. -- James Riden / [EMAIL PROTECTED] / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html