On 2/12/07, Jochem van Dieten <[EMAIL PROTECTED]> wrote: > But what is Linux doing? Is there a structured security and audit process? > Is there a team being payed to make long days reviewing code instead of > developing cool new features? Do those teams exist for all the addons that > are shipped and enabled by default in all distributions?
Well, in general, a out of the box *nix (cept fer the ones aimed at secureness) is probably as bad as OB windows. You point about code revue (=])) is a good one, but it's an all-encompassing software problem, as much as anything. I still stand by the idea the open source code is easier to audit, and easier to hire a 3rd party to audit, for that matter. Linux has some very big advantages over Windows. It runs on many platforms > and what is a difficult to trigger bug on one platform is a very obvious one > on another platform. Most of the addons also run on commercial unices and > the BSDs which is yet another way to find bugs. But is that enough and can > Linux lend back and relax without refocusing on security? Are you seriously suggesting that microsoft is going to be checking every app it supports? At some point we're gonna realize the biggest hole is the one 'tween... I sorta see it as the cylon argument (sorry, if I spelt er wrong). Windows, everything is connected. Linux, it's a bunch of almost stand alone things. I don't see the MS world changing the mentality anytime soon (heck, it's their bread and butter, I might posit-- being all uber-connected). I don't know the answer, but at the moment my bet is that within 2 years the > whole security argument will turn and will be used against Linux and the > whole GPL-ecosphere instead of against Windows. Obviously at that time the > OpenBSD people will still be the kings of security, but that goes without > saying. Perhaps. I would find it entertaining, no matter. I doubt it though-- see- and this goes back to availability of code- We (the world) are at the mercy of MS for securing MS. I hope your bet takes into consideration all the other counties just getting into the mix, some with pretty large populations. I guess MS is already trying to give the SW on the cheap, to sorta slip in there, but we're talking a bunch of people with heart, but not a lot of money (perhaps-- bear with me). I posit that OS will pretty much just eat up MS-- I mean, can one company really compete with the world? That's why I think you see these "giants" getting into the whole movement-- they see this building force, that, logically, can do nothing but get bigger. With MS, etc.., you've got to rely on savvy business sense, the people at the top doing the right thing, etc., etc.. Don't get me wrong, there will always be a place for "private" and "closed" types of code-- I mean, that's just part of life. That's how we make our money, etc.. I'm just thinking you'll see a lot more of the "service" type business, vs. "kit and kaboodle" type services. See, at the core here, if you ask me, (which, you know, I just throw in for giggles, as I'd probably type it whether or not you ask) is the fact that Open Source has started to make money. I'm guessing big money, but I don't really know. Seems like it, just judging by how these projects keep getting bigger and bigger, until there's some umbrella "company" (or companies, as the case may be), that does support, etc.. Basically the stuff Nick talks about (but I still don't see why they don't just buy a Mac, if they're really that 'bout the simple use, etc.. ;). Eh. If I were a wagering man, I'd put my money on the fact that, no matter what, this is a blast to watch evolve. Ain't time cool? Keeps slipp'n / into the future. =] -- Now Playing: [Days Are Years -- By Blue Sky Black Death off the Heap of Broken Images Album : 777kbps:] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:227899 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
