On Wed, Nov 12, 2003 at 10:49:49PM +0100, Mikael Olsson wrote: > Of course it should. You don't just "run an OS". Obviously, you > want your machine to actually do something useful. > I disagree. If its a 3rd party app if should not count against the OS unless every instance of the OS runs that app.
> Granted, you shouldn't count bugs in every single piece of > linux/bsd software, the same way you shouldn't count bugs in > every piece of windows software out there, but counting bugs in > the most commonly used ones is most certainly reasonable. > What about apps that run on both windows and linux? When you start counting 3rd party apps in the equation, you are throwing a horrible slant into the mix. This is similar to getting a new 3rd party part for your car then blaming the carmaker when that part fails. Microsoft needs to include things like apache becasue the make both their OS and the webserver, so a comaprsion of security flaws broken down by responsible groups would make Microsoft look horrible. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
