On Sat, 2004-02-14 at 11:32, will hill wrote: > Are you telling me that Microsoft has fewer resources than > the people at OpenBSD and must keep their source to themselves > or suffer a security disaster? Microsoft is once again trying > to blame others for their own failures. Hiding your sloppy work > does not make it secure. People can and will find your holes with > or without the source code.
Yes, I am telling you that the Microsoft has fewer dedicated and highly knowledgeable individuals than the people at OpenBSD. Yes, people can and will find holes without the source code. With the source code, it is much, much easier. > Code quality does come from software freedom. Software that is free > will evolve or die. That evolution is cheaper and more efficient than > the closed source model, so you are always going to get more bang for > your effort by making your code free or just using the free thing to > begin with. The proof is as easy as reviewing uptimes and TCOs. I think somewhere down the line that you came under the assumption that I was arguing against software freedom. And the only thing that I am arguing is that open source software has a superior track record in regards to finding (and patching) bugs or security holes than proprietary, closed-source software. This is what makes it more secure than most closed-source packages. But the fact remains that it is easier to exploit something when you know everything about it, and far harder to exploit something when you have to make guesses (even educated ones). -=David
