The fundamental difference between OpenBSD and the rest of the world
is that they spend the bulk of their time auditing code for security
holes rather than implementing new features and making available the
latest/greatest software packages. This is why SMP wasn't implemented
until 2004. I do not know the history of Debian Linux and their
security policies, but I do know that their "stable" distribution is
many versions behind the latest and greatest on just about every
software package.
Outlook has never required root ("Administrator") to work. NTFS is
based from the ground up on permissions. Windows NT 4.0 and above
tracked processes by PID and allowed the ability to re-"nice", etc.
I have already said this numerous times, but the reason that Microsoft
is insecure as it is is because of the previous attitudes within the
corporation of "provide the most features, the most user-friendliness,
and do it as fast as possible, we'll fix bugs later."
On Fri, 28 Jan 2005 04:49:16 -0600, Will Hill <[EMAIL PROTECTED]> wrote:
> Is it the hardware or the way it's used? What fundamental differences are
> there between the Microsoft way and OpenBSD or Debian? Has Microsoft
> implemented basic precautions such as PIDs tracked by the kernel, users, and
> root accounts? The last time I checked, processes could still hide, Outlook
> and other processes had to run as root to work and file permissions were
> based on some kind of table system rather than inherent in the file system.
> It's possible Microsoft has leapt over these old problems, but I doubt they
> can ever do as well as they should and still give Holywood DRM.
>
> On Wednesday 26 January 2005 10:21 pm, Andrew Baudouin wrote:
> > They have made leaps and strides when it comes to security recently.
> > ... if the x86 architecture were not as insecure as it is, Windows wouldn't
> > look half as bad, but the blame can certainly be evenly placed on both
> > sides of the equation.
>
> _______________________________________________
> General mailing list
> [email protected]
> http://brlug.net/mailman/listinfo/general_brlug.net
>
