On 23/10/14 11:03, Mohan Sundaram wrote: > On Thu, Oct 23, 2014 at 9:48 AM, Karthikeyan A K <[email protected]> wrote: >> Who know how many shell shock Microsoft hides? And how many of it is known >> by NSA? > I'm of the opinion that FOSS is certainly better. Your statement about > MS does not give me added comfort with FOSS. I'm bothered about the > vulnerabilities and impact in the absolute sense in FOSS. > > I've used FOSS for a long time and have managed a webfarm for 4 years > in the 90s. I've always marvelled at the fact that Linux machines were > simply rock solid, not hacked and a low overhead management platform > while MS machines were insecure and a nightmare. I've never before > encountered a serious vulnerability in Linux as Heartbleed/ shellshock > that shook the foundation of the platform stack used for web > applications itself. > > I referred to ESR's thoughts/works like CatB as I believe in them > strongly (so much that I travelled to meet him for a chat at his > residence in Wayne PA in the 90s). Those premises failed in these > cases badly. Both SSL and Bash have been around for a long time, used > by many and were considered robust components. It was after a long > while that the enterprise segment believed in FOSS and adopted such > robust pieces. > > That confidence has been pummelled by these incidents. The painstaking > gains made by FOSS in enterprise adoption would get eroded, whether we > like it or not. The sniggers will be back. > > I posted this originally as I was concerned when I saw the statistics > quoted. This is what the commercial enterprise software vendors will > grab and use against FOSS. Luckily, most of them used SSL/TLS and so > cannot blow their own trumpets. > > We will need to wait and watch how the scenario unfolds and affects FOSS. Again, you place a very reasoned opinion. Much respect.
Vik _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc ILUGC Mailing List Guidelines: http://ilugc.in/mailinglist-guidelines
