On Sat, 02 Feb 2008 01:24:44 +0100 Peichaer Robert <[EMAIL PROTECTED]> wrote:
> Richard Daemon schrieb: > > On Feb 1, 2008 5:14 PM, badeguruji <[EMAIL PROTECTED]> wrote: > > > >> From Sun's own mouth: > >> > >> ..."Solaris 10 OS, the most secure OS worldwide holding 176 > >> records"... > >> > >> is that so? > >> > >> ________________________________ > >> ~~aapka kalyan ho~~ > >> > >> > > > > Doesn't MS say the same thing for Vista? > > > > compare and realize the difference > > Solaris Alerts on Sun's Security Blog (mind the sheer number of > alerts for 2008) > http://blogs.sun.com/security/category/alerts > > OpenBSD's Security Infos (every release counts for a 6 months period) > http://www.openbsd.org/security.html#42 Wait... compare what can really be compared: http://blogs.sun.com/security/category/alerts shows 4 types of things: - OS alerts - System DOS/DDOS vulnerabilities - Third party software vulnerabilities (WHO ARE IN THE BASE SYSTEM, say, sendmail for example) - Third party DOS/DDOS (WHO ARE IN THE BASE SYSTEM, say, sendmail for example) http://www.openbsd.org/security.html#42 shows 3 types of things: - OS alerts - Third party software vulnerabilities (Including stuff like firefox, etc...) - Third party DOS/DDOS (Including stuff like firefox, etc...) In openbsd world, DOS vulnerabilities are considered are reliability issues... So, for a good comparison, remove from sun's page all DOS vulnerabilities (or compare with obsd DOS vulnerabilities) and third party software (say, firefox, etc...) If you are looking for the system DOS/DDOS vulnerabilities of openbsd, it's here: http://www.openbsd.org/errata.html The fact is, you can't say third party softwares are the system so... - Remove third party software vulns, DOS/DDOS vulns for both OS - Add openbsd DOS to it's vulns (or remove solaris DOS vulns) Now, compare... Now, does that comparison really means anything ? I don't think so, for it to eventually mean anything, you'd have to perform a complete audit on both openbsd and sun's code, compare the number of relevant vulnerability report for both systems, check if sun has like openbsd a pro-active approach of security, comapre the number of users... Good luck in your quest to answer an unanswerable question... Pierre Ancelot.
