On Thu, 15 Aug 2002, Brian Steele wrote: > The only problem with this analysis is that, based on the info I'm getting > on my security lists these days, MORE bugs are being found now with > open-source software than with MS software. > > It's just basic probability in action: > > New versions = more features + greater complexity > More features = greater risk of bugs being created. > More complex the software = greater risk of bugs being created. > More users = greater probability of bugs being discovered > More clueless the admin = greater risk of being nailed by a security bug > :-) > > I agree with you on the other MS points though. If only they'd put IIS > together so that someone who was security-ignorant couldn't expose > themselves in the 'net, LOL - perhaps IIS wouldn't be viewed in the same > light that it is today. > > I certainly DON'T agree with your Apache security statement. Do a Google > search on +Apache +exploit +root +access and you'd see what I mean :-). >
Software is generally written by humans, therefore software, especially complex, new software, will always have bugs. Finding bugs in software is a _good thing_. Not finding bugs in software is a _bad thing_. Not only having lots of people finding bugs but also having lots of people trying to fix those bugs is a _very good thing_. WRT: Do a Google search on +Apache +exploit +root +access and you'd see what I mean :-). Then divide the count that you get by the number of different OSes and platforms involved. More software, more bugs, if you see what I mean. **** [EMAIL PROTECTED] <Carl Jolley> **** All opinions are my own and not necessarily those of my employer **** _______________________________________________ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs