Hi
On Tue, Jan 14, 2014 at 3:01 PM, Amarendra Godbole wrote: > There may not be security updates, but there may not be security > issues in the first place. The only way to ensure this is to lookup > the quality of developers' on that tool - actively maintained, but too > many cooks may not be optimum from a security point of view. Consider > the case of Linux kernel - clearly security isn't a priority, > especially because they accept binary blobs left, right and center. > World domination is. > The security focus on Linux kernel needs to be improved but this is not because they are adding some binary firmware since security issues are not limited to firmware at all. Quite the contrary, all the firmware is being separated out over time and shipped as a separate tarball and most distributions ship firmware separately as well. That is the recommended practice. The real problem is the lack of security tagging in the changelog and not enough attention to systematic improvements but the situation is better than before. Rahul _______________________________________ Pune GNU/Linux Users Group Mailing List
