Thread: Build 10031
View Single Post
  #54  
Old March 12th 15, 11:23 PM posted to alt.comp.os.windows-10
GreyCloud[_2_]
external usenet poster
  
Posts: 419
Default Build 10031
T wrote:

On 03/12/2015 12:11 PM, Char Jackson wrote:
On Wed, 11 Mar 2015 12:37:45 -0700, T wrote:

You are deceiving yourself if you think Linux is not more
secure. It is open for anyone to look at. No back doors.
World wide code checkers.

I've heard that repeated many times over the years, and yet there have
been several openSSL issues that have recently come to light, one or more
of which is said to have existed for over a decade. Just because people
*can* check the source doesn't necessarily mean that anyone does.


Hi Char,

Of course. And when they are identified, they are fixed
immediately. That is one of the reasons why Linux is
far more secure (in this instance, a program running on Linux).

You are completely missing the point. The Open SSL issues and
the way they were handled is a triumph of how the system works.

Remember the Blaster virus? The vulnerability was know
and published for years. The jerk that wrote the Blaster
virus simply looked up what vulnerabilities had not been
patched and wrote a virus for it. The scoundrels
at M$ didn't patch it until someone wrote a virus
for it!

There is a *HUGE* difference in the way these things
handled by open source and by M$. M$ would have
ignored it until they were embarrassed by it, as in the
blaster virus.

By the way, on Mozilla's or Red Hat's bugzilla, if you
check of "security", the attention you get can only be
described as OH HOLY CRAP!!! (I just put a bug in on how
to seize Linux and they figured out it was a security
bug on their own and oh did they respond!)

In Linux, if you fix a bug and write a "respectful"
well documents bug report (the the appropriate Bugzilla),
you get it fixed.

In M$ world, who do you even report it to? "How many
copies did you buy?"

And yes, there are exceptions.


If you have heard of the Las Vegas DEFCON conventions, then you'll be happy
to hear that it is a hackers convention to see how long it takes to break
into operating systems. Linux was broken in from the outside in under 20
minutes. Windows was broken into from the outside in under 5 minutes.
Solaris UNIX was broken into in an hour.
OpenVMS took over 2 days.
So there really is no such thing as a totally secure operating system, it is
just that some are harder to break in than others.
Ads