[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Vulnerability response times -- MS and others
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Vulnerability response times -- MS and others
- From: "Kerry Thompson" <kerry@xxxxxxxxxxxx>
- Date: Thu, 8 Apr 2004 10:16:32 +1200 (NZST)
hggdh said:
[snip]
>
> Anyways... the report seems to indicate that Microsoft is the fastest
> on solving security issues.
>
> Comments?
>
> --Comparing Windows and Linux Security
> (30 March 2004)
> Forrester Research has released a report titled "Is Linux More Secure
> Than Windows?"
[snip]
That explains something. I was being interviewed a couple of days ago by a
local ComputerWorld journo about my SELinux work and had been explaining
techo stuff like mandatory access controls and stuff, then he dropped that
question on me
"Research shows MS releases patches faster than Linux vendors. Which is
more secure Windows or Linux?"
Threw me completely. Its crap question to get when you're on the spot
thinking about other things and they want a short answer. I ummed and
ahhed for a minute, and was tempted to retort with something cynical like
"which is the better car - Toyota or Mazda?", but then I thought this guy
is being serious. I responded with something like "Its marginal. Any
competent sysadmin makes the question almost redundant. If any manager
asks such a question he needs to hire a better sysadmin". I don't know if
they'll publish that, I hope not because I certainly don't have a
reasonable overview of the whole MS-Linux security landscape.
Sometimes I think the media guys try to ignite the old OS religious wars
just to get extremist comments. They need a bucket of water throwing over
them.
Kerry.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html