Linux security

John L Fjellstad john-ubuntu at fjellstad.org
Mon May 1 15:47:31 UTC 2006 

Daniel Carrera <daniel.carrera at zmsl.com> writes:

> John L Fjellstad wrote:
>> It's not a shock, and it doesn't matter. If a user doesn't discover the
>> bug (as in it doesn't affect them) then the bug doesn't matter.
>
> Theoretically yes. The point is that Microsoft has the wrong
> motivations for producing secure software. All their finnancial
> motivations point to creating insecure software quickly and fixing the
> bugs after they hit users.

And the marked has shown that they're right, because people in general
doesn't give a fig.  If people have a choice between a secure software
that will be available in two years, and a buggy one that is available
now, they will choose the one available now every time.  Coupled with
relatively easy and cost-effective distribution of patches and bugfixes,
and you have today's situation.  

>> And it doesn't change Eric Dunbar's point in that as bugs get discovered
>> and fixed, MS Windows will get better.
>
> This would only be true if the feature-set of Windows was static, and
> it isn't. As new features are added, those will bring in new bugs to
> replace the ones that were fixed. This is true of any evolving piece
> of software (the only piece of software I know that is in use and
> isn't evolving is TeX).
>
> Whether the system gets better over all is a factor of how quickly MS
> fixes old bugs and how quickly it introduces new ones through new
> features. And that will ultimately depend on the pressures and
> motivations acting upon the company.

And interesting enough, Windows, despite all the fanatics on this side
claiming otherwise, is getting more stable, even though MS are adding
features.  I still fail to see why that will change.  Why would the
trend suddenly change and Windows become more unstable?

I do think we're seeing a pressure on Microsoft to write more stable and
secure software.  AFAIK, Outlook no longer automatically executes
attachments etc.

-- 
John L. Fjellstad
web: http://www.fjellstad.org/          Quis custodiet ipsos custodes

More information about the ubuntu-users mailing list