Home page logo

bugtraq logo Bugtraq mailing list archives

Re: LAMP vs Microsoft
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Sun, 16 Jul 2006 12:33:58 +0200 (CEST)

On Tue, 11 Jul 2006, Bob Beck wrote:

And I think vulnerabilities disclosed are a much better indicator
of the changes to QA/development of products than any hyperbole
from those responsible (be it management or developers.)

      No, I think vulnerabilities disclosed is simply a measure of how much
development and deployment is happening on the platform. period.

I think that is rather inaccurate. I know companies like ISS claim on
internal presentations that they do a lot of code auditing for companies
like Microsoft. These audits are never publicly available and may contain
significant numbers you can not see with closed-source products. The same
procedure simply is not availble to open-source products which are
developed in a completely different way.

So I think that unless one can get these indoor figures out on the street
there is no way you can compare figures.


        I hate duplicates. Just reply to the relevant mailinglist.
        hvdkooij () vanderkooij org             http://hvdkooij.xs4all.nl/
                Don't meddle in the affairs of magicians,
                for they are subtle and quick to anger.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]