mailing list archives
RE: IE Web Browser: "Sitting Duck"
From: "joe" <mvp () joeware net>
Date: Wed, 7 Jul 2004 11:24:29 -0400
I don't think anyone can propose a realistic test at this point in time. I
don't think one is possible until you get some sort of large non-techno
weenie installed based going for the *nix or another OS for that matter. As
another poster pointed out, the diversity and chaos in the open source world
right now helps contribute to its safety as there is no large exposed
surface in terms of Microsoft large. Plus MS simply makes good news.
Once more non-weenies hit the OS and start doing things, something will
start to take a majority because friends will tell their other friends about
this specific version and the people running it won't be of the type to keep
swapping things around and trying other things and someone will come up with
some decent marketing or distribution method that appeals to the mass
market. In terms of marketing and distribution right now from what I see
that could very well be Lindows aka Linspire. I'm waiting for them to start
giving away Lindows PCs to schools actually like Apple did/does. They have
Apple beat because while a school could get it cheap, little billy at home
wasn't so lucky as mom and dad looked at the price in the store and said no
way. Do that with Lindows PCs, then mom and dad go to Walmart because billy
talks about how he likes it so much and low and behold they see on shelf a
whole PC for $300 or so dollars. Hopefully they keep Lindows on it instead
of realizing, hey this isn't what mommy and daddy like and go to ebay and
buy a pirated copy of XP that can't be updated with security fixes because
MS in its infinite wisdom decided that people who don't buy legit don't get
to have security. You want to complain about MS, complain about that.
I can say in my experience that I have seen fewer RSTS/E worms and viruses
than *nix but it doesn't mean it is more secure. At that point though there
weren't lists going around distributing the holes to the kids to exploit and
people going oh my god, DEC is evil, RSTS/E sucks, SunOS is MUCH better and
more secure. If we found a really bad issue, we would tell DEC and we would
tell any companies we were friendly with that we knew were running the same
thing. I guess we weren't quite as religious then. If we wanted religion,
we went to church. We simply used computers to do our jobs.
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Bruce Ediger
Sent: Wednesday, July 07, 2004 8:41 AM
To: FULL-DISCLOSURE () lists netsys com
Subject: RE: [Full-disclosure] IE Web Browser: "Sitting Duck"
Can you propose a test of the install-based theory? If not, I wish you
wouldn't use it, it's little more than special pleading for the use of
Full-Disclosure - We believe in it.