Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [Dailydave] Linux's unofficial security-through-coverup policy
From: "Joel Jose" <joeljose420 () gmail com>
Date: Fri, 18 Jul 2008 21:53:57 +0530

motivation to commit crime is well documented. Loads of hardwork must
never result in a crime because of a silly error. I understand that no
solution can be found if taken in isolation. But, why confuse others?.
Why de-categorise it? Security has been a well-known category. Why the
hurry to change it now? It makes one wonder, is there no hidden agenda
to it. Well.. may be its all true that it was just for "correcting
priorities". But  am sure that it wont stop the security errors or the
people who correct them. I just voiced my "initial" feelings. Lets see
how things come by.


On Fri, Jul 18, 2008 at 9:38 PM,  <Valdis.Kletnieks () vt edu> wrote:
On Fri, 18 Jul 2008 21:07:47 +0530, Joel Jose said:

abetting the crime. But a GUI crash is always less severe. People can
quickly loose trust in the software and the services that depend on
them can be irrecoverably damaged.

If continual GUI crashes cause people to lose trust in the operating
system, that's *more* severe for that system than the occasional security

                                    Think about it.... there are more
people engaged in penetrating, propagating security holes than filing
common bug reports.... it definitely isn't a time-waster for them.

Do you have any numbers to back that up?  RedHat/Fedora's bugzilla is
sitting at well over 450,000 bugs now.  Remember that *for the user who
files the common bug report*, it's not a time-waster for *them* either.

As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
 - Christopher Dawson, The Judgment of Nations

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]