nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RES: Exploits start against flaw that could hamstring huge swaths

From: Christopher Morrow <morrowc.lists () gmail com>
Date: Tue, 4 Aug 2015 13:18:11 -0400
On Tue, Aug 4, 2015 at 12:51 PM, Baldur Norddahl
<baldur.norddahl () gmail com> wrote:

On 4 August 2015 at 18:48, Joe Greco <jgreco () ns sol net> wrote:


However, the original point was that switching from BIND to Unbound
or other options is silly, because you're just trading one codebase
for another, and they all have bugs.



It is equally silly to assume that all codebase are the same quality and
have equally many bugs. Maybe we should be looking at the track record of
those two products and maybe we should let someone do a code review. And
then choose based on that.


because:
  1) historical results matter here? (who looked at which products
over what period of time, with what attention to detail(s) and which
sets of goals?)
  2) the single person doing a code review is likely to see all of the
problems in each of the products selected?


nothing against any of the software in question here, but really this
is all quite a crapshoot and past transgression research doesn't make
for a great tool to plan for the future.

Joe's right: "all software has bugs, find the software and strategy
that makes sense for your organization"  that MIGHT mean 2 platforms
(seems sensible to me!) and it might mean automation for management of
configs (from an abstraction so you can generate the right data to
each target implementation) or it might mean more monkeys on keyboards
if you don't believe in automation.

-chris
Previous By Date Next
Previous By Thread Next

Current thread: