On CBS MoneyWatch: 10 Most Expensive U.S. Colleges
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 50 of 71:
Next »
« Previous
So they found flaws in old applications.
There have been flaws found in the Linux kernel, which has been around since something like 1991 (and being improved), what flaws were found in the BSD systems? Application layer things (programs that one calls, such as

% nroff -man foo.8 | more
or
% man foo

This does not mean that the system is not reasonably secure. OpenBSD has been reasonably hardened, even had a DARPA grant for security research for a bit. Both Linux and FreeBSD now have RBAC (Role Based Access Controls), TE (type Enforcement) and MAC (Mandatory Access Controls) via the SE (Security Enhancements) from NSA. Solaris has RBAC as of 2.7 (Solaris 7) or so.

If all they found were application security problems that means that someone needs to learn to write more secure code. Most people don't do this, as it is not always very interesting to hunt for possible security exploits in a tool. Further, if you apply some of the security tools that I listed (which work out of the kernel), you can restrict the behavior of a program and constrain any dangerous behavior.

Alas, hunting through code for security exploits is not always that interesting for people to do. Secure code is also not always taht friendly to deal with (from a users perspective), there were only 3 OS's that met the old Rainbow Series A1 security level.
Posted by: B.O.F.H.   Posted on: 12/16/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Message has been deleted.  No__ | 12/15/04
Eh?  DpuTiger | 12/15/04
Agreed.  htotten | 12/16/04
Microsoft Code please, sir.  aaron.hodgson@... | 12/16/04
You'll never get it...  htotten | 12/16/04
Not again?  John Le'Brecage | 12/16/04
Imposter  ShadeTree | 12/16/04
re: Imposter  richdave | 12/16/04
BOFH, I thought you learned your lesson.  No_Ax_to_Grind | 12/16/04
Most exploits are of the users not the system  crocd | 12/16/04
Correct....  htotten | 12/16/04
Grabbing two at random  Nigel Johnstone | 12/16/04
Nigel if that is the case  crocd | 12/16/04
I'd like to see what they would find in windows  Arrg | 12/16/04
That would be a high school assignment. (nt)  Immanuel Tranz-Mischen | 12/20/04
Not flaws, rather "undocumented features"  Prognosticator | 12/16/04
How Stupid -- Let the flame wars begin ...  coffeenite | 12/16/04
Hmm, are you sure?  Roger Ramjet | 12/16/04
Flawed reasoning  ibabadur1 | 12/16/04
Yes, flawed is right  Roger Ramjet | 12/16/04
Yes but  ibabadur1 | 12/16/04
re: Yes but  richdave | 12/16/04
Obvious stated  ibabadur1 | 12/16/04
how about software auditing seems to work for openbsd  hipparchus2000 | 12/16/04
Therefore  michael-t | 12/19/04
Well nix...you finally made it!  IT Scion | 12/16/04
so you don't think openBSD is any safer that windows then?  hipparchus2000 | 12/16/04
And  michael-t | 12/19/04
Actually  Linux User 147560 | 12/16/04
Actually The flaws are in the apps source code.  The King's Servant | 12/17/04
This is what free software is all about.  George Mitchell | 12/16/04
Darwin would be proud!  Roger Ramjet | 12/16/04
I Think It's A Great News Story - It Is The APPS Not The OS  itanalyst | 12/16/04
Which Unix version?  Yagotta B. Kidding | 12/16/04
I agree, but....  itanalyst | 12/16/04
Read the reports  bobjones68@... | 12/16/04
Yagotta is right.  The King's Servant | 12/17/04
Not trying to flame ya on this but  IT Scion | 12/16/04
Well if that's how you feel...  Immanuel Tranz-Mischen | 12/20/04
well...  IT Scion | 12/20/04
I'm nitpicking a little  dschrey | 12/16/04
That's especially true...  ~rpb~ | 12/16/04
Collaboration was encouraged...  The King's Servant | 12/17/04
No_Ax, Check The Math In The Linux PC Story  itanalyst | 12/16/04
Is Unix still safer than ... ? YES!  mwagner@... | 12/16/04
Obscurity is false security  ibabadur1 | 12/16/04
You have got to be kidding.  The King's Servant | 12/17/04
well keep in mind  Been_Done_Before | 12/16/04
This is good news.  John L. Ries | 12/16/04
So they found flaws in old applications.  B.O.F.H. | 12/16/04
Everything has flaws.. it's how much DAMAGE the OS..  Xunil_Sierutuf | 12/16/04
STUDENT PROJECT  welshjames@... | 12/16/04
Well you finally made it(repost)  IT Scion | 12/16/04
Linux apologists never fail to please! (NT)  NonZealot | 12/16/04
That's what makes Linux Great!  daver_z | 12/16/04
It's funny  IT Scion | 12/16/04
No, It's Not That  itanalyst | 12/16/04
Source Code availability  ibabadur1 | 12/16/04
actually it's pretty easy to get windows source code  hipparchus2000 | 12/16/04
Stolen code is 'unavailable' for testing  RAnthony | 12/18/04
Wonderful!!  richdave | 12/16/04
libsafe  zdmpetty | 12/16/04
What me worry?  mlindl | 12/17/04
Misleading, sensationalist, and meaningless headline and article!!  emofine | 12/17/04
A better headline would be....  rock06r | 12/19/04
"Dozens of grains of sand found on beach?"  IT Scion | 12/19/04
And furthermore...  emofine | 12/17/04
Not surprised  CobraA1 | 12/18/04
Good that ppl are looking  FilledOut | 12/18/04
Ok going rate on Windows Flaws is....  PhoenixStorm26 | 12/19/04
What does Windows have to do with this article?  IT Scion | 12/19/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Meet Doc