Calling all DEPs

[Ben Duncan]

Interesting .....

The ?theory of a thousand eyes? (the theory that open source is more 
secure because everybody can see the code and instantly discover a 
problem) doesn't make an operating system any more secure either. 
While the potential for more security exists, this doesn't ensure that 
the ?thousand eyes? are actually looking. To the contrary, Red Hat has 
discovered bugs in the Linux kernel in sections that went unchanged 
for years. For example, not only did the Teardrop vulnerability in 
TCP/IP exist for decades, but the Teardrop vulnerability was ported to 
other operating systems, even though ?thousands of eyes? had to be 
looking at the code in order to port it to another operating system. 
Peer review, an extension of this theory, doesn't provide any 
assurance either, because the reviewing peer may not be well versed in 
security and hence not fully understand or appreciate the implications 
of a given piece of code.

Since most of the TCP/IP stac is shared BSD .. and since Win2k ALL of 
the TCP/Ip Windows stac was ripped
from BSD ... I wonder if the author has the Balls to note that Win2k 
then has the same flaw ?

Oh well .. sounds like that guy did not get his a$$ kissed by someone 
from the Linux camp ...

Alan Jackson wrote:
> On Thu, 6 Mar 2003 11:50:04 -0500
> Matthew Carpenter <matt at eisgr.com> wrote:
> 
> 
>>http://www.worldtechtribune.com/worldtechtribune/asparticles/sv/sv10302002.asp
>>
>>You may wish to addess this numbskull in a fashion you've proven time and
>>again to excel at:
>>With reality and education.
>>
> 
> 
> Don't bother. Don't feed the troll.
> 
> 


-- 
Ben Duncan   Phone (601)-355-2574     Fax (601)-355-2573   Cell 
(601)-946-1220
                         Business Network Solutions
                      336 Elton Road  Jackson MS, 39212
    "Software is like Sex, it is better when it's free" - Linus Torvalds