Re: Re: hello

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2009-01-08 at 23:28 +0000, Nathan Rixham wrote:
> Skip Evans wrote:
> > Ashley Sheridan wrote:
> >>> think about it for a minute; an OS can either be secure (0 
> >>> vulnerabilities) or insecure (1 or more vulnerabilities); as all OS's 
> >>> have 1 or more vulnerabilities they are all equally insecure; because 
> >>> they are all insecure.
> >>>
> > 
> > What you are saying, in real world terms, not your Binaryland, is that 
> > if OS A has 2 vulnerabilities that not many people now about, and OS B 
> > has a whole slew of the posted all over the web that they are both 
> > equally insecure.
> 
> exactly; they are both insecure, one is not "more insecure" or 
> "insecurer" - if you make a web app it's either secure or insecure; if 
> you make an operating system it is secure or insecure. On the flip side 
> as an OS owner, a single barely known vulnerability is just as much a 
> worry as 100 well known vulnerabilities.

No, this is not a proper comparison. If I have an insecure web app that
alllows someone to see another user's real name, and another insecure
web app that allows execution of root commands... then I have differing
levels of insecurity.

Thank you, please try again.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux