[Full-Disclosure] why commcerical software *could* be better [WAS: Re: [Full-Disclosure] Microsoft prepares security assault on Linux]

[Gadi Evron <ge@egotistical.reprehensible.net>]

I apologize if this somehow gets to the list twice, I accidentally 
posted it here with the wrong email address:

> IMHO the open source crowd fixes bugs a magnitude faster than the m$ 
lusers - check www.guninski.com,
>there are dates on which vendors were notified. Check the unpatched 
exploder page to get an idea.

As much as generally and usually I'd vigorously agree with you, there is 
a lot to be said for:
1. A serious (note serious) commercial company that has a crew working
   on addressing security concerns, and updating the product.
2. A commercial company providing with liability (and responsibility)
   for the software you use (in other words - tech support and someone
   to blame).
3. No source (!!) available for people to examine, thus making it, to a
   level, harder to locate security "holes" - for outsides in any case.

I can come up with a few more.. but basically all I am saying is, 
support open source, don't condemn commercial software. There is a 
difference between the two ideologies, and one should follow/support
whichever suits him/her best. Constructive vs. destructive attitudes?

Don't allow bad examples to cloud your better judgment.
:o)
--
      Gadi Evron (i.e. ge),
      ge@linuxbox.org.

The Trojan Horses Research mailing list - http://ecompute.org/th-list

My resume (Hebrew) - http://vapid.reprehensible.net/~ge/resume.rtf

PGP key for ge@linuxbox.org -
http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
Note: this key is used mainly for files and attachments, I sign email 
messages using:
http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html