Linux security

Daniel Carrera daniel.carrera at zmsl.com
Sat May 6 20:43:21 UTC 2006 

John L Fjellstad wrote:
>>>No, you read me wrong.  I didn't think it's necessary that Windows will
>>>be better.
>>
>><quote>
>>And it doesn't change Eric Dunbar's point in that as bugs get discovered
>>and fixed, MS Windows will get better.
>></quote>
> 
> I misspoke.

Fair enough.

>>>Despite increasing functionality, it hasn't
>>>become less stable, which is *your* premise.
>>
>>Show me where I said that. Either you can't read or you're making
>>stuff up. 
> 
> <quote>I disagree because propietary software vendors have all the wrong
> motivations when it comes to security.</quote>

Saying that Microsoft has all the wrong motivations does not imply that 
Windows will get *worse*. Windows is *already* insecure, it is already 
at that blance point. Microsoft's finnancial motivation is to only fix 
bugs after they harm users. Since they are already doing that, there is 
no reason to think that it will get *worse*. Microsoft's motivation 
simply tells us that it just won't get significantly better. Microsoft 
will continue to do the minimum that they feel they can get away with.

> New functionality introduces new bugs. true.
> Windows get better or worse depends on the rate at which old bugs are
> removed and the rate of new bugs are itnroduced. true.
> Does it seems like Microsoft is incapable of keeping up with the bugs?
> Is Windows getting more stable? 

I wasn't trying to answer those questions. To answer them well we would 
need more data. What I was trying to do is simply counter the statement 
that Windows will necessarily get better. No, it is not necessary that 
it will get better. It might. But that's not a necessity.

The argument about motivations also gives a partial answer. It can't 
tell us if Windows will get a /little/ better in the short term. There 
are too many variables for that. But it can tell us whether Windows will 
get a lot better in the long term. Is Microsoft likely to do a thorough 
security audit that brings the coding quality to the level where Linux 
is? No, because that wouldn't make finnancial sense for them. Microsoft 
will make their software as insecure as they can get away with. Anything 
more is a net loss for them.

Best,
Daniel.
-- 
      /\/`) http://opendocumentfellowship.org
     /\/_/
    /\/_/   ...and starting today, all passwords must
    \/_/    contain letters, numbers, doodles, sign
    /       language and squirrel noises.

More information about the ubuntu-users mailing list