[LINK] Open source just as insecure as Windows
Mon Nov 11 23:43:43 EST 2002
On Tue, 12 Nov 2002, Bernard Robertson-Dunn wrote:
> Open source just as insecure as Windows
> Karen Dearne
> NOVEMBER 12, 2002
> The Australian
> LINUX is not a more secure environment than NT or Windows, Internet
> Security Systems chief technology officer Chris Klaus warns.
> "Linux has just as many security holes as Windows in terms of how often we
> see vulnerabilities appearing," Mr Klaus said. "Recently there have been
> two major Trojan horses found in open source projects - one in Sunmail,
> which is the email package for most Unix systems including Linux, and the
> other was OpenSSH."
> Technical people liked open source because they could go to the internet,
> grab a patch and fix problems quickly, he said.
> But they failed to appreciate the huge cost of doing that across hundreds
> or thousands of machines in a company.
For crissake, the sub-ed on this story should be sacked.
Its Sendmail, not Sunmail, and the vulnerability was in OpenSSL not
OpenSSH (at least wrt the Linux Slapper worm)
...and is Klaus suggesting that patching '000s of Linux is harder than
patching '000s of Win boxes - I think not. The prompt and easy
availability of the patches is what makes Linux more secure, not less.
...and then there is this gem:
"An enormous amount of vulnerabilities are appearing in Linux. Because
it's open source anybody can contribute code to it - there's no central
authority doing security for any new code added."
I don't think so. Any Linux tech with sense will make damned sure of the
source of his patches and will check the hashes for them
It strikes me that Chris Klaus is a M$ stooge and that the journo, Karen
Dearne, doesn't have any clue and is just parroting drivel.
LANNet Computing Associates - Your Linux people
Contact detail at http://www.lannetlinux.com
"Flatter government, not fatter government." - me
Get rid of the Australian states.
If electricity comes from electrons, does morality come from morons?
More information about the Link