Re: LAMP vs Microsoft

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: LAMP vs Microsoft
From: Hugo van der Kooij <hvdkooij@xxxxxxxxxxxxxxx>
Date: Sun, 16 Jul 2006 12:33:58 +0200 (CEST)
In-reply-to: <20060711151633.GB14077@xxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20060710175054.GU32544@xxxxxxxxxxxxxxxxxxxx> <200607111106.k6BB6gVX004861@xxxxxxxxxxxxxxxxxxx> <20060711151633.GB14077@xxxxxxxxxxxxxxxxxxxx>
Reply-to: bugtraq@xxxxxxxxxxxxxxxxx
Sender: hvdkooij@xxxxxxxxxxxxxxx

On Tue, 11 Jul 2006, Bob Beck wrote:

>
> > And I think vulnerabilities disclosed are a much better indicator
> > of the changes to QA/development of products than any hyperbole
> > from those responsible (be it management or developers.)
>
>       No, I think vulnerabilities disclosed is simply a measure of how much
> development and deployment is happening on the platform. period.

I think that is rather inaccurate. I know companies like ISS claim on
internal presentations that they do a lot of code auditing for companies
like Microsoft. These audits are never publicly available and may contain
significant numbers you can not see with closed-source products. The same
procedure simply is not availble to open-source products which are
developed in a completely different way.

So I think that unless one can get these indoor figures out on the street
there is no way you can compare figures.

Hugo.

-- 
        I hate duplicates. Just reply to the relevant mailinglist.
        hvdkooij@xxxxxxxxxxxxxxx                http://hvdkooij.xs4all.nl/
                Don't meddle in the affairs of magicians,
                for they are subtle and quick to anger.

References:
- Re: LAMP vs Microsoft
  - From: Bob Beck
- Re: LAMP vs Microsoft
  - From: Darren Reed
- Re: LAMP vs Microsoft
  - From: Bob Beck

Prev by Date: Re: XSS phpBB 2.0.21 in administration
Next by Date: Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
Previous by thread: Re: LAMP vs Microsoft
Next by thread: Re: LAMP vs Microsoft
Index(es):
- Date
- Thread