Mailinglist Archive: opensuse (924 mails)

< Previous Next >
Re: [opensuse] UEFI
James Knott said the following on 10/23/2012 10:26 AM:
BTW, if we want secure computers, we should ban Microsoft products, as
they are responsible for most of the vulnerabilities out there.

Its not Microsoft, per se, its an emergent property of the fact that
Microsoft is a marketing company not a software development company.
When time-to-market and sales volume and market placing/dominance
matter, the software quality slips.

Conversely, so much of Linux isn't concerned with these matters, but
*is* concerned with quality and hence security.

Will this change? Possibly.
Look at the demands that inadequately tested ("the next release of..")
software is included in the next release of, for example, openSuse.

Look, for example, at the issues raised in
http://www.amazon.ca/Geekonomics-Real-Cost-Insecure-Software/dp/0321477898

<quote src="http://vimeo.com/8100759";>
Poorly written, insecure software is no longer a technology issue; it is
a public policy issue. Software vulnerabilities leave consumers,
businesses, national infrastructures, government and the military
susceptible to cyber attacks.

The market does not provide significant or compelling incentives for
developing secure software, thus current cyber security spending largely
deals with the effects of insecure software. In essence, software
manufacturers practice unrestrained vulnerability dumping onto
downstream market participants. In the absence of policy discouraging
this behavior, cyber defenders are too busy mopping the floor to turn
off the faucet. This must change.
</quote>
http://my.safaribooksonline.com/book/technology-management/9780321477897/praise-for-geekonomics-the-real-cost-of-insecure-software/pref01


See also
http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0071626751
We aren't teaching the mistakes of the past as we are with other
engineering disciplines. Part of this is because anyone can call
themselves a 'programmer'. Its sort of like 'home renovations', only
this is stuff that affects the public.


--
I have no faith, very little hope, and as much charity as I can afford.
Thomas H. Huxley
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >