Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: LAMP vs Microsoft
From: Hugo van der Kooij (hvdkooijvanderkooij.org)
Date: Sun Jul 16 2006 - 05:33:58 CDT
On Tue, 11 Jul 2006, Bob Beck wrote:
> > And I think vulnerabilities disclosed are a much better indicator
> > of the changes to QA/development of products than any hyperbole
> > from those responsible (be it management or developers.)
> No, I think vulnerabilities disclosed is simply a measure of how much
> development and deployment is happening on the platform. period.
I think that is rather inaccurate. I know companies like ISS claim on
internal presentations that they do a lot of code auditing for companies
like Microsoft. These audits are never publicly available and may contain
significant numbers you can not see with closed-source products. The same
procedure simply is not availble to open-source products which are
developed in a completely different way.
So I think that unless one can get these indoor figures out on the street
there is no way you can compare figures.
I hate duplicates. Just reply to the relevant mailinglist.
Don't meddle in the affairs of magicians,
for they are subtle and quick to anger.