Miscellaneous > Applications

Netscape/Mozilla flaw exposes hard drives

<< < (2/6) > >>

Zombie9920:

quote:Originally posted by psyjax:


Find the flaws in FreeBSD
--- End quote ---


A few FreeBSD flaws.

http://www.linuxmax.net/news/00640.html

http://www.sans.org/topten.htm (there are suggested solutions to the flaws mentioned on this page..keep in mind that BSD is a Unix system)

http://online.securityfocus.com/archive/1/72698

http://docs.freebsd.org/cgi/getmsg.cgi?fetch=209141+0+archive/
1998/freebsd-security/19981115.freebsd-security (This one is about NetBSD...but is BSD nonetheless)

All OSes have flaws...learn it and live it buddy.

<edited purely to make it fit horizontally on the page - Calum>

[ May 02, 2002: Message edited by: Calum ]

Calum:
as for your first link:  
quote:The squid port is not installed by default, nor is it "part of FreeBSD" as such: it is part of the FreeBSD ports collection, which contains thousands of third- party applications in a ready-to-install format.
--- End quote ---
so the flaw is in third party software. You seem to make a habit of arguing about an operating system based on the third party software available for it. why not stop doing that since it's pointless and useless?

re: your second link, the only mention of BSD i could find on the page was a link to this page which is a guide to how to configure your BSD so it's as secure as possible. Hardly a flaw. Keeping in mind that BSD is a UNIX system is irrelevant here, since the page you linked to seems to claim at least as many windows security risks as any other system.

regarding your 3rd link,  
quote:The CVS code was not even designed to be a
secure subsystem, let alone audited to ensure that it is one.
--- End quote ---
this is a post from a guy saying CVS is not secure, and someody else saying it was never meant to be, but incidentally it can be made fairly secure even though that is not its job. Again, hardly a BSD flaw, is it?

Your last link need only be clicked and read to find out just how unconnected with BSD flaws it really is.
It's a thread entitled "Would This Make BSD More Secure?". Hardly a flaw that people are always trying to make it more secure is it? unlike Windows NT. If they had a similar bulleting board, it would be full of threads with names like "How Can We Fleece The Punters Out Of Even More Dough Without Actually Putting In Any Real Effort?"

This was a pretty poor effort, even for you.
Lastly, here's a link which i think is relevant here:

www.zombie9920.com/myresume/

[ May 02, 2002: Message edited by: Calum ]

psyjax:
Granted, this is an old story, but the magnitude of this security hole is not to be underestimated:

http://www.pcworld.com/news/article/0,aid,93803,00.asp

Though it has been patched. The fact that M$ let such a thing slip thrugh it's fingers is inexcusable IMHO. Casts doubt on their products as a whole.

Furthermore, this hole has nothing to do with 3rd party software or improper configurations on behalf of the user.

But M$'s own software that is constantly thrust upon it's users proves to be security risks within themselves. Take for instance the legacy of Lookout Express. Aparantly the years of viruses and system holes has done little to remedy it's vulnrability:

http://www.infoworld.com/articles/hn/xml/02/04/02/020402hnxpflaws.xml

Ultimately however, the question of flaws in security, despite which OS is more secure. Is made void by the fact that you have to relly on M$ for a security patch if something is found. Hell, they may even make you pay for that patch, and it may take weeks for it to be released.

With BSD, and even OSX considering that the kernel is open source, you could allways patch the hole yourself. Get the word out in to the comunity and have the hole patched in record time if you don't have the resources. Plus, it will be free and good, because everyone is benifiting from it.

EDIT: Incidently. The bug has been squashed in the latest NIGHTLY Mozilla Build.

[ May 02, 2002: Message edited by: psyjax ]

voidmain:
As opposed to M$'s tiny list of security holes:
http://www.trustworthycomputing.com/

Ctrl Alt Del 123:
The original topic was that Mozilla and Nutscrape having a huge hole. No software is perfect and flawless. IE may be flawed, but so is Nutscrape and Mozilla.

Navigation

[0] Message Index

[#] Next page

[*] Previous page