[Coco] CoCo Gallery

Gene Heskett gene.heskett at gmail.com
Thu Jun 10 10:33:21 EDT 2010


On Thursday 10 June 2010, Aaron Wolfe wrote:
[...]
>Whether open source or closed source is inherently more secure is
>something that security experts do not agree on, but there are plenty
>who will argue one way or the other.  Reality is that there are other
>factors common to both models which have a much greater influence on
>the ultimate security of an individual installation.  During my years
>spent as a network security guy (usually called in after, rather than
>before a problem)  I found that the primary factors in most
>compromises were lack of maintenance, installations done
>incorrectly/left at default settings, trading security for
>convenience, and other silly things that people do.  Actual flaws in
>software were seldom the cause, and when they were it was usually
>something that had been corrected many versions ago had the server
>been kept up to date.  Until we eliminate the humans, no system will
>be truly secure :)

Very well said Aaron.  The one time we had a machine rooted at the tv 
stations site, was back in RH-6.1, Bind 4 days.  That is a fur piece back up 
the log now.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
"It is better to have tried and failed than to have failed to try, but
the result's the same."
- Mike Dennison



More information about the Coco mailing list