[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 06/11/15 14:39, Martijn Grooten wrote: > I thought the article fair and balanced, even if at times not 100% > correct. It showed the arguments of both the "Linux needs to take > security more seriously" proponents as well as those of Linus and others > who think one shouldn't "mess with userspace". > > Martijn. I didn't think it was particularly balanced: there is a definite bias in the article. It would have been more credible if, instead of referring to some high profile "hacks" as evidence of the need to take security more seriously (and relying on the evangelising of security company execs), it had said more about real problems. The article touched on "towelroot" (CVE-2014-3153), but made no effort to give the reader a sense of how active the security community are in hunting for kernel bugs; how often serious kernel bugs are found; how long it takes to distribute fixes for serious kernel bugs (and how long they are left unaddressed); and how this all fits into the broader picture of software security. A weak article then, but interesting nonetheless. Thank you for sharing it. jah -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq