-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
|>-----Original Message----- |>From: Chris Berry | |>You're really stretching here. *shrug* Outlook has consistently come |>out in the top ten of security problems, that's enough for |>me but maybe you have different priorities. Just because it's |>everywhere doesn't mean it's good, sendmail for example. | | | Okay, here we go with this again...
| And why does Outlook have security | problems? Because it's a program.
Because it's a poorly written program that was designed without security as an objective, it's the perfect example of featurism at all costs.
Yes! As a matter of fact I was attempting to hold it up as an example that bad programming isn't limited to Microsoft products (and not all of those are bad either).
Security professionals looking to make a name for themselves, disgruntled employees, criminal hackers, etc.
| If I'm a malicious person looking for | security holes in an application that I can exploit, I'm going to use | whatever's most popular. You hear about Ford Explorers rolling over and all | that, right? Does that mean that 79 International Scouts don't roll over | ever? Sure they do, but how often do you even see one on the road? Just | because it's not everywhere, doesn't mean it doesn't have security problems.
| When you can create an operating system or a powerful e-mail program that | has no flaws, please let me know. Then I'll install your application on | your operating system. Until then, please rethink your security by | obscurity policy.
~ 1. Sendmail 37.1% - 31 vulnerabilities ~ 2. qmail 17.0% - 3 vulnerabilities ~ 3. Microsoft (Exchange, etc) 15.4% - 21 vulnerabilities ~ 4. imail 6.0% - 29 vulnerabilities ~ 5. unknown 5.1% - Unknown ~ 6. Postfix 4.1% - 4 vulnerabilities ~ 7. Exim 3.9% - 6 vulnerabilities
Outlook - 63 vulnerabilities Mozilla Email Client - 2 vulnerabilities Mutt - 7 vulnerabilities Eudora - 20 vulnerabilities Pine - 14 vulnerabilities Pegasus Mail - 3 vulnerabilities
So basically my Mozilla on qmail system would be 16.8 times less likely to come out with a new vulnerability over the next year than your Outlook on Exchange one. Now, statistics can be misleading at times, but come on, the sheer scale of the difference has to be saying something don't you think?
| P.S. I'm not good at analogies! I say that at least once a day in | conversation. I'm not sure why. I think I used to be okay at them, but now | I suck. So, you don't have to say that Explorers vs. Scouts is a stretch. | I already know that! :P
Actually I though that was a pretty decent analogy, however you'd need to look at the number of rollovers per vehicle. You're on kind of a slippery slope though because physical problems don't replicate as easy as software ones.
- -- Chris Berry chris_berry@xxxxxxxxxxxxxxxxx Systems Administrator JM Associates & Coast Business Service
"He who laughs last probably made a back-up." --Murphy's Seventh law of computing -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAY5bdkAS13ByzgbsRAixCAJ9vxEsqfjGpP/2PURK9NAg/tvGZYwCgrmF4 HsOyHqqYL+2wiSPlJAg5s04= =GBMM -----END PGP SIGNATURE----- ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link.