[Gllug] just preaching to the converted !
Martin A. Brooks
martin at hinterlands.org
Wed Oct 26 08:05:36 UTC 2005
On Tue, 2005-10-25 at 22:43 +0100, Nix wrote:
> I don't see what testing (other than pen-testing) has to do with
> security. Stability, sure. Security, no. No amount of testing can prove
> a system secure.
You miss the point: wide enough testing can prove the system to be
insecure.
Your compiled-from-source-firewall is vulnerable to security problems
that the shipped-with-debian-firewall is not. I'm not saying these
problems will ever be found or exploited. My point is that _you don't
know what they are_.
On the other hand my bash binary, which is the same as the bash binary
which is being used on thousands, if not hundreds of thousands, of other
systems, has no known security problems.
So I have a choice, the debian binary which thousands of people are
using and haven't found security issues with, or your binary which
exactly one person has used and thinks is secure. Guess which I'm going
to use.
Mart.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list