Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Your Opinion +

from [Mark Litchfield] Network Security [Permanent Link]
Subject: Your Opinion +
Date: Fri, 16 Mar 2007 22:10:59 -0000
A common comment being made is that a Vendor who creates and sells and OS, and then sells security applications to protect their OS is a conflict of interest.

Consider the Anti-Trust law suits filed against MS by AOL regarding IE and RealNetworks regarding Windows Media Player back in 2003, lets say for discussion, MS now turn around and offer up their 'Security Applications' for free. You know exactly what is going to happen.

(I believe the main issue with AOL and Real Networks was that IE and WMP were bundled within the OS.)

I guess my point is, whilst I appreciate the common comment, what other options are available to an OS vendor. Offer it up as a free download (not bundled within the OS) allowing the end user to make the decision, or to carry on charging for it ?

Another common theme has been, that the OS should be secure in the first place. Again I agree with this, but as someone indicated developers schedules are being dictated by their marketing departments with shipment dates, so regardless of their intentions to code securely a vulnerability is likely slip through.

With regard to third party security solutions outside of the OS vendor, in reality how many new security issues does their software introduce to a fully patched OS.

Cheers

Mark


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Your Opinion, The Fungi
Next by Date:  RE: Your Opinion, Jim Harrison
Previous by Thread:  [Full-disclosure] Call For Papers - IT Underground Dublin, Marcin Tkaczyk
Next by Thread:  Re: Your Opinion +, Alex Belits
Indexes:  [Date] [Thread] [Top] [All Lists]