Slashdot Mirror

← Back to Stories (view on slashdot.org)

BugTraq's Elias Levy Talks Security

Posted by timothy on from the how-apropos dept.

LiquidPC writes: "UnderLinux.com.br has an interview with the BugTraq moderator, Elias Levy or Aleph1. Questions ranging from what he thinks of 'Hacking Exposed' to whether BSD is more secure than Linux. Kind of short, but interesting nonetheless." He notes the interesting difference between the approaches to security taken by FreeBSD (which he praises) and Linux -- lots of projects vs. a single unified one, and emphasizes that security is ongoing, not defeating any single problem.

2 of 137 comments (clear)

  1. Re:Most Secure Language by devphil · · Score: 3, Interesting


    Agreed, to an extent. Whenever I see coders beginning to argue about "secure languages" and programming languages that "don't allow" security holes, I have to laugh and recall what Bjarne Stroustrup said about C++'s (and C's) approach to such things.

    I assume that a sufficiently skilled programmer can do anything not explicitly prohibited by hardware.

    (I'm quoting from memory.) The "protections" of the C family of languages are meant to prevent accidents, not fraud. Y'all might check out something like libsafe, originally from Bell Labs, and released under the LGPL.

    --
    You cannot apply a technological solution to a sociological problem. (Edwards' Law)
  2. Re:security by mindstrm · · Score: 4, Interesting

    I don't even buy that it's 'easier' to secure BSD.

    It may take a few less keystrokes out of the box, on any particular version, but that's where it ends.

    Running *real* live systems, it takes the same amount of diligence and effort to keep them secured. You have to be aware of each new application you install, and how it impacts your security. It's no different on any OS.

    Win2k is not hard to secure; neither is any other MS system.