Slashdot Mirror
The Peon's Guide To Secure System Development
libertynews writes "Michael Bacarella has written an article on coding and security. He starts out by saying 'Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion.' It is well worth the time to read it."
Simply because you are unable to secure a box does not mean the underlying operating system you are using is any more/less insecure than any other OS. First get your head out of your ass. The default install on most operating systems is not the highly secure one - it is the one that balances security with features. Some OS's tend more toward security, others more towards features.
Secondly, the open source operating systems give you far more flexibility in securing the OS because 1) they actually document what the various services do and 2) they provide clear mechanisms for disabling daemons and services.
Microsoft does an incredibly poor job with the first one. I can't tell you how many friggin services are running on my win2k work computer that I cannot find any information about. What the hell do they do and can I kill them without destablizing my system? Microsoft's method of security through obscurity simply means that I have to leave all of these back orifices open for hackers to probe until they stumble upon a good hack and them I'm owned.
I don't consider myself all that knowledgeable about security, but I've never had any of my Linux boxes owned. These are ones that have run my websites 24/7. Gosh, you must just suck at security.
I ignored the rest of your poor comparison of open source versus proprietary systems. Good day.