NT vs. Unix DNS
David R. Conrad
David.Conrad at nominum.com
Thu Apr 20 03:46:57 UTC 2000
Hi,
> Well, at least it is better than the following "workaround"
[description of the NXT bug]
...
> Workarounds:
> None.
...
I'm not sure what your point was here. There was no workaround as we
indicated in the advisory regarding the bug. The NXT bug was almost as
critical an issue as you can get -- a workaround would be like applying a
bandaid on a decapitation. We provided a new version, 8.2.2, but of course
the damage had already been done.
> The bottom line is that every product has its own drawbacks.
True.
> The thing with
> the open-source software is that you have the source code, but so do the
> hackers.
As should be apparent by the numerous security holes in closed source
software, the availability of source is not related to whether security holes
exist. It can be related to how quickly security issues are detected,
exploited, and resolved. My personal view (and I believe the view of most
security professionals (which I do not claim to be)) is that it is far better
to use open software with full disclosure than it is to use closed with
limited disclosure.
> Of course, one can always argue that Microsoft creates bloated and
> inefficient software.
Which is, of course, irrelevant. The question (at least at this point) is
whether it is more secure. A quick check of the number of vulnerabilities in
the Microsoft area of Bugtraq (322 by my count) vs. the number of
vulnerabilities in the Linux area (128) might be of interest.
Rgds,
-drc
More information about the bind-users
mailing list