Linked by Eugenia Loli on Tue 1st May 2007 00:35 UTC
Privacy, Security, Encryption Dino Dai Zovi, the New York-based security researcher who took home USD b10000 in a highly-publicized MacBook Pro hijack on April 20, has been at the center of a week's worth of controversy about the security of Apple's operating system. In an e-mail interview with Computerworld, Dai Zovi talked about how finding vulnerabilities is like fishing, the chances that someone else will stumble on the still-unpatched bug, and what operating system - Windows Vista or Mac OS X - is the sturdiest when it comes to security.
Permalink for comment 236261
To read all comments associated with this story, please click here.
by hackus on Tue 1st May 2007 18:12 UTC
Member since:

I do not trust what this guy is saying due to the fact he made the following statement:

"I have found the code quality, at least in terms of security, to be much better overall in Vista than Mac OS X 10.4. It is obvious from observing affected components in security patches that Microsoft’s Security Development Lifecycle (SDL) has resulted in fewer vulnerabilities in newly-written code. I hope that more software vendors follow their lead in developing proactive software security development methodologies."

I do not mean to be sarcastic here but I am sure Microsoft and Apple gave him the source code to the binaries he was testing.

There is no way he can make quality comparisons between the two code bases without seeing the source code so the above statement is just stupid, or worse he doesn't understand what he is talking about.

He doesn't even describe what MSDL is. I tend to discount that statement as well as nothing that he is describing meshes with my experience out here in the wild.

I have lots of associates and lots of colleagues running Linux and OS X and Microsoft systems.

The only ones that call me who R in trouble are the Microsoft ones, not the Linux or the OS X owners.


Reply Score: 2