Linked by Mark Tolliver on Thu 13th Sep 2007 08:14 UTC
Editorial The widespread acceptance of open source continues to grow as a cost-effective alternative to traditional network deployments. Well-known projects such as Linux have proven themselves to be in the enterprise environment, helping to dispel the fear, uncertainty and doubt preceding open source implementations. In the past two years, the industry has begun to shift from a total dependence on proprietary applications to a desire for more cost-effective, scalable and collaborative solutions.
Thread beginning with comment 271075
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Response times
by dylansmrjones on Thu 13th Sep 2007 15:42 UTC in reply to "Response times"
dylansmrjones
Member since:
2005-10-02

So basically you're saying OpenBSD is a quick hack?

Reply Parent Score: 4

RE[2]: Response times
by sappyvcv on Thu 13th Sep 2007 16:47 in reply to "RE: Response times"
sappyvcv Member since:
2005-07-06

Huh? Did you misread what I said?

How often has OpenBSD had to fix a serious security hole? How fast did they fix it?

Edited 2007-09-13 16:47

Reply Parent Score: 2

RE[3]: Response times
by dylansmrjones on Thu 13th Sep 2007 17:06 in reply to "RE[2]: Response times"
dylansmrjones Member since:
2005-10-02

How often has OpenBSD had to fix a serious security hole? How fast did they fix it?


In the default installation? Very seldom. But fixing serious vulnerabilities in their packages (not default installation) ? Constantly. Just because a port isn't a part of the default installation, doesn't mean it's not meant to be fixed ;)

And OpenBSD has so far fixed their holes within hours. It is typical for MOST FLOSS-projects. Security! Security! Security!

It is silly to choose compatibility over security. It is wiser to choose reduced functionality than it is to choose reduced security.

Reply Parent Score: 2

RE[2]: Response times
by kaiwai on Thu 13th Sep 2007 16:52 in reply to "RE: Response times"
kaiwai Member since:
2005-07-06

Who said anything about OpenBSD; proprietary vendors not only have to worry about their own products but products that rely on their own products; they have to ensure that in the process of fixing up a flaw, that in the same process they don't end up breaking compatibility with something that relies on it.

With that being said, however, I think the issue shouldn't necessarily be one of 'excusing' delays but instead asking why these companies haven't setup better communication with their partners so that rather than compromising on security fixes for the sake of compatibility, their partners are the first to know about the fix plus what has been fixed so that partners can issue updates for their respective tools at the same time updates are released for the main programme in question.

Reply Parent Score: 2

RE[3]: Response times
by dylansmrjones on Thu 13th Sep 2007 17:09 in reply to "RE[2]: Response times"
dylansmrjones Member since:
2005-10-02

Who said anything about OpenBSD


sappyvcv attacked a specific security policiy of open source projects, and this specific security policy happens to be the security policy of OpenBSD.

proprietary vendors not only have to worry about their own products but products that rely on their own products;


So open source projects sponsored by Novell, Redhat, IBM etc. don't have to worry about the projects depending on them?

they have to ensure that in the process of fixing up a flaw, that in the same process they don't end up breaking compatibility with something that relies on it.


And isn't this also true for open source projects? Or do you claim that no products are based on open source?

Reply Parent Score: 2

RE[2]: Response times
by sappyvcv on Thu 13th Sep 2007 21:20 in reply to "RE: Response times"
sappyvcv Member since:
2005-07-06

And for the record, your poor failed attempt to simplify what I said was disingenuous.

Reply Parent Score: 1