OT: Linux most breached OS

Bill Vermillion fp at wjv.com
Sun Nov 21 19:35:09 PST 2004


On Sun, Nov 21 18:57 , Fairlight moved his mouse, rebooted for the 
change to take effect, and then said:" 


> Anyone willing to go through -any- of the OSS platforms could
> find and plug all the buffer overruns and such. OpenBSD did
> that with a complete audit a few years back, I think, and the
> results propogated into FBSD as well. Nobody can look over
> Redmond's shoulder--therefore there's no peer-driven QA system
> in place.

Just a bit of explanation on that.

Theo and his helpers went through the OpenBSD and looked at all the
code in that OS [which is smaller than some of the others as it
tries to be really secure].

They found a lot of potential holes - almost all of them seemed to
be buffer overflows.   But since the base code of the BSDs is found
in many OSes because of BSD license permitting any and all use,
the fixes they found applied to many OSes outside of the xBSD
camp [BSDI, FreeBSD, OpenBSD, NetBSD, DrangonflyBSD, PicoBSD
and Darwin] and shortly after Theo would announce a fix
in some area you would see patches in many OSes - including some
commercial ones.

The fixes propagated far and wide.

The only problem for users of OpenBSD in the US is that if you get
it you can't re-export because of cyrptographic restrictions.  That
usually is not a problem as there are global sites mirrored
from the master tree in Alberta.

Bill
-- 
Bill Vermillion - bv @ wjv . com


More information about the Filepro-list mailing list