The “secure software” dilemma



It’s quite a dilemma when a software product is billed as more secure than another…. several days back when Mozilla Firefox released v. 1.5.0.4 which fixed a number of security issues, I saw someone comment “I thought firefox was supposed to be secure.” I think there’s a misunderstanding when it comes to software. I think the misunderstanding is that one piece of software can be secure and another not. Out of the box. Let’s take a stab at clarifying…. Security is not a product, it’s not a feature, it’s a way of doing things. Along those lines….


Someone points out that linux is insecure. The point is very good, well taken and well done. The writer drives home the point by using cars as analogy. They say, linux is more secure than windows, (from the article) “If we were talking cars, Linux would be a Volvo S80 and Windows would be a Ford “Hit here to blow up” Pinto.”

The point though is that ANY car can be involved in a wreck, so a “secure” car doesn’t immunize you against a wreck. Driving practices CAN protect against a wreck though. The same is true with computers, secure PRACTICES can prevent security breaches. The same is true in the development of software such as firefox. Being responsive to security disclosures is one way that a software product can be considered “more secure” than another. From what I’ve seen, mozilla seems to be fairly responsive when they’re advised of security issues with firefox. I’ve seen anectdotal reports of a very sluggish response at Microsoft with similar issues. Some areas of the web seem to be filled with stories of “I reported xyz vulnerability to Microsoft xxxx months ago and they’re still investigating, so I’m disclosing publicly to “increase pressure” on them to react”.

Just because software is considered more secure, it’s not bullet proof, it will need updates and other safe working habits.

Related Posts

Blog Traffic Exchange Related Posts
  • Windows more secure than Linux? For the last week, I've seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I'm seeing all sorts of headlines about how......
  • Zotob update There was an update at Incidents.org on the Zotob worm and specifically an advisory related to Cisco products. From their site.... **snipped from NISCC** "Affected Products ================= If the software versions or configuration information are provided, then only those combinations are vulnerable. This is a list of appliance software that......
  • How to Remove Windows Smart Security (Removal Guide) Windows Smart Security is a rogue spyware application that may fool people into installing and purchasing due to the use of the words Windows and Security in the title. It may fool people into thinking that it is related to Microsoft Windows and perhaps even a part of the operating......
Blog Traffic Exchange Related Websites
  • 9 Great Tools to Make Corporate Blogging Easier Here are nine ways to make corporate blogging even easier for you. Writing your blog should be enjoyable and fun, rather than just a task you have no interest in doing. These some really great tools should help make blogging more fun and enjoyable for you rather than a chore......
  • A Strong Week in Tennis for Champion Players This week, there were a few different kinds of games going on throughout the world. These different matches pitted some of the top ranked players in the world against one another to be able to earn the title. While these smaller tournaments might be dwarfed in the shadow of the......
  • Handling a Manila House and its Security Protection is generally very important for potential house owners, regardless of their living plans. A residence located in Manila provides several alternatives for security, from simple locks to more advanced security video cameras. These types of choices keep a Manila house secure. Irrespective of place or selling price, among the......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site