delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2003/12/22/19:39:42

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Originating-IP: [203.94.167.77]
X-Originating-Email: [arashp AT hotmail DOT com]
X-Sender: arashp AT hotmail DOT com
From: "Arash Partow" <arashp AT hotmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Unable to compile cygwin
Date: Tue, 23 Dec 2003 00:39:04 +0000
Mime-Version: 1.0
Message-ID: <BAY9-F64eLV3mY2HcQi0001e92d@hotmail.com>
X-OriginalArrivalTime: 23 Dec 2003 00:39:05.0040 (UTC) FILETIME=[2AFAF500:01C3C8ED]
X-IsSubscribed: yes 

I don't see how your sarcastic remarks relate to what i said...

>Yeah.  You're right.  It's better to just assume it's gloriously
>trustworthy if it's free software and maliciously bad if it comes from
>Microsoft.
>

all i said was that its harder to prove something in a negative
context rather than a positive one, I didn't say OSS was more
secure than proprietary s/w.

from a security pov everything is like a chain, and regardless of
how strong some links in the chain are the old adage is true in
that your chain is only as strong as its weakest link, meaning
regardless of the fact that you have a good sense of s/w
development or keep an eye open of buffer over run situations and
the alike you will still have a weak link in the chain and that
is the end user.


who cares if cygwin is secure or not, because it doesn't matter
and the reason is because its running on windows, an analogy
would be having the front of your house fortified like a castle
but leaving the back wide open which is what is happening with
cygiwn on windows, who cares if you can use openssh with 2kb keys
to let users login and do stuff, cause none of that matters when
you are running windows, someone wanting to get into your system
has only to invoke one of the thousands of remote access holes that
are in the windows infrastructure to gain access to your system
and thats the truth so instead of wasting time trying to make
things "look'n'feel" secure why not spend some time on the
inherent threading and signaling problems cygwin has, and please
stop making sarcastic remarks, just imagine the things you could
achieve if you spend the brain power you waste on coming up with
such sarcastic remarks on this mailing list, on other more productive
things to do with cygwin...

Just imagine.




Regards


Arash

_________________________________________________________________
Protect your inbox from harmful viruses with new ninemsn Premium. Click here 
  http://ninemsn.com.au/premium/landing.asp


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019