Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Trading Discussion
Re: About Mt. Gox flaw from a security expert
by
jgraham
on 21/06/2011, 13:50:49 UTC
Quote from: BTCrow on June 21, 2011, 01:00:19 PM
Quote from: muad_dib on June 20, 2011, 10:37:34 AM
Quote from: Grinder on June 20, 2011, 10:34:53 AM

http://en.wikipedia.org/wiki/Correlation_does_not_imply_causation

Especially when you're picking data as selectively as you do.

I'm not going to start a flamewar. Please respect my objective opinion. I will respect your personal belief.

http://people.freebsd.org/~murray/bsd_flier.html

http://www.cvedetails.com/vendor/6/Freebsd.html

http://www.cvedetails.com/vendor/33/Linux.html

Not only freebsd has less vulnerabilities, but they are also less serious (check exploit or data execution)
Sorry for the double post, BSD system is A LOT less used than nux system that's why you,ll see less vulnerability. I'm a vulnerability researcher and I can ensure that when I have time to research for something I won't be loosing my time doing research for software not used a lot, I'll do research for IE / Firefox / Real Network etc... Of course the BSD are designed to be more secure but if you badly use it or you do not know how to use it, it will be less safer than running a nux or windows with good security mechanism on it.
I'd agree that OpenBSD has security as an imperative for it's dev team and while ASLR isn't the be-all of security.   I would contend that it does show a team taking a proactive approach to security rather than simply reactive patching.  As far as I can tell even FreeBSD 9 doesn't have it committed to the roadmap (it was suggested years ago though).