Re: why do iceweasel et al have more frequent security issues?
On Thu, Jul 26, 2007 at 09:35:30PM -0700, Andrew Sackville-West wrote:
> Note that I have no bias regarding kong and iceweasel.
> Also, I'm more than willing to embrace a counter example. OpenBSD has
> had two remote holes in the base install in more than 10 years. And
> I'm willing to wager that it is in fact probably the most secure OS
> out there for common folk to use. BUt that is a special case because
> we _know_ that it was built up piece by piece for one purpose -- to be
> secure. Security has motivated every decision made about OpenBSD so we
> have additional data on which to make the assumption that its number of
> reported vulnerabilities is a good indicator of its security
> overall. But just pulling two pieces of software out of the air and
> comparing their security based on the number of reported
> vulnerabilites doesn't work. Not without some additional information
> to support those assumptions.
Since OBSD provides lynx in their base system, perhaps for a really
secure browser we should just use lynx. Unfortunaly, they don't include
any graphical browser in base and they don't do a rigid security audit
on packages to the same degree as base.
IIRC, one of those two security breaches was in OpenSSH itself so
everyone was affected, not just OBSD.
Thanks all for your discussion of the issues.