On Thu, Feb 06, 2003 at 03:32:02AM +0100, Thomas Ritter scribbled: > Actually, > > good security isn't about numbers, it's about reaction time and responsiveness > on security questions (and delay up to the update). Errors just happen, noone > can really prevent that. Definitely, but it is also interesting to see the number of bugs and how quickly had they been dealt with. That shows one thing at least (which you mention above) - the reaction time. Also the number of bugs shows, in a sense, how the given community (or company) reacts to problems in the software it produces. Therefore, such statistics would be quite interesting. securityfocus used to have something along these lines, but I don't recall whether they still have it or not. > And regarding all these points, the community wins without any sign of doubt, > I guess. Definitely > But the original text author would surely laugh about this, as these are > facts, which he doesn't seem to use ;) Fiction is easier :-) marek
Attachment:
pgpQpggWkybl1.pgp
Description: PGP signature