Re: Alas and alack.

[Scott Dier - dieman <dieman@ringworld.org>]

[you in this article refers to all administrators everywhere, not the
original poster, please don't take it personally]

On Tue, 28 Jan 2003, alex wrote:

> Has the Linux security bubble burst?

Without reading the article, and at the risk of making myself look foolish
with crossposting to a gaggle of lists.

What security bubble?

Oh, nevermind, readng the first paragraph its some "Security Expert"
making sure that they can make some copy.  I'm pretty impressed by these
sorts of articles that assume that systems administrators aren't rooted in
'reality'.  That every one of us is some sort of zelot just trying to get
linux into places with empty promises of 'its more secure' and 'they fix
bugs faster'.

Use the software with the best merits.  If your merits happen to include
that its non-proprietary, don't fool yourself (nor your employer) into
some game of 'its more secure'.  Don't misrepresent the work that you do.

I don't think we would be seeing these articles if there wasn't some form
of zeolotry going on to misle upper management.  Please 'sell' the merits
of the software on the merits.

However, one point I do see, about security fixes in decent time from
source to distribution form seems to focus on product lifecycle rather
than true experience and actual facts.  I would love to see a comparison
of distributions that shows how deticated many of the Linux distributions
are at distributing stable and secure fixes to users in a timely fashion.

-- 
Scott Dier <dieman@ringworld.org> http://www.ringworld.org/