[olug] OT: security through antiquity

Thomas D. Williamson twilliam at inebraska.com
Thu Nov 6 04:25:48 UTC 2008


Quoting DYNATRON tech <dynatron at gmail.com>:

>>
>> Anyway, Schneier's comment on the subject was that reviewed code was more
>> secure than unreviewed code, even if binary exact.  I think it has more to
>> do with a 'trust' and possibly psychological stuffs.
>
>
>
> it's because you know what you are getting.
>
> would you eat something if you didn't know what was in it?
>

Tons of hot dogs are consumed everyday, but because they are familiar  
we don't think about not knowing what is in them.

>
> On Wed, Nov 5, 2008 at 9:55 PM, Sam Tetherow <tetherow at shwisp.net> wrote:
>
>> Even if it didn't have malware, would you really want to go back to the
>> days of Trumpet WinSOCK?
>>
>> Sam Tetherow
>> Sandhills Wireless
>>
>> Phil Brutsche wrote:
>> > Will Langford wrote:
>> >
>> >> I suppose ya could make an argument that 'through antiquity' is just a
>> >> special case of 'through obscurity' ...
>> >>
>> >
>> > Is it?
>> >
>> > This particular article talks about IE5 running on... wait for it...
>> > Windows 3.1!
>> >
>> > Windows 3.1 has no security mechanisms what-so-ever and I'm sure that
>> > it's chock full of buffer overruns and stack overflows and ..., but how
>> > much malware will run outside of Win32?
>> >
>> > It's similar to one of the arguments for running MacOS or Linux.
>> >
>> >


Tom Williamson




More information about the OLUG mailing list