SRO: Microsoft's Not The Only Security Foul-UpMar 09, 2000, 16:51 (9 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)
"Microsoft gets all the red ink, but that's not fair. Yes, I just said that we're not being fair to Microsoft. (That was not a typo.) ...of the latest 10 problems as of March 8 on Security-Focus' listing of security vulnerabilities, only one, the Clip Art, rests completely on Microsoft's doorstep. Of the others, only one, a problem with Internet Security Systems (ISS) RealSecure products, is Windows-centric. Of the others, three of them are Linux problems."
"Shocked? Don't be. All of the Unixes, including BSD, Linux, SCO and Solaris, have more than their share of security problems. Think about it. The recent rash of distributed denial-of-service (DDoS) attacks were all launched from unsecured Solaris systems. And, much as I rag on Outlook, the all time champion application for security holes must be that Unix mail transfer agent, which still sends most e-mail along its way: Sendmail."
"To do security right, you have to be updating your programs and operating systems constantly. ... Windows, Linux, whatever. If you want your systems to be trouble-free, you need to take a lot of trouble. Hard work and due diligence are the only real security answer."