Comment Re:The myth of many eyes (Score 1) 329
I think that's the whole point of capitalism. Sooner or later, the employers of these "lazy sysadmins" might get the clue that their server security is being compromised a little more often than they'd like. What to do about this? Fire the lazy sysadmin and hire one that pays attention to bugtraq and actually patches the holes up.
The problem with closed source (especially as it relates to Microsoft) is that you shift the responsibility of taking bug reports and fixing the bugs from the community that actually uses the software, to a corporation that probably doesn't see fixing bugs as soon as they are reported as an activity in its best interest. They say to themselves, 'After all, what harm could this little bug do? We are closed source, no one will be able to write an exploit if they can't see our source code.' Gee whiz how come I see so many exploits for closed source products? You put yourself at the mercy of a corporation whose goal is to maximize profits. If it can maximize profits by waiting to fix those bugs until someone writes a nasty exploit for it, then they will every single time. The open source community has already proven that their method works, as long as one maintains one's awareness level (bugtraq).
- Dave
The problem with closed source (especially as it relates to Microsoft) is that you shift the responsibility of taking bug reports and fixing the bugs from the community that actually uses the software, to a corporation that probably doesn't see fixing bugs as soon as they are reported as an activity in its best interest. They say to themselves, 'After all, what harm could this little bug do? We are closed source, no one will be able to write an exploit if they can't see our source code.' Gee whiz how come I see so many exploits for closed source products? You put yourself at the mercy of a corporation whose goal is to maximize profits. If it can maximize profits by waiting to fix those bugs until someone writes a nasty exploit for it, then they will every single time. The open source community has already proven that their method works, as long as one maintains one's awareness level (bugtraq).
- Dave
