| |||||||||||||
Security quotes of the weekSecurity quotes of the weekPosted Jun 5, 2012 19:55 UTC (Tue) by vonbrand (subscriber, #4458)In reply to: Security quotes of the week by Cyberax Parent article: Security quotes of the week
Please explain how "any user can get root by officially sanctioned means" is any different from a security perspective than "a user can get root because of a stupid (or otherwise) programming/default setup/configuration mistake." If any, the former is much, much worse (because it probably won't be fixed, ever) than the later. Considering there is roughly a privilege escalation bug a year for Linux (as you claim), many of which were historically exploitable only when using a non-default setup, some weird hardware, or would have been masked by reasonably run-of-the-mill configuration, bugs that are normally fixed in a matter of days; makes your claims look like trying to start a full-blown hurricane in a teapot.
(Log in to post comments)
Security quotes of the week Posted Jun 5, 2012 20:04 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Because you need to get a developer key from Microsoft. And this key is linked to your device - you can't just give it to anybody else.
>Considering there is roughly a privilege escalation bug a year for Linux (as you claim)
>many of which were historically exploitable only when using a non-default setup, some weird hardware, or would have been masked by reasonably run-of-the-mill configuration, bugs that are normally fixed in a matter of days; makes your claims look like trying to start a full-blown hurricane in a teapot.
|
|||||||||||||