- Security bugs are profitable, casual bugs are not. Nobody needs to reproduce 'a random spectacular crash due to bad locking' intentionally — that does not make any sense. Functional and reliability issues may happen occasionally. Often, they happen predictably. But none of them happen with intention (unless you're a software tester). So, whenever a casual bug appears, some part of users are affected (that depends on the feature popularity). Whenever a security hole exists, the chances are high, that most of the users are under the threat.
- Casual bugs are visible, security bugs are not. When a casual bug appears, it affects how system works, otherwise, nobody would report the bug. It breaks the user's explicit expectations. With security, the expectations are usually implicit or are entirely connected with what they call 'security features' (authentication, authorization, cryptography). Nobody complains about security bugs, system continues to work.
Tuesday 22 July 2008
Why Security Bugs Are Different
There is a couple of good reasons why security bugs are worse than the 'boring normal' (non-security) ones.
Friday 18 July 2008
Torvalds' Plans Revealed
It is widely discussed now how Torvalds called OpenBSD developers "a bunch of masturbating monkeys". Yesterday he also called Digg users a bunch of "wanking walruses".
Besides that, we know that there is a new kernel version naming system is coming.
Now, do you see the pattern?
Besides that, we know that there is a new kernel version naming system is coming.
Now, do you see the pattern?
- Masturbating Monkeys
- Wanking Walruses
Subscribe to:
Posts (Atom)