Know your attacker
Which is more secure, a product wherein one security flaw is found each year -- but is only fixed six months later -- or a product wherein one equally serious security flaw is found every week -- but where it only takes a day before the flaw is corrected? This question underlies most attempts to compare the security records of open- and closed-source software; Microsoft's Internet Explorer and Mozilla Firefox come to mind as a good example. More security flaws are uncovered per unit time in Firefox than in Internet Explorer, but they also tend to be fixed sooner, leaving (at least by some reports) a smaller number of "days of vulnerability". Like most good questions, the answer to this one is "it depends". In this case, it depends upon whom you're worried about defending against.
At Daemonic Dispatches.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.