How many security vulnerabilities a month are acceptable?
Reading through responses to an article I wrote about Mad Hatter and the broader subject of auto-immune code, and since I am working on a project for a client that involves Sun products in a security context, it begs me to ask the question - are twenty security vulnerabilities in one month an acceptable number for Sun customers?
It seems to me rather a lot? But then, I know about them. The question is, do Sun customers? Many of these alerts got little or no publicity. So here is the current Sun Security Alert list for August 2003. There were almost as many in July. By the way, Sun Linux is in there, as well.
[ Read more ]