It's no more of a conflict of interest than it is for Symantec to sell
firewall products that protect Veritas backup software (which everyone knows
has had multiple, serious security issues).
t
----- Original Message -----
From: "Mark Litchfield" <Mark@ngssoftware.com>
To: <bugtraq@securityfocus.com>; <vulnwatch@vulnwatch.org>;
<full-disclosure@lists.netsys.com>
Sent: Friday, March 16, 2007 3:10 PM
Subject: Your Opinion +
>A common comment being made is that a Vendor who creates and sells and OS,
>and then sells security applications to protect their OS is a conflict of
>interest.
>
> Consider the Anti-Trust law suits filed against MS by AOL regarding IE and
> RealNetworks regarding Windows Media Player back in 2003, lets say for
> discussion, MS now turn around and offer up their 'Security Applications'
> for free. You know exactly what is going to happen.
>
> (I believe the main issue with AOL and Real Networks was that IE and WMP
> were bundled within the OS.)
>
> I guess my point is, whilst I appreciate the common comment, what other
> options are available to an OS vendor. Offer it up as a free download
> (not bundled within the OS) allowing the end user to make the decision, or
> to carry on charging for it ?
>
> Another common theme has been, that the OS should be secure in the first
> place. Again I agree with this, but as someone indicated developers
> schedules are being dictated by their marketing departments with shipment
> dates, so regardless of their intentions to code securely a vulnerability
> is likely slip through.
>
> With regard to third party security solutions outside of the OS vendor, in
> reality how many new security issues does their software introduce to a
> fully patched OS.
>
> Cheers
>
> Mark
>
>
>
>
討論串 (同標題文章)