[PLUG] Linux Journal Readers' choice awards 2013
Rahul Sundaram
metherid at gmail.com
Sat Jan 18 06:20:38 IST 2014
Hi
On Tue, Jan 14, 2014 at 3:01 PM, Amarendra Godbole wrote:
> There may not be security updates, but there may not be security
> issues in the first place. The only way to ensure this is to lookup
> the quality of developers' on that tool - actively maintained, but too
> many cooks may not be optimum from a security point of view. Consider
> the case of Linux kernel - clearly security isn't a priority,
> especially because they accept binary blobs left, right and center.
> World domination is.
>
The security focus on Linux kernel needs to be improved but this is not
because they are adding some binary firmware since security issues are not
limited to firmware at all. Quite the contrary, all the firmware is being
separated out over time and shipped as a separate tarball and most
distributions ship firmware separately as well. That is the recommended
practice. The real problem is the lack of security tagging in the
changelog and not enough attention to systematic improvements but the
situation is better than before.
Rahul
More information about the Plug-mail
mailing list