View Single Post
Old 10th April 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by barti View Post
I made a comparison in the totals.

If you use plone+freebsd it is much more secure then linux+joomla
I am not sure why, but you have missed the points the both rocket357 and I have tried to articulate in this thread.

Let me try to clarify. We believe that:
  • Counting CVE reports is not an accurate measure of the program's "security" design.
  • Comparing counts of CVE reports between programs is not a useful measure of their relative security.
  • Applications are deployed on integrated computing systems. CVEs reports are for individual programs or products, not for systems.
  • Systems design and implementation choices are of more importance to security than the selection of individual programs or products.
----


Edited to add:


My highlighted bullet is my belief and active practice. I haven't confirmed agreement on this with rocket357, and will accept correction, if my assumption is incorrect.

Last edited by jggimi; 10th April 2013 at 02:23 PM. Reason: typo, clarity
Reply With Quote