Weblog entry — 2003-07-08 05:34:02

Oh my! An anatomically correct Hulk doll. Of course a ban is called for, we can't have this kind of thing.

Go and have a laugh at http://www.gaybetamax.co.uk/ (work safe) (2004-03-13: but the site is no more).

Back to the geeky stuff: The state of the art Apache2 webserver is only on par with proprietary offerings according to Reasoning™. They've tested Apache version 2.1-dev, which is puzzling, since the latest stable release is 2.0.46. So they've tested beta software?

In February Reasoning™ publicized test results of Open Source (Linux) vs. Proprietary TCP/IP stacks, and found that the Linux stack were better than the proprietary ones.

Anyway, read for yourselves in the two Reasoning™ reports; The Defect Report [PDF, 58p.] and The Data Report [PDF, 7p.]. Very interesting reading.

The conclusion must be that running someting as complex as Apache or IIS you should be careful to only enable the bare minimum of modules and functionality like Windows Server 2003 does (Finally! And actually the default install doesn't even include IIS, very good). OpenBSD doesn't enable Apache by default, and if the user enables it, it's chroot(8)'ed by default. Don't expose more software/code to the Internet than strictly necessary and make your defences more than one layer deep. Think and be careful.

Slapping an Open Source license on a piece of code is not the panacea for security/quality/whateveryouwant that many people seem to think, but it may help. Programming is hard, and making quality software, which, as a consequence, will also be secure, is even harder.
I just hope that Reasoning™ will publicize results that proves that some proprietary application is "better" than an equivalent Open Source one, just to prove my point ...