You are missing our premiere tool bar navigation system! Register and use it for FREE!

•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
· Home
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 420 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
The impact of bad security record on software popularity

23.2. The impact of bad security record on software popularity

sendmail, the leading Mail Transport Agent in use today, was written at a time when security was not a big issue. Internet was not as widespread as today and the netizens were kinder to each other. To use nessus' words, "security was clearly not in the mind of the persons who wrote it". Sendmail's security record is legendary (one is tempted to say "abysmal"), see this list of Sendmail desasters, which only covers the period from 1993 through 1997. There was a time when sysadmins had to get used to weekly security patches from the sendmail author and even joked about that.

Did this prevent the whole world from using sendmail? Not at all. Did this prevent Fortune 500 companies from organising their mail systems with sendmail? Doesn't seem so. I wonder if the nessus folks would issue the same warning for sendmail too (didn't check, I must admit):

The remote host is running a copy of Sendmail. Given the insecurity history of this package, the Nessus team recommends that you do not use it but use something else instead, as security was clearly not in the mind of the persons who wrote it.

Other software, like vBulletin, Iconboard, YaBB or Post-Nuke have shown security problems too. Even hardware is not safe from vulnerabilities today, since it may be running on faulty firmware. See How secure is PHP-Nuke? for a long list of links on such examples.

You may have a different opinion on sendmail's merits, but obviously its security record did not harm its popularity that much. And we didn't go that far as to examine this effect on even more popular software, like Windows. That's why, once again, you have to weigh nessus' warning with your own personal "weight factor".

Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.154 Seconds - 524 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded ( ::