[OT] Oh, the irony... (Was Re: [Pdns-users] freebsd port update?)

Brad Knowles brad.knowles at skynet.be
Fri Mar 14 12:47:02 UTC 2003 

At 1:29 AM -0800 2003/03/14, Ian R. Justman wrote:

>  Seriously, while major strides have been made, I'm still not
>  completely convinced that their respective packages are all that
>  much safer as evidenced by recent issues found in Sendmail and
>  BIND (and much worse, the ISS's and the ISC's handling of the
>  three serious bugs found in BIND 4 and 8 back in October/November.

	How many duodecillions of packets have been handled over the past 
twenty or thirty years by PowerDNS?  There are no two packages more 
intensely scrutinized throughout the entire history of the Internet, 
than BIND & sendmail.  The fact that they are still finding bugs 
means that they have scraped further down the barrel for these two 
programs than for any others, but that they have not yet reached the 
bottom.  How far beneath the surface do you think they've gotten with 
alternative programs, such as PowerDNS?

	People are not perfect.  Nothing that is created by people is 
perfect.  Through trial-by-fire and other methods, these two programs 
have stood the test of time, and while not perfect, are a damn site 
better than almost any other.


	This is not to say that PowerDNS does not have it's place, and 
that for some sites it may be a better choice than BIND, or that they 
might have alternatives to sendmail that would be better choices for 
them.

	But don't casually dismiss either BIND or sendmail just because 
of recent security issues that have been discovered.


	When the programs you've written have stood the test of time over 
twenty or thirty years, have had the sum total of all the hackers and 
crackers on the Internet actively trying to find weaknesses, and are 
still kicking around as the choice for providing that kind of 
service, then you've got legitimate grounds to propose that your 
program is better overall.

	But not until then.

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

More information about the Pdns-users mailing list