On 13-May-99 Mason Loring Bliss spoke unto us all:
#  I wonder if it would be worthwhile to actually do a head count of security
#  holes found and fixed over the last year. My impression is that such an
#  examination would show fewer NetBSD flaws, but I doubt anything like hard
#  data would change people's opinions.

Actually.. if someone were to actually sit down, and chart out our security. 
We could even do this in a way that would not be demeaning to other OS's but
just positive PR for us..  say for example we have a table:

                NetBSD 1.2      NetBSD 1.3     NetBSD 1.4      -current
CERT xxxx       affected        affected        not aff.        not aff.
BUGTRAQ #xxx    not aff.        not aff.        not aff.        not aff.

etc etc..  So people could go to a web page.. and have a real hard image of how
secure we really are.  It's very easy to say "we are secure too!" but we don't
have anything that really shows it. (other than the code, which not everyone
can read/understand)

---
Tim Rightnour  -  root@garbled.net
Free Multi-Platform Operating System: http://www.netbsd.org
NetBSD Mailing lists on the web: http://mail-index.netbsd.org/mlist