Slashdot Mirror

← Back to Domains

Domain: secunia.com

Stories and comments across the archive that link to secunia.com.

Comments · 2,642

  1. Re:Security et al by Ash-Fox · · Score: 1 · on 66% of All Windows Users Still Use Windows XP

    install the latest security patches when they appear

    I will clarify for your benefit what is going on with XP:

    No more mainstream patches. The only patches that are done now are funded by large corporations. Don't expect things like http://secunia.com/community/advisories/windows_insecure_library_loading/ to get ever fixed properly in Windows XP's system software now.

  2. Re:Then perhaps do as the GP asks by Hackeron · · Score: 4, Informative · on Linux Kernel Exploit Busily Rooting 64-Bit Machines

    Just a quick google search: http://secunia.com/advisories/41122

    There are quite a few listed on secunia, it's a really good site. Currently lists 10 unpacked vulnerabilities in Windows Vista, none for Linux surprisingly, it must be a conspiracy against Microsoft and those damn Linux fanboys.

  3. Re:Too late for a film at 11 joke... by LO0G · · Score: 1 · on IE9, FF4 Beta In Real-World Use Face-Off

    That quote doesn't make sense. ActiveX isn't a plugin, it's a plugin model. It's like saying that all vulnerabilities in Flash are the fault of XPCOM.

    ActiveX as a technology is no more or less secure than any other plugin model.

    The actual PDF says that the 366 vulnerabilities are in ActiveX plugins, NOT in ActiveX.

  4. Re:Times change by Anonymous Coward · · Score: 0 · on Nasty Data-Stealing Bug Haunts Internet Explorer 8

    Kudos to FF team.

    Mozilla Firefox Insecure Library Loading Vulnerability: http://secunia.com/advisories/41095. Potato / Patahto.

  5. Re:Oh boy, you really don't know much about .NET by RobertM1968 · · Score: 1 · on Microsoft's Security Development Process Under CC License

    and nor about SteadyState.

    .NET is actually a security success-story. Compared to similar (i.e. Java), .NET has experienced almost an order of magnitude fewer vulnerabilities, especially if you consider the severity of the vulns.

    .NET (using 2.0): http://secunia.com/advisories/product/6456/

    Java (JRE 1.5 which is contemporary): http://secunia.com/advisories/product/4228/

    ------

    SteadyState makes a virtual harddisk. In essense it is itself a "rootkit" in that uses copy-on-write at reads/writes the changed block from/to a log file. When rebooting it simply deletes the logfile and the disk is back to the original state. I would like to see the rootkit which can survive that...

    Wouldnt the answer to that last statement be ANY real rootkit? Just curious. Isn't infecting the MBR the way that rootkits bypass such protections? Wouldn't some rootkits then also be able to hose SteadyState's ability to revert the file system back to previous state? Aren't the file system and MBR two different things, even though they work in conjunction?

    Just curious, hence the questions instead of statements.

    Also, it's a bit disingenuous to simply pick one version of .NET, as systems come with all of them installed and in use from at least 1.1 upwards. Also, it's a bit irrelevant to look at the advisories for .NET as opposed to the numerous hotfixes (hundreds) and multiple large patches (near a dozen) to fix known, in the wild, exploits. Then one should probably factor in the length of time it took for these fixes to come out... and then consider (in the context of this conversation, thus regarding privilege escalation) which, on a properly locked down system can escalate (with NO user interaction and NO user prompts) it's privileges to infect a locked down, limited rights system - I think the answer to that one is .NET - what do you think?

  6. Re:Oh boy, you really don't know much about .NET by RobertM1968 · · Score: 1 · on Microsoft's Security Development Process Under CC License

    and nor about SteadyState.

    .NET is actually a security success-story. Compared to similar (i.e. Java), .NET has experienced almost an order of magnitude fewer vulnerabilities, especially if you consider the severity of the vulns.

    .NET (using 2.0): http://secunia.com/advisories/product/6456/

    Java (JRE 1.5 which is contemporary): http://secunia.com/advisories/product/4228/

    ------

    SteadyState makes a virtual harddisk. In essense it is itself a "rootkit" in that uses copy-on-write at reads/writes the changed block from/to a log file. When rebooting it simply deletes the logfile and the disk is back to the original state. I would like to see the rootkit which can survive that...

    Wouldnt the answer to that last statement be ANY real rootkit? Just curious. Isn't infecting the MBR the way that rootkits bypass such protections? Wouldn't some rootkits then also be able to hose SteadyState's ability to revert the file system back to previous state? Aren't the file system and MBR two different things, even though they work in conjunction?

    Just curious, hence the questions instead of statements.

    Also, it's a bit disingenuous to simply pick one version of .NET, as systems come with all of them installed and in use from at least 1.1 upwards. Also, it's a bit irrelevant to look at the advisories for .NET as opposed to the numerous hotfixes (hundreds) and multiple large patches (near a dozen) to fix known, in the wild, exploits. Then one should probably factor in the length of time it took for these fixes to come out... and then consider (in the context of this conversation, thus regarding privilege escalation) which, on a properly locked down system can escalate (with NO user interaction and NO user prompts) it's privileges to infect a locked down, limited rights system - I think the answer to that one is .NET - what do you think?

  7. Oh boy, you really don't know much about .NET by benjymouse · · Score: 1 · on Microsoft's Security Development Process Under CC License

    and nor about SteadyState.

    .NET is actually a security success-story. Compared to similar (i.e. Java), .NET has experienced almost an order of magnitude fewer vulnerabilities, especially if you consider the severity of the vulns.

    .NET (using 2.0): http://secunia.com/advisories/product/6456/

    Java (JRE 1.5 which is contemporary): http://secunia.com/advisories/product/4228/

    ------

    SteadyState makes a virtual harddisk. In essense it is itself a "rootkit" in that uses copy-on-write at reads/writes the changed block from/to a log file. When rebooting it simply deletes the logfile and the disk is back to the original state. I would like to see the rootkit which can survive that...

  8. Oh boy, you really don't know much about .NET by benjymouse · · Score: 1 · on Microsoft's Security Development Process Under CC License

    and nor about SteadyState.

    .NET is actually a security success-story. Compared to similar (i.e. Java), .NET has experienced almost an order of magnitude fewer vulnerabilities, especially if you consider the severity of the vulns.

    .NET (using 2.0): http://secunia.com/advisories/product/6456/

    Java (JRE 1.5 which is contemporary): http://secunia.com/advisories/product/4228/

    ------

    SteadyState makes a virtual harddisk. In essense it is itself a "rootkit" in that uses copy-on-write at reads/writes the changed block from/to a log file. When rebooting it simply deletes the logfile and the disk is back to the original state. I would like to see the rootkit which can survive that...

  9. Re:Jailbreakme by Bill_the_Engineer · · Score: 5, Informative · on Flash Ported To iOS and iPhone 4

    Actually I hope it's really soon. I not against jail breaking, but I don't like the idea that PDFs can be used to exploit iOS4. http://secunia.com/advisories/40807/

  10. Re:What it doesn't say by Anonymous Coward · · Score: 4, Informative · on Silent, Easily Made Android Rootkit Released At DefCon

    The article is a troll piece hoping for clicks for ads. Here's the bug in question

  11. I have no problem with this by ChrisDevine · · Score: 1 · on UK Government Rejects Calls To Upgrade From IE6

    as long as every machine using IE6 is blocked from any access to the outside internet. Using IE6 with its 23 unpatched advisories ranging from exposure of information to system access in this day and age, especially on a government computer, is just idiotic. My current employer had been using IE6 along with "reputable" virus/malware protection, firewall, etc and the machines facing the internet (as opposed to solely the intranet) were riddled with trojans and malware. Simply having them installed, especially if the user doesn't understand them and may be able to bypass them, is simply not enough with all the malware floating around.

  12. Re:"... by any user with impersonation rights." by Anonymous Coward · · Score: 2, Informative · on Windows Vulnerable To 'Token Kidnapping' Attacks

    if you run IIS you may as well just post your admin password and social security number on your homepage

    Really? Try a little comparison exercise:
    IIS6: http://secunia.com/advisories/product/1438/
    IIS7: http://secunia.com/advisories/product/17543/
    Apache 2.2.x: http://secunia.com/advisories/product/9633/

    In the 7 years Secunia has listed online, IIS6 has 10 vulnerabilities, IIS7.x has 3, Apache 2.2.x has 19

  13. Re:"... by any user with impersonation rights." by Anonymous Coward · · Score: 2, Informative · on Windows Vulnerable To 'Token Kidnapping' Attacks

    if you run IIS you may as well just post your admin password and social security number on your homepage

    Really? Try a little comparison exercise:
    IIS6: http://secunia.com/advisories/product/1438/
    IIS7: http://secunia.com/advisories/product/17543/
    Apache 2.2.x: http://secunia.com/advisories/product/9633/

    In the 7 years Secunia has listed online, IIS6 has 10 vulnerabilities, IIS7.x has 3, Apache 2.2.x has 19

  14. Re:"... by any user with impersonation rights." by Anonymous Coward · · Score: 2, Informative · on Windows Vulnerable To 'Token Kidnapping' Attacks

    if you run IIS you may as well just post your admin password and social security number on your homepage

    Really? Try a little comparison exercise:
    IIS6: http://secunia.com/advisories/product/1438/
    IIS7: http://secunia.com/advisories/product/17543/
    Apache 2.2.x: http://secunia.com/advisories/product/9633/

    In the 7 years Secunia has listed online, IIS6 has 10 vulnerabilities, IIS7.x has 3, Apache 2.2.x has 19

  15. Opera IS "extensible", via its "opera widgets" by Anonymous Coward · · Score: 0 · on Opera 10.60 Released, With Faster JS, WebM Video Support

    "Why should I care about a non-extensible browser" - by Anonymous Coward on Sunday July 04, @04:54PM (#32793748)

    Opera IS "extensible", via its 'opera widgets' -> http://widgets.opera.com/

    APK

    P.S.=> Between that, & Opera's 0% unpatched known security vulnerabilities -> http://secunia.com/advisories/product/26745/ , I'd say most of what you're complaining about is moot... apk

  16. OPERA benefits other than speed... apk by Anonymous Coward · · Score: 0 · on Opera 10.60 Released, With Faster JS, WebM Video Support

    "Not trolling, I'm trying to figure out what practical benefit Opera has for its users." - by Anonymous Coward on Sunday July 04, @04:54PM (#32793748)

    Not trolling, but IF this article on SPEED ALONE doesn't do it for you? How about looking @ the practical benefits of SECURITY for end-users also??

    ---

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 3 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 8 Secunia advisories)

    ---

    "Read 'em, & weep..."

    APK

    P.S.=> That 0% unpatched known security vulnerabilities rating of Opera's above always tends to be consistently in that range (no bugs unpatched) month in & month out, for years now typically...

    NOW, for SPEED also, & over time (Plus, to "get back on track" as to the topic @ hand here), historically? Well...

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases, regarding speed... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))... apk

  17. OPERA benefits other than speed... apk by Anonymous Coward · · Score: 0 · on Opera 10.60 Released, With Faster JS, WebM Video Support

    "Not trolling, I'm trying to figure out what practical benefit Opera has for its users." - by Anonymous Coward on Sunday July 04, @04:54PM (#32793748)

    Not trolling, but IF this article on SPEED ALONE doesn't do it for you? How about looking @ the practical benefits of SECURITY for end-users also??

    ---

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 3 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 8 Secunia advisories)

    ---

    "Read 'em, & weep..."

    APK

    P.S.=> That 0% unpatched known security vulnerabilities rating of Opera's above always tends to be consistently in that range (no bugs unpatched) month in & month out, for years now typically...

    NOW, for SPEED also, & over time (Plus, to "get back on track" as to the topic @ hand here), historically? Well...

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases, regarding speed... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))... apk

  18. OPERA benefits other than speed... apk by Anonymous Coward · · Score: 0 · on Opera 10.60 Released, With Faster JS, WebM Video Support

    "Not trolling, I'm trying to figure out what practical benefit Opera has for its users." - by Anonymous Coward on Sunday July 04, @04:54PM (#32793748)

    Not trolling, but IF this article on SPEED ALONE doesn't do it for you? How about looking @ the practical benefits of SECURITY for end-users also??

    ---

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 3 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 8 Secunia advisories)

    ---

    "Read 'em, & weep..."

    APK

    P.S.=> That 0% unpatched known security vulnerabilities rating of Opera's above always tends to be consistently in that range (no bugs unpatched) month in & month out, for years now typically...

    NOW, for SPEED also, & over time (Plus, to "get back on track" as to the topic @ hand here), historically? Well...

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases, regarding speed... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))... apk

  19. OPERA benefits other than speed... apk by Anonymous Coward · · Score: 0 · on Opera 10.60 Released, With Faster JS, WebM Video Support

    "Not trolling, I'm trying to figure out what practical benefit Opera has for its users." - by Anonymous Coward on Sunday July 04, @04:54PM (#32793748)

    Not trolling, but IF this article on SPEED ALONE doesn't do it for you? How about looking @ the practical benefits of SECURITY for end-users also??

    ---

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 3 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(07/05/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 8 Secunia advisories)

    ---

    "Read 'em, & weep..."

    APK

    P.S.=> That 0% unpatched known security vulnerabilities rating of Opera's above always tends to be consistently in that range (no bugs unpatched) month in & month out, for years now typically...

    NOW, for SPEED also, & over time (Plus, to "get back on track" as to the topic @ hand here), historically? Well...

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases, regarding speed... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))... apk

  20. Re:remote desktop by Anonymous Coward · · Score: 0 · on Tunneling Under the Great Firewall?

    Opening up RDP to the world isn't a good idea:

    http://www.google.com/search?num=100&hl=en&q=%22remote+desktop%22+vulnerability+site%3Amicrosoft.com&btnG=Search

    http://louwrentius.blogspot.com/2008/11/did-you-know-that-rdp-is-s-secure-as.html

    http://secunia.com/advisories/15605/

    You might want to actually read the articles you link. Esp since they are 2 years old and have edits down at the bottom updating on how the newer versions of rdp have fixed things.

  21. Re:remote desktop by TheLink · · Score: 2, Informative · on Tunneling Under the Great Firewall?

    Opening up RDP to the world isn't a good idea:

    http://www.google.com/search?num=100&hl=en&q=%22remote+desktop%22+vulnerability+site%3Amicrosoft.com&btnG=Search

    http://louwrentius.blogspot.com/2008/11/did-you-know-that-rdp-is-s-secure-as.html

    http://secunia.com/advisories/15605/

  22. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  23. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  24. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  25. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  26. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  27. Re:Businesses do not understand technology by ChrisDevine · · Score: 5, Informative · on Chase Bank May Drop Support of Chrome, Opera

    According to Secunia:

    Google Chrome 3.x has had 5 advisories, 1 of which is unpatched. Google Chrome 4.x has had 6 advisories, 1 of which is unpatched. Google Chrome 5.x has had 2 advisories, 0 of which are unpatched.

    MSIE 6.x has had 146 advisories, 23 of which are unpatched.
    MSIE 7.x has had 45 advisories, 10 of which are unpatched.
    MSIE 8.x has had 13 advisories, 4 of which are unpatched.

    So no, it isn't just "marginally more secure."

  28. Opera's scripting engine is faster than Chrome by Anonymous Coward · · Score: 0 · on Chase Bank May Drop Support of Chrome, Opera

    "The scripting engine in Chrome is at least twice as fast as the one in IE" - by istartedi (132515) on Sunday June 27, @06:02PM (#32711456)

    See the results there for what's stated in my subject-line above, it's VERY CURRENT (this week in fact):

    http://blogs.msdn.com/b/ie/archive/2010/06/23/html5-native-third-ie9-platform-preview-available-for-developers.aspx

    ("Read 'em & weep"... & that's ONLY OPERA's BETA CODE FOR THEIR NEXT RELEASE mind you - it's only going to be faster once it's OUT OF BETA (once excessive err traps &/or debug stuff is outta it's codebase))

    So - For SPEED?

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))

    APK

    P.S.=> On the note of security as well, in favor of Opera? It's usually always listed with ZERO known security vulnerabilities over @ SECUNIA.COM also (here are today's results on that note in fact):

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 2 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/26745/?task=statistics

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    (Once more/again, albeit on the note of security vs. speed above: "Read 'em & weep"...)

    Opera ROCKS, period (or, do the stats above make me a liar? I think not...)! Opera shows less security vulnerabilities in current builds than FF does (& less than IE, & IE still has known security issues).

    Plus, Opera's been able to pass the "ACID TESTS" (ACID2 specfically) for compliance to web-based standards since version 6.x iirc, & it was (iirc) actually the FIRST BROWSER (not development kit) to do so, but when counting dev kits, it was 2nd... correct me if I am "off" here on this last point though, guys, & thanks.

    APK

    P.S.-> Opera has a BIG "share-of-market" on MOBILE DEVICES as well, & is big in EUROPE (though stats don't tend to show it, because like many others, I tend to "IDENTIFY AS IE" in Opera, so I get somewhat better "IE based" page renderings on SOME sites (this happens, too bad) & that's something others seem to overlook QUITE A BIT too)...

    Once more, imo @ least? Well - Opera's great!

    I.E.-> It took me away from being a FireFox user primarily in fact, because of it (& FF + IE have copied Opera's features RAMPANTLY over time (e.g.-> Tabbed Browsing anyone? As far as ADDONS also?? Heh, a LOT of w

  29. Opera's scripting engine is faster than Chrome by Anonymous Coward · · Score: 0 · on Chase Bank May Drop Support of Chrome, Opera

    "The scripting engine in Chrome is at least twice as fast as the one in IE" - by istartedi (132515) on Sunday June 27, @06:02PM (#32711456)

    See the results there for what's stated in my subject-line above, it's VERY CURRENT (this week in fact):

    http://blogs.msdn.com/b/ie/archive/2010/06/23/html5-native-third-ie9-platform-preview-available-for-developers.aspx

    ("Read 'em & weep"... & that's ONLY OPERA's BETA CODE FOR THEIR NEXT RELEASE mind you - it's only going to be faster once it's OUT OF BETA (once excessive err traps &/or debug stuff is outta it's codebase))

    So - For SPEED?

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))

    APK

    P.S.=> On the note of security as well, in favor of Opera? It's usually always listed with ZERO known security vulnerabilities over @ SECUNIA.COM also (here are today's results on that note in fact):

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 2 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/26745/?task=statistics

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    (Once more/again, albeit on the note of security vs. speed above: "Read 'em & weep"...)

    Opera ROCKS, period (or, do the stats above make me a liar? I think not...)! Opera shows less security vulnerabilities in current builds than FF does (& less than IE, & IE still has known security issues).

    Plus, Opera's been able to pass the "ACID TESTS" (ACID2 specfically) for compliance to web-based standards since version 6.x iirc, & it was (iirc) actually the FIRST BROWSER (not development kit) to do so, but when counting dev kits, it was 2nd... correct me if I am "off" here on this last point though, guys, & thanks.

    APK

    P.S.-> Opera has a BIG "share-of-market" on MOBILE DEVICES as well, & is big in EUROPE (though stats don't tend to show it, because like many others, I tend to "IDENTIFY AS IE" in Opera, so I get somewhat better "IE based" page renderings on SOME sites (this happens, too bad) & that's something others seem to overlook QUITE A BIT too)...

    Once more, imo @ least? Well - Opera's great!

    I.E.-> It took me away from being a FireFox user primarily in fact, because of it (& FF + IE have copied Opera's features RAMPANTLY over time (e.g.-> Tabbed Browsing anyone? As far as ADDONS also?? Heh, a LOT of w

  30. Opera's scripting engine is faster than Chrome by Anonymous Coward · · Score: 0 · on Chase Bank May Drop Support of Chrome, Opera

    "The scripting engine in Chrome is at least twice as fast as the one in IE" - by istartedi (132515) on Sunday June 27, @06:02PM (#32711456)

    See the results there for what's stated in my subject-line above, it's VERY CURRENT (this week in fact):

    http://blogs.msdn.com/b/ie/archive/2010/06/23/html5-native-third-ie9-platform-preview-available-for-developers.aspx

    ("Read 'em & weep"... & that's ONLY OPERA's BETA CODE FOR THEIR NEXT RELEASE mind you - it's only going to be faster once it's OUT OF BETA (once excessive err traps &/or debug stuff is outta it's codebase))

    So - For SPEED?

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))

    APK

    P.S.=> On the note of security as well, in favor of Opera? It's usually always listed with ZERO known security vulnerabilities over @ SECUNIA.COM also (here are today's results on that note in fact):

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 2 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/26745/?task=statistics

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    (Once more/again, albeit on the note of security vs. speed above: "Read 'em & weep"...)

    Opera ROCKS, period (or, do the stats above make me a liar? I think not...)! Opera shows less security vulnerabilities in current builds than FF does (& less than IE, & IE still has known security issues).

    Plus, Opera's been able to pass the "ACID TESTS" (ACID2 specfically) for compliance to web-based standards since version 6.x iirc, & it was (iirc) actually the FIRST BROWSER (not development kit) to do so, but when counting dev kits, it was 2nd... correct me if I am "off" here on this last point though, guys, & thanks.

    APK

    P.S.-> Opera has a BIG "share-of-market" on MOBILE DEVICES as well, & is big in EUROPE (though stats don't tend to show it, because like many others, I tend to "IDENTIFY AS IE" in Opera, so I get somewhat better "IE based" page renderings on SOME sites (this happens, too bad) & that's something others seem to overlook QUITE A BIT too)...

    Once more, imo @ least? Well - Opera's great!

    I.E.-> It took me away from being a FireFox user primarily in fact, because of it (& FF + IE have copied Opera's features RAMPANTLY over time (e.g.-> Tabbed Browsing anyone? As far as ADDONS also?? Heh, a LOT of w

  31. Opera's scripting engine is faster than Chrome by Anonymous Coward · · Score: 0 · on Chase Bank May Drop Support of Chrome, Opera

    "The scripting engine in Chrome is at least twice as fast as the one in IE" - by istartedi (132515) on Sunday June 27, @06:02PM (#32711456)

    See the results there for what's stated in my subject-line above, it's VERY CURRENT (this week in fact):

    http://blogs.msdn.com/b/ie/archive/2010/06/23/html5-native-third-ie9-platform-preview-available-for-developers.aspx

    ("Read 'em & weep"... & that's ONLY OPERA's BETA CODE FOR THEIR NEXT RELEASE mind you - it's only going to be faster once it's OUT OF BETA (once excessive err traps &/or debug stuff is outta it's codebase))

    So - For SPEED?

    Opera leads there, & for the LONGEST TIME also, plus on most ALL FRONTS for things "web" (scripting AND std. HTML work)... here are some evidences of that, over time:

    http://www.howtocreate.co.uk/browserSpeed.html

    and

    http://crave.cnet.co.uk/cnetuk/crave/software/0,39029471,49302491,00.htm

    AND

    http://nontroppo.org/timer/kestrel_tests/

    (Opera "rocked the planet" in those cases... bigtime (& ESPECIALLY ON THE MOST USED PLATFORM THERE IS, BAR-NONE, FOR PC-COMPUTING: Windows!))

    APK

    P.S.=> On the note of security as well, in favor of Opera? It's usually always listed with ZERO known security vulnerabilities over @ SECUNIA.COM also (here are today's results on that note in fact):

    INTERNET EXPLORER 8.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/21625/?task=advisories

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    FIREFOX 3.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/25800/?task=statistics

    Unpatched 9% (1 of 11 Secunia advisories)

    ----

    GOOGLE CHROME 5.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 2 Secunia advisories)

    ---

    OPERA 10.x VULNERABILITIES STATS:(06/27/2010)

    http://secunia.com/advisories/product/26745/?task=statistics

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    (Once more/again, albeit on the note of security vs. speed above: "Read 'em & weep"...)

    Opera ROCKS, period (or, do the stats above make me a liar? I think not...)! Opera shows less security vulnerabilities in current builds than FF does (& less than IE, & IE still has known security issues).

    Plus, Opera's been able to pass the "ACID TESTS" (ACID2 specfically) for compliance to web-based standards since version 6.x iirc, & it was (iirc) actually the FIRST BROWSER (not development kit) to do so, but when counting dev kits, it was 2nd... correct me if I am "off" here on this last point though, guys, & thanks.

    APK

    P.S.-> Opera has a BIG "share-of-market" on MOBILE DEVICES as well, & is big in EUROPE (though stats don't tend to show it, because like many others, I tend to "IDENTIFY AS IE" in Opera, so I get somewhat better "IE based" page renderings on SOME sites (this happens, too bad) & that's something others seem to overlook QUITE A BIT too)...

    Once more, imo @ least? Well - Opera's great!

    I.E.-> It took me away from being a FireFox user primarily in fact, because of it (& FF + IE have copied Opera's features RAMPANTLY over time (e.g.-> Tabbed Browsing anyone? As far as ADDONS also?? Heh, a LOT of w

  32. Add OPERA SECURITY to your "repetoire" cgomezr by Anonymous Coward · · Score: 0 · on Firefox 3.6.4 Released With Out-of-Process Plugins

    You might want to keep these statistics in mind regarding Opera's FANTASTIC security trackrecord, because as per usual, Opera shows NO KNOWN SECURITY VULNERABILITIES left unpatched... see stats from SECUNIA.COM below, for the "big 4" webbrowsers:

    ---

    Vulnerability Report: Opera 10.x (06/24/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    Vulnerability Report: Mozilla Firefox 3.6.x (06/24/2010)

    http://secunia.com/advisories/product/28698/

    Unpatched 40% (2 of 5 Secunia advisories)

    ---

    Vulnerability Report: Microsoft Internet Explorer 8.x (06/24/2010)

    http://secunia.com/advisories/product/21625/

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    Vulnerability Report: Google Chrome 5.x (06/24/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 1 Secunia advisories)

    ---

    ("Read 'em & weep...")

    APK

    P.S.=> Keep this set of URL's in mind for your next posting in regards to Opera cgomezr... it always gets the "firefox fanboys" into an "uproar" every time I post it (which only shows you're getting thru to them in their zealotry via documented facts is all), & they eventually end up doing their "patented name-tossing ad hominem attacks" directed my way in the end, rather than attacking the documented stats above... LOL!

    In fact, it reminds of a film I have just watched called "The Book of Eli"!

    (Specifically in the scene where Eli has just come under the highway bridge underpass, & when he cuts off the cannibalistic hijacker's (troll) hand, & the rest of the band of his "hijackers" go to try to take on Eli (the FAT one makes me laugh - "King Pork" with a Darth Vader gas mask & a chainsaw), & they fail, badly because they are outclassed & overmatched...))

    So, when I post this? Well, I think of it THIS way, per a quote Eli himself used in the film:

    "Yea, though I walk thru 'the valley of the shadow of /.', I shall fear no "troll" (evil): For thou art with me" (the 'thou' simply being verifiable facts & figures from a respected website that specializes in being a clearinghouse for known application security vulnerabilities)... apk

  33. Add OPERA SECURITY to your "repetoire" cgomezr by Anonymous Coward · · Score: 0 · on Firefox 3.6.4 Released With Out-of-Process Plugins

    You might want to keep these statistics in mind regarding Opera's FANTASTIC security trackrecord, because as per usual, Opera shows NO KNOWN SECURITY VULNERABILITIES left unpatched... see stats from SECUNIA.COM below, for the "big 4" webbrowsers:

    ---

    Vulnerability Report: Opera 10.x (06/24/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    Vulnerability Report: Mozilla Firefox 3.6.x (06/24/2010)

    http://secunia.com/advisories/product/28698/

    Unpatched 40% (2 of 5 Secunia advisories)

    ---

    Vulnerability Report: Microsoft Internet Explorer 8.x (06/24/2010)

    http://secunia.com/advisories/product/21625/

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    Vulnerability Report: Google Chrome 5.x (06/24/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 1 Secunia advisories)

    ---

    ("Read 'em & weep...")

    APK

    P.S.=> Keep this set of URL's in mind for your next posting in regards to Opera cgomezr... it always gets the "firefox fanboys" into an "uproar" every time I post it (which only shows you're getting thru to them in their zealotry via documented facts is all), & they eventually end up doing their "patented name-tossing ad hominem attacks" directed my way in the end, rather than attacking the documented stats above... LOL!

    In fact, it reminds of a film I have just watched called "The Book of Eli"!

    (Specifically in the scene where Eli has just come under the highway bridge underpass, & when he cuts off the cannibalistic hijacker's (troll) hand, & the rest of the band of his "hijackers" go to try to take on Eli (the FAT one makes me laugh - "King Pork" with a Darth Vader gas mask & a chainsaw), & they fail, badly because they are outclassed & overmatched...))

    So, when I post this? Well, I think of it THIS way, per a quote Eli himself used in the film:

    "Yea, though I walk thru 'the valley of the shadow of /.', I shall fear no "troll" (evil): For thou art with me" (the 'thou' simply being verifiable facts & figures from a respected website that specializes in being a clearinghouse for known application security vulnerabilities)... apk

  34. Add OPERA SECURITY to your "repetoire" cgomezr by Anonymous Coward · · Score: 0 · on Firefox 3.6.4 Released With Out-of-Process Plugins

    You might want to keep these statistics in mind regarding Opera's FANTASTIC security trackrecord, because as per usual, Opera shows NO KNOWN SECURITY VULNERABILITIES left unpatched... see stats from SECUNIA.COM below, for the "big 4" webbrowsers:

    ---

    Vulnerability Report: Opera 10.x (06/24/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    Vulnerability Report: Mozilla Firefox 3.6.x (06/24/2010)

    http://secunia.com/advisories/product/28698/

    Unpatched 40% (2 of 5 Secunia advisories)

    ---

    Vulnerability Report: Microsoft Internet Explorer 8.x (06/24/2010)

    http://secunia.com/advisories/product/21625/

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    Vulnerability Report: Google Chrome 5.x (06/24/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 1 Secunia advisories)

    ---

    ("Read 'em & weep...")

    APK

    P.S.=> Keep this set of URL's in mind for your next posting in regards to Opera cgomezr... it always gets the "firefox fanboys" into an "uproar" every time I post it (which only shows you're getting thru to them in their zealotry via documented facts is all), & they eventually end up doing their "patented name-tossing ad hominem attacks" directed my way in the end, rather than attacking the documented stats above... LOL!

    In fact, it reminds of a film I have just watched called "The Book of Eli"!

    (Specifically in the scene where Eli has just come under the highway bridge underpass, & when he cuts off the cannibalistic hijacker's (troll) hand, & the rest of the band of his "hijackers" go to try to take on Eli (the FAT one makes me laugh - "King Pork" with a Darth Vader gas mask & a chainsaw), & they fail, badly because they are outclassed & overmatched...))

    So, when I post this? Well, I think of it THIS way, per a quote Eli himself used in the film:

    "Yea, though I walk thru 'the valley of the shadow of /.', I shall fear no "troll" (evil): For thou art with me" (the 'thou' simply being verifiable facts & figures from a respected website that specializes in being a clearinghouse for known application security vulnerabilities)... apk

  35. Add OPERA SECURITY to your "repetoire" cgomezr by Anonymous Coward · · Score: 0 · on Firefox 3.6.4 Released With Out-of-Process Plugins

    You might want to keep these statistics in mind regarding Opera's FANTASTIC security trackrecord, because as per usual, Opera shows NO KNOWN SECURITY VULNERABILITIES left unpatched... see stats from SECUNIA.COM below, for the "big 4" webbrowsers:

    ---

    Vulnerability Report: Opera 10.x (06/24/2010)

    http://secunia.com/advisories/product/26745/

    Unpatched 0% (0 of 7 Secunia advisories)

    ---

    Vulnerability Report: Mozilla Firefox 3.6.x (06/24/2010)

    http://secunia.com/advisories/product/28698/

    Unpatched 40% (2 of 5 Secunia advisories)

    ---

    Vulnerability Report: Microsoft Internet Explorer 8.x (06/24/2010)

    http://secunia.com/advisories/product/21625/

    Unpatched 31% (4 of 13 Secunia advisories)

    ---

    Vulnerability Report: Google Chrome 5.x (06/24/2010)

    http://secunia.com/advisories/product/30134/

    Unpatched 0% (0 of 1 Secunia advisories)

    ---

    ("Read 'em & weep...")

    APK

    P.S.=> Keep this set of URL's in mind for your next posting in regards to Opera cgomezr... it always gets the "firefox fanboys" into an "uproar" every time I post it (which only shows you're getting thru to them in their zealotry via documented facts is all), & they eventually end up doing their "patented name-tossing ad hominem attacks" directed my way in the end, rather than attacking the documented stats above... LOL!

    In fact, it reminds of a film I have just watched called "The Book of Eli"!

    (Specifically in the scene where Eli has just come under the highway bridge underpass, & when he cuts off the cannibalistic hijacker's (troll) hand, & the rest of the band of his "hijackers" go to try to take on Eli (the FAT one makes me laugh - "King Pork" with a Darth Vader gas mask & a chainsaw), & they fail, badly because they are outclassed & overmatched...))

    So, when I post this? Well, I think of it THIS way, per a quote Eli himself used in the film:

    "Yea, though I walk thru 'the valley of the shadow of /.', I shall fear no "troll" (evil): For thou art with me" (the 'thou' simply being verifiable facts & figures from a respected website that specializes in being a clearinghouse for known application security vulnerabilities)... apk

  36. Kudos to Mr. Theo DeRaadt & crew then! by Anonymous Coward · · Score: 0 · on Microsoft a Weak Link In Possible Cyber War

    "OpenBSD 4.4 (they are up to 4.7 now)

    http://secunia.com/advisories/product/19640/ - by Anonymous Coward on Thursday June 10, @01:50PM (#32525672)

    Per my subject-line above: Kudos/congrats to Mr. Theo DeRaadt (a man after my own heart - as he takes NO CRAP from anyone online, does a good job of things, & knows his stuff too - today's RADICALLY OVERLY "Politically Correct" world needs more folks like him online, imo @ least) & the OpenBSD dev. teams!

    (Yes - their crew over there for OpenBSD are generally "ontop of things" & BSD variants are WIDELY recognized for having the fastest & most efficient IP stack there is out there, bar none (so much so, MS "bit off their style", well, that of the BSD *NIX tree actually, & used their freely available IP stack code for Microsoft's IP stack in fact (probably same with the rest of them, but I am not 110% sure on THIS account though))).

    APK

    P.S.=> However, for the MOST part here, on the topic of security? Microsoft Windows 7 has consistently held a 0 threats rating for MOST OF THE TIME since it's been out (sure, it's had security vulnerabilities in that timeframe thusfar, but MS has been "ontop of it", issuing their monthly MS "patch tuesday" hotfixes on the 2nd Tues. of each month, and additionally doing "out-of-band" earlier updates than that, especially for IE issues, when needed (when the threat level is large enough & known exploits of said sec. vuln. are already "in-the-wild")...

    AND?

    Well, again: The 2 "remote security vulnerabilities" in Windows 7, which are BOTH rated VERY LOW THREAT LEVELS too mind you? They have valid, easily implemented, & effective work-arounds that secure them BOTH, so... essentially? Microsoft Windows 7 really IS already @ a "0 unpatched" level now, just like OpenBSD is! apk

  37. Re:Missing from the summary by Anonymous Coward · · Score: 0 · on Google Researcher Issues How-To On Attacking XP

    Missing from the summary is that not only are they documenting the exploit in detail, but they are also providing a hack to patch the hole.

    Missing from your post is the minor detail that the patch doesn't work.

  38. Re:They did no evil by Anonymous Coward · · Score: 0 · on Google Researcher Issues How-To On Attacking XP

    Especially since the hotfix doesn't work . Deploying it would be completely irresponsible.

  39. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  40. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  41. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  42. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  43. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  44. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  45. Re:Your "data"? STALE & OUT OF DATE, & a q by quickOnTheUptake · · Score: 1 · on Microsoft a Weak Link In Possible Cyber War
    My data came from the links AC posted, not sure how that is stale and out of date.

    Your information is STALE, because that's currently not the case for Windows 7

    No, it isn't STALE. What I said was that "eight of Window's 20 advisories have been 4's and one was a 5", this is not stale. It's true, per the links above.
    BTW, the verb I used, 'have been', has what's called "perfect aspect". In context it means that MS shipped Windows 7 with serious problems and patched them later.

    The 2 small ones Windows 7 has are EASILY worked around too, I wonder if the same can be said of the 11 outstanding issues on LINUX 2.6x??

    Yes, for the most part the same can be said:

    • The most serious (allowing local privilege escalation), can be worked around by not using the firewire driver (which I would bet most Linux installs don't anyway), or by only allowing trusted users access to the system.
    • The second most serious (local network DoS via kNFSd) can be worked around by using "the user space NFS daemon instead", as the page itself says. Of course once again, I would bet most linux installs don't use knfsd anyway, and thus are already not affected.
    • The third most serious, can only be avoided by restricting local access to the system, but it is almost entirely theoretical for most setups: it allows a user with local access to read to random memory address, thus theoretically giving access to whatever sensitive information might be stored there. (It also includes a warning about a potential local DoS, again not really a high level concern.)
    • The fourth most serious involves crashing the local system or reading environment variables. So if you store your bank account info in your environment variables and give an evil person local access to your machine you might be affected.
    • Finally we come to the vulnerability whereby a user can gain write permission to a cd-rw drive that he is only supposed to have read permissions for. I bet most sysadmins lost a lot of sleep over that one.

    The rest are classified as "not critical" because they only involve a local DoS.
    Anyway, enough troll-feeding for me.

  46. Re:Windows, vs. LINUX, vs. MacOS X (security vulns by Anonymous Coward · · Score: 0 · on Microsoft a Weak Link In Possible Cyber War

    OpenBSD 4.4 (they are up to 4.7 now)

    http://secunia.com/advisories/product/19640/

    Subject: OpenBSD 4.4
    No posts yet

  47. Windows, vs. LINUX, vs. MacOS X (security vulns) by Anonymous Coward · · Score: 1, Informative · on Microsoft a Weak Link In Possible Cyber War

    "It's not as if people didn't already know about Microsoft's abysmal security record." - by StuartHankins (1020819) on Thursday June 10, @11:16AM (#32523878)

    Ok, let's take a peek at that statements & it's "anti-Microsoft" implications, & we'll do so, by simply using the stats of the "latest/greatest" from the "big 3" OS vendors/OS types out there today, from a respected security vulnerabilities reporting website, in SECUNIA.COM:

    ---

    Linux 2.6x KERNEL SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/2719/?task=advisories

    Unpatched 5% (11 of 217 Secunia advisories)

    (Again, that's JUST THE KERNEL/CORE OF THE OS ALONE (so, I.E.-> How much more would be added by diff. distros & their softwares/shells (KDE/Gnome), etc.- et al?))

    ---

    APPLE MacOS X SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/96/?task=advisories

    Unpatched (approximately) 1% (8 of 1233 Secunia advisories)

    (NOTE: I had to calculate the %, & I + others do NOT like how Apple & SECUNIA are reporting on the errors in security present in Apple's MacOS X there... see the comments below those stats, for an "example thereof"...)

    ---

    MICROSOFT WINDOWS 7 SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    ---

    http://secunia.com/advisories/product/27467/?task=advisories

    Unpatched 13% (2 of 16 Secunia advisories)

    REMEMBER/AGAIN: This is the ENTIRETY of Windows 7 being analyzed - not just its kernel, as is the case with Linux 2.6x above... & ONLY 2 security problems are present!

    Top that off with the fact that 1 of them IS EASILY "worked-around" no less, in the AERO problem, simply by selecting the "Windows Classic" theme, or, shutting off the "Themes" service!

    The other only deals in SSL, for those that run an IIS 6/7 server (which is FAR from everyone, especially desktop users)... so, for example, from the system I am posting on now during lunchtime @ home? I have no IIS running, & thus, I am "proof to it".

    ----

    (Sure, now I am certain I will also see repliers here to my post here say

    "but the 2 security vulnerabilities in Windows are 'remote' in nature"

    Well, newsflash - ANY OF THESE SECURITY VULNERABILITIES REALLY "BOIL DOWN" TO BEING LOCAL, IN THAT SOONER OR LATER, THEY HAVE TO "TOUCH" THE LOCAL SYSTEM ANYHOW IN ORDER TO EXPLOIT THEM PERIOD! Javascript exploits being the MOST "prevalent" of this type, and where do they ACTUALLY RUN? LOCALLY, inside a webbrowser program's javascript processing engines... turn off javascript (on "every site under the sun", & use it only where you HAVE TO and where you can trust the website)? Problem solved!)

    ---

    So, can Windows be secured far better than it comes "out of the box/oem-stock"? Absolutely. Heck, any OS usually can be... such as is shown here:

    ----

    HOW TO SECURE Windows 2000/XP/Server 2003, & even VISTA/Windows 7 (+ make it "fun-to-do" via CIS Tool Guidance & beyond):

    http://forums.theplanet.com/index.php?s=a3272f47031ff9e8939bf662e3a7b7fe&showtopic=89123

    (Much of what's in it "principles-wise" (uses the concept of "layered security") & yes, tools-wise, can also be applied to LINUX (or other *NIX variants too like MacOS X (done via Apple's guide for this, no CIS Tool exists for MacOS X, sorry) + other BSD variants, Solaris, etc.) & e.g. -> There is a CIS Tool for them also (again, except MacOS X, but Apple's got a GREAT GUIDE for this too

  48. Windows, vs. LINUX, vs. MacOS X (security vulns) by Anonymous Coward · · Score: 1, Informative · on Microsoft a Weak Link In Possible Cyber War

    "It's not as if people didn't already know about Microsoft's abysmal security record." - by StuartHankins (1020819) on Thursday June 10, @11:16AM (#32523878)

    Ok, let's take a peek at that statements & it's "anti-Microsoft" implications, & we'll do so, by simply using the stats of the "latest/greatest" from the "big 3" OS vendors/OS types out there today, from a respected security vulnerabilities reporting website, in SECUNIA.COM:

    ---

    Linux 2.6x KERNEL SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/2719/?task=advisories

    Unpatched 5% (11 of 217 Secunia advisories)

    (Again, that's JUST THE KERNEL/CORE OF THE OS ALONE (so, I.E.-> How much more would be added by diff. distros & their softwares/shells (KDE/Gnome), etc.- et al?))

    ---

    APPLE MacOS X SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/96/?task=advisories

    Unpatched (approximately) 1% (8 of 1233 Secunia advisories)

    (NOTE: I had to calculate the %, & I + others do NOT like how Apple & SECUNIA are reporting on the errors in security present in Apple's MacOS X there... see the comments below those stats, for an "example thereof"...)

    ---

    MICROSOFT WINDOWS 7 SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    ---

    http://secunia.com/advisories/product/27467/?task=advisories

    Unpatched 13% (2 of 16 Secunia advisories)

    REMEMBER/AGAIN: This is the ENTIRETY of Windows 7 being analyzed - not just its kernel, as is the case with Linux 2.6x above... & ONLY 2 security problems are present!

    Top that off with the fact that 1 of them IS EASILY "worked-around" no less, in the AERO problem, simply by selecting the "Windows Classic" theme, or, shutting off the "Themes" service!

    The other only deals in SSL, for those that run an IIS 6/7 server (which is FAR from everyone, especially desktop users)... so, for example, from the system I am posting on now during lunchtime @ home? I have no IIS running, & thus, I am "proof to it".

    ----

    (Sure, now I am certain I will also see repliers here to my post here say

    "but the 2 security vulnerabilities in Windows are 'remote' in nature"

    Well, newsflash - ANY OF THESE SECURITY VULNERABILITIES REALLY "BOIL DOWN" TO BEING LOCAL, IN THAT SOONER OR LATER, THEY HAVE TO "TOUCH" THE LOCAL SYSTEM ANYHOW IN ORDER TO EXPLOIT THEM PERIOD! Javascript exploits being the MOST "prevalent" of this type, and where do they ACTUALLY RUN? LOCALLY, inside a webbrowser program's javascript processing engines... turn off javascript (on "every site under the sun", & use it only where you HAVE TO and where you can trust the website)? Problem solved!)

    ---

    So, can Windows be secured far better than it comes "out of the box/oem-stock"? Absolutely. Heck, any OS usually can be... such as is shown here:

    ----

    HOW TO SECURE Windows 2000/XP/Server 2003, & even VISTA/Windows 7 (+ make it "fun-to-do" via CIS Tool Guidance & beyond):

    http://forums.theplanet.com/index.php?s=a3272f47031ff9e8939bf662e3a7b7fe&showtopic=89123

    (Much of what's in it "principles-wise" (uses the concept of "layered security") & yes, tools-wise, can also be applied to LINUX (or other *NIX variants too like MacOS X (done via Apple's guide for this, no CIS Tool exists for MacOS X, sorry) + other BSD variants, Solaris, etc.) & e.g. -> There is a CIS Tool for them also (again, except MacOS X, but Apple's got a GREAT GUIDE for this too

  49. Windows, vs. LINUX, vs. MacOS X (security vulns) by Anonymous Coward · · Score: 1, Informative · on Microsoft a Weak Link In Possible Cyber War

    "It's not as if people didn't already know about Microsoft's abysmal security record." - by StuartHankins (1020819) on Thursday June 10, @11:16AM (#32523878)

    Ok, let's take a peek at that statements & it's "anti-Microsoft" implications, & we'll do so, by simply using the stats of the "latest/greatest" from the "big 3" OS vendors/OS types out there today, from a respected security vulnerabilities reporting website, in SECUNIA.COM:

    ---

    Linux 2.6x KERNEL SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/2719/?task=advisories

    Unpatched 5% (11 of 217 Secunia advisories)

    (Again, that's JUST THE KERNEL/CORE OF THE OS ALONE (so, I.E.-> How much more would be added by diff. distros & their softwares/shells (KDE/Gnome), etc.- et al?))

    ---

    APPLE MacOS X SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    http://secunia.com/advisories/product/96/?task=advisories

    Unpatched (approximately) 1% (8 of 1233 Secunia advisories)

    (NOTE: I had to calculate the %, & I + others do NOT like how Apple & SECUNIA are reporting on the errors in security present in Apple's MacOS X there... see the comments below those stats, for an "example thereof"...)

    ---

    MICROSOFT WINDOWS 7 SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/10/2010:

    ---

    http://secunia.com/advisories/product/27467/?task=advisories

    Unpatched 13% (2 of 16 Secunia advisories)

    REMEMBER/AGAIN: This is the ENTIRETY of Windows 7 being analyzed - not just its kernel, as is the case with Linux 2.6x above... & ONLY 2 security problems are present!

    Top that off with the fact that 1 of them IS EASILY "worked-around" no less, in the AERO problem, simply by selecting the "Windows Classic" theme, or, shutting off the "Themes" service!

    The other only deals in SSL, for those that run an IIS 6/7 server (which is FAR from everyone, especially desktop users)... so, for example, from the system I am posting on now during lunchtime @ home? I have no IIS running, & thus, I am "proof to it".

    ----

    (Sure, now I am certain I will also see repliers here to my post here say

    "but the 2 security vulnerabilities in Windows are 'remote' in nature"

    Well, newsflash - ANY OF THESE SECURITY VULNERABILITIES REALLY "BOIL DOWN" TO BEING LOCAL, IN THAT SOONER OR LATER, THEY HAVE TO "TOUCH" THE LOCAL SYSTEM ANYHOW IN ORDER TO EXPLOIT THEM PERIOD! Javascript exploits being the MOST "prevalent" of this type, and where do they ACTUALLY RUN? LOCALLY, inside a webbrowser program's javascript processing engines... turn off javascript (on "every site under the sun", & use it only where you HAVE TO and where you can trust the website)? Problem solved!)

    ---

    So, can Windows be secured far better than it comes "out of the box/oem-stock"? Absolutely. Heck, any OS usually can be... such as is shown here:

    ----

    HOW TO SECURE Windows 2000/XP/Server 2003, & even VISTA/Windows 7 (+ make it "fun-to-do" via CIS Tool Guidance & beyond):

    http://forums.theplanet.com/index.php?s=a3272f47031ff9e8939bf662e3a7b7fe&showtopic=89123

    (Much of what's in it "principles-wise" (uses the concept of "layered security") & yes, tools-wise, can also be applied to LINUX (or other *NIX variants too like MacOS X (done via Apple's guide for this, no CIS Tool exists for MacOS X, sorry) + other BSD variants, Solaris, etc.) & e.g. -> There is a CIS Tool for them also (again, except MacOS X, but Apple's got a GREAT GUIDE for this too

  50. Re:Can we call a spade a Windows machine? by Anonymous Coward · · Score: 0 · on Botnets Using Ubiquity For Security

    "One of these days, some victim of a botnet is going to initiate a class action lawsuit against Microsoft for publishing an insecure operating system, with the injured parties being the people whose machines were induced to participate in a tort." - by Russ Nelson (33911) on Tuesday June 08, @12:11AM (#32492314) Homepage

    Ok Russ, per what I've quoted from you (seeing as you've been thoroughly "brainwashed" by the "wannabe slashdot samurais" around here on /., which many others know of, even in respected publications such as INFOWORLD here -> http://hardware.slashdot.org/story/10/06/07/1518216/Six-More-Tech-Cults from this week no less)?

    Lets review some facts & figures from a respected security vulnerabilities gathering website (SECUNIA.COM) where we can see the number of known security vulnerabilities in each of the major "big 3" OS' in use (Windows 7, Linux 2.6x (kernel only, would be more with say, KDE/Gnome or BA$H security vulnerabilities added mind you), & MacOS X):

    ---

    Linux 2.6x KERNEL SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/08/2010:

    http://secunia.com/advisories/product/2719/?task=advisories

    Unpatched 5% (11 of 217 Secunia advisories)

    (Additionally, that's JUST THE KERNEL/CORE OF THE LINUX OS ALONE (how much more would be added by diff. distros & their softwares/shells etc.- et al?))

    ---

    APPLE MacOS X SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/08/2010:

    ---

    http://secunia.com/advisories/product/96/?task=advisories

    Unpatched (approximately) 1% (8 of 1233 Secunia advisories)

    ---

    MICROSOFT WINDOWS 7 SECURITY VULNERABILITIES CURRENTLY AS OF THIS DATE 06/08/2010:

    ---

    http://secunia.com/advisories/product/27467/?task=advisories [secunia.com]

    Unpatched 13% (2 of 16 Secunia advisories)

    REMEMBER/AGAIN: This is the ENTIRETY of Windows 7 being analyzed - not just its kernel, as is the case with Linux 2.6x above... & ONLY 2 security problems are present!

    Top that off with the fact that 1 of them IS EASILY "worked-around" no less, in the AERO problem!

    The other will also be fixed, most likely, TODAY in FULL, also (as it is "Microsoft 'Patch Tuesday'" & what-not & I wager BOTH of the security vulnerabilities in Windows 7 will be fixed by then (less emphasis on AERO issue though, as it has a valid working safe "work-around" & MS tends to not concentrate on those as much, because they have easy work-arounds (turn off the THEMES service? You turn off AERO GLASS in essence is why, easy & works)))

    ----

    So, we have security vulnerabilities issues in Windows, Linux, AND MacOS X (but, less apparently in the current builds of Windows (7, Server 2008) than there is in Linux OR MacOS X in terms of numbers of security vulnerabilities present!

    That also includes the fact that Windows 7 has MORE being checked on too, ala the Windows kernel/core AND ITS OS SHELL in this analysis... not just kernel's like Linux 2.6x shown above!

    (Thus again - There is most likely even MORE security holes in Linux, especially if you toss on GUI shells & Windows managers most likely, inclusive of diff. distros variations of both to compound that more).

    (Sure, now I am certain I will also see repliers here to my post here say

    "but the 2 security vulnerabilities in Windows are 'remote' in nature"

    Well, newsflash - ANY OF THESE SECURITY VULNERABILITIES REALLY "BOIL DOWN" TO BEING LOCAL, IN THAT SOONER OR LATER, THEY HAVE TO "TOUCH" THE LOCAL SYSTEM ANYHOW IN ORDER TO EXPLOIT THEM PERIOD!)

    ---

    So, can Windo