Slashdot Mirror


Linux Distributions Respond to Forrester

dave writes "GNU/Linux vendors Debian, Mandrake, Red Hat, and SUSE have joined together to give a common statement about the Forrester report entitled "Is Linux more Secure than Windows?". Despite the report's claim to incorporate a qualitative assessment of vendor reactions to serious vulnerabilities, it treats all vulnerabilities are equal, regardless of their risk to users. As a result, the conclusions drawn by Forrester have extremely limited real-world value for customers assessing the practical issue of how quickly serious vulnerabilities get fixed."

5 of 262 comments (clear)

  1. Analyst hacks will never bit the hand that feeds by darthcamaro · · Score: 5, Insightful

    And who paid for the Forrestor study?? Not Red Hat they haven't got the cash. Probably another Microsoft funded event.
    The most dramatic thing from my point of view is that SuSe, Red Hat, Mandrake and community based Debian all got together to formulate a common reply. This is the BEST news we could ever hope for - a common on unified front - no forking when it comes to security.

  2. Money talks by Angelonio · · Score: 5, Insightful

    "Microsoft Corp., however, fixes security problems the quickest"
    how can they claim that since Micro$oft receives bug reports that are not publicly announced???
    It is easy to announce the bug along with the patch after having it hidden for 6 months...

  3. Re:IT Research shops by Anonymous Coward · · Score: 5, Insightful

    The executive management of the agency that I work for pays Meta $500/hr to evaluate project plans... they always rubber stamp whatever answer the execs want.

    And then when the project fails, they can go the higher-ups or shareholders and say "See, the plan was sound, it was that Anonymous little shit down in IT that screwed it up. Lay him/her off and ship the job to India!"

    Then they all go celebrate their cost-cutting with booze and hookers, whilst lighting their cigars with $100 bills.

  4. Re:Slant by Spyro+VII · · Score: 5, Insightful

    Have you ever considered that all of the media that you read and watch is biased? And actually if you'd read the article, you'll notice that what they say is perfectly reasonable. Basically, the forrester report was much to narrow focused to have a fair assessment of the data. The simplicity of the initial report is actually laughable. MS fixing 100% of its bugs? Now, remember that Microsoft's code is *not* open source, so they can wait until some poor sap gets bit a bug before they fix it. The initial report by forrester was faulty and relied upon obscurity and simplicity to blatantly shift the report in Microsoft's favor. And before anyone says that forresster is a research company and as such is unbiased, I recommend that you look to SCO for an example of MS's cleverness.

  5. Malleable Statistics by The+Monster · · Score: 5, Insightful
    It's so easy to do, too.
    Forrester collected security vulnerability data
    What vulnerability data? The Linux vendors have an open process. Every one knows what the vulnerabilities are. Can the same be said for Windows bugs? Or are there issues known within MS that simply aren't put on the Bug List until a fix is in the works? Is it a bug if MS doesn't officially admit that it's a bug yet?
    --

    [100% ISO 646 Compliant]
    SVM, ERGO MONSTRO.