Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Web's 20 Worst Security Flaws

Posted by timothy on from the ie-is-one-through-seven dept.

XsynackX writes "The SANS Institute released its Top-20 list of the biggest vulnerabilities on the web today. The SANS Top 20 Internet Security Vulnerabilities list is actually a compilation of two lists--the top 10 Windows vulnerabilities and the top 10 Unix vulnerabilities. The list goes into almost more detail than any one person could ever take in on individual security flaws, but provides a wealth of knowledge for those who like to get in-depth. Interestingly enough, the browser section of the Windows vulnerabilities lists everyone's favorite browser Internet Explorer with 15 flaws and Mozilla with only 7."

12 of 214 comments (clear)

  1. I can't see the site by Anonymous Coward · · Score: 2, Funny

    Is slashdotting a vulnerability?

  2. Their web server... by ttldkns · · Score: 4, Funny

    ...seems to feel that posting a link to it on slashdot is a vunerability.

    --
    How many computers are too many?
  3. Re:not just "the web" by StyxRiver · · Score: 2, Funny

    I can see plume of smoke from the servers at the Sans Institute! Succumb to the /. effect!

  4. Hrm. statistics speak for themselves. by rebeka+thomas · · Score: 3, Funny

    Windows with 95% has 10 of the top 20 vulnerabilities
    Unix with 5% also has 10 of the top 20 vulnerabilities.

    I think the stats speak for themselves in which is more secure. If Win boxes can take such a phenomenal market share and still only have the same number of 'top' vulnerabilities, that's putting it 19 times more secure.

    --
    RST
  5. Re:not just "the web" by pjt33 · · Score: 4, Funny

    But surely changing your passwords every week is good? (Well, against external attackers - not so good against internal attackers if you have to write your password on a PostIt and stick it to your monitor).

  6. Re:Ok I'm sure I'll get slammed for this but... by Anonymous Coward · · Score: 5, Funny

    Do we *really* need to keep harping on it like a bunch of smug self-righteous motherfuckers?

    Yes, because it makes our penises feel bigger.

  7. Re:not just "the web" by tomsuchy · · Score: 5, Funny

    NEVER stick your password post-it on the monitor! It goes under the keyboard.

    --
    this isn't a sig. i type this (including the two dashes), every time i post, just to make it look like a sig.
  8. Re:What about threats to Mac OS X? by Anonymous Coward · · Score: 2, Funny
    Given a normal install, it would take a combined Safari exploit + root exploit to 'own' your box. You should only worry about the Linux apps you're running on your machine, ie fink. A compromise of one of those would still need a root exploit, though.

    Generally, with automatic update turned on, and the ocasional glance at the Apple section on /., you should be fine.

  9. Re:not just "the web" by flossie · · Score: 4, Funny
    NEVER stick your password post-it on the monitor! It goes under the keyboard.

    That's precisely why you should stick it to the monitor - nobody will find it because they will be busy looking under the keyboard! Cunning, eh?

    --
    flossie

    Write now. Defend liberty

  10. Re:Ok I'm sure I'll get slammed for this but... by Anonymous Coward · · Score: 1, Funny

    Yes, because it makes our penises feel bigger. Is that feel bigger, or appear bigger to other people?

  11. Windows + Linux by Nom+du+Keyboard · · Score: 2, Funny

    So when I run a Windows emulator under Linux, do I get all 20 of them?

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  12. Re:Erm no. by Valar · · Score: 2, Funny

    annnndddd whhhhooossshhh.... there goes the joke.

    --

    ====
    Crudely Drawn Games