Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Web's 20 Worst Security Flaws

Posted by timothy on from the ie-is-one-through-seven dept.

XsynackX writes "The SANS Institute released its Top-20 list of the biggest vulnerabilities on the web today. The SANS Top 20 Internet Security Vulnerabilities list is actually a compilation of two lists--the top 10 Windows vulnerabilities and the top 10 Unix vulnerabilities. The list goes into almost more detail than any one person could ever take in on individual security flaws, but provides a wealth of knowledge for those who like to get in-depth. Interestingly enough, the browser section of the Windows vulnerabilities lists everyone's favorite browser Internet Explorer with 15 flaws and Mozilla with only 7."

4 of 214 comments (clear)

  1. That should be... by Anonymous Coward · · Score: 5, Insightful

    Top Vulnerabilities to UNIX Systems
    1. A fool with root access.

  2. Re:Ok I'm sure I'll get slammed for this but... by Anonymous Coward · · Score: 5, Funny

    Do we *really* need to keep harping on it like a bunch of smug self-righteous motherfuckers?

    Yes, because it makes our penises feel bigger.

  3. Re:In my oppion by Space_Soldier · · Score: 5, Interesting

    That is not entirely true. It is well known that Microsoft abandoned IE after it has won the first browser war. Microsoft have also had a unsecure programming mindset because they started as one-user-minded company instead of multi-user-minded company. Because they did not care about security at first, now they are paying the price. Unfortunetly, the consumer is facing the heat worse than Microsoft.

    Firefox does not allow extensions to be installed from another web site besides update.mozilla.org by default. The user must specify in the options that it wants to allow extensions from a certain site to be installed, which should keep spyware low for now. Firefox users also have more computer skills than IE users. Firefox holes are filled faster than IE. All this should keep spyware low on the Mozilla platform.

    PS: I believe that a recently passed bill made spyware illegal with the penality of prison, and I think that I saw on Google news something about the first spyware trial.

  4. Re:not just "the web" by tomsuchy · · Score: 5, Funny

    NEVER stick your password post-it on the monitor! It goes under the keyboard.

    --
    this isn't a sig. i type this (including the two dashes), every time i post, just to make it look like a sig.