Microsoft Silently Backs Favorable Presentation at RSA
lildogie writes "Two researchers, from the Florida Institute of Technology and Boston-based Security Innovation Inc., 'surprised the audience at a computer-security convention last month with their finding that a version of Microsoft Windows was more secure than a competing Linux operating system' according to the Seattle Post-Intelligencer. 'This week, the researchers released their finished report, and it included another surprise: Microsoft was funding the project all along.' When will they ever learn?"
Florida: hanging chads and now crooked reports? What's next?
Just like Microsoft's methods and tactics of spreading FUD.
I'm making the distinction between their offerings and their dealings with the world. I don't hear that point of view very often here, so I thought it would be worthwhile to mention.
dmiessler.com -- grep understanding knowledge
You're right, GNAA RUL3Z!!.. ;P
It could well be they had complete control and independence over the research and analysis.
:).
;).
But what also matters is the publishing part. Otherwise Microsoft could just sponsor 10 independent researchers. And only let the one favourable study get published.
That way, all the studies are independent, but you still pick the result you want.
In contrast picking the US president is the other way round... The US people get to independently pick the conclusion they want, from 2 pre-chosen results
That said, Linux Distros aren't really that secure - esp the desktop configurations - once all the typical desktop stuff is installed. I doubt Mozilla is secure - it's just not been as targetted. Mozilla regularly crashes and exits on me for no apparent reason. If you can get a C/C++ program to crash, an attacker can usually get it to run arbitrary code of the attacker's choice.
Same with OpenOffice. Not very stable even with just normal usage. Microsoft Word hardly crashes in comparison.
However for some reason, the latest fully patched IE seems to crash repeateably on some sites when I drag a link in a browser window and let go within the same window (needs javascript enabled - I only enable javascript for a few sites). I don't recall it doing that before.
However Microsoft has really dropped the ball with XP SP2 becoming vulnerable to the LAND attack. Sure speaks volumes that they allow such a vulnerability to be REINTRODUCED.
The Linux kernel has had a fair number of bugs just this year too.
So they're all crap
Unfortunately, nobody cares what fucking frogs think.
Sad but true.
The results of the research show that both Linux-based deployments contained more total security vulnerabilities and more "days of risk"-- the amount of time elapsed between public disclosure of a vulnerability and the issuance of a potential fix by a vendor--per vulnerability. The report also includes a separate, step-by-step description of the repeatable methodology, so that others can duplicated and validate the results.
Windows vs. Linux Web Server Security Research Study
Life in Orange County
It's got nothing to lose, because it's lost it all already.
Oh really? When did this happen? I must have missed it.
What?