Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vista Security Claims Debunked

Posted by CowboyNeal on from the setting-things-straight dept.

An anonymous reader writes "Apparently Microsoft still hasn't learned that counting vendor acknowledged vulnerabilities isn't a good way to establish the security of an OS. As an analysis of Microsoft's claims on Full Disclosure shows, we see that the methodology used was badly flawed. A bug in Firefox (not to mention emacs), counts as a flaw for Linux, while IE bugs get ignored on Vista's chart. Then we see that vulnerabilities aren't vulnerabilities when they're security-challenged features such as Vista's Teredo. Also, there's far too little consideration given to severity, given that it stoops to counting even extra access restrictions on a file in OSX to have something to show. In short, the original Microsoft analysis was good PR and poor research."

1 of 315 comments (clear)

  1. Re:Where is the debunking? by GreatBunzinni · · Score: 5, Informative

    I read the article pretty carefully. I don't see any actual numbers to back up this "debunking".

    That's because you are gullible enough to believe the hype, aggravated by your lack of will to perform a basic search for the facts. Here is a bit of debunking from a quick google search.

    From Secunia's advisory atatistics:

    Those are real world facts supported on real world evidence which is freely available to the public. It isn't a random blog entry which is based on god knows what data which is only known by the author and possibly doesn't even exist. So where in fact is there a need to "debunk" a moronic, unsubstantiated claim made by some microsoft employee, specially when there is all that evidence right in front of everyone's face?

    --
    Slashdot, fix your code or at least hire someone who is competent at it to do it for you.