Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Bush2000
Way to ignore:

Severity

Longevity

Obscurity

and Source

For Example, all of Mozilla's advisories would also count as Redhat Advisories becuase Redhat Packeages them, same with PHP. Both PHP and Mozilla products run on windows, so are they also counted with MS? I highly doubt it.

You seem incapable of even reading your own source... too distracted by all the pretty colors in the graph I imagine. From your source:

Different vendors report their vulnerabilities in different ways, and some can be reluctant to report them at all. Oracle, for instance, issued only one advisory in the period studied, according to Secunia.

However, that one advisory covered multiple security issues - 22, in fact - that would have promoted the company to second place if each of these were reported separately, as do both the open-source developers and Microsoft. Microsoft in each notice then goes on to list the products that are affected by that vulnerability. Sometimes that list can be extensive.

Linux application developer Gentoo, for instance, produces "10 to 20 to 30 times" the number of applications Microsoft produces, Zymaris says.

When one does a quick and dirty calculation," he wrote at the time, Linux "can be viewed as being 20 times more secure than Windows (in that) it ships with 20 times as much material but releases approximately the same number of security alerts as Windows."

375 posted on 08/29/2005 3:59:40 PM PDT by N3WBI3 (If SCO wants to go fishing they should buy a permit and find a lake like the rest of us..)
[ Post Reply | Private Reply | To 373 | View Replies ]

To: N3WBI3
For Example, all of Mozilla's advisories would also count as Redhat Advisories becuase Redhat Packeages them, same with PHP. Both PHP and Mozilla products run on windows, so are they also counted with MS? I highly doubt it.

Rubbish. Mozilla counts with Redhat because it's distributed with Redhat. Mozilla isn't distributed with Windows. You guys love to compartmentalize advisory reporting -- separating OS kernel flaws from application flaws -- so that Red Hat and other Linux distributions would appear to have a smaller number of vulnerabilities. But that's simply a lie. If you examine Windows vulnerabilities, you will also see that it encompasses flaws in applications distributed with Windows. See how this game works? You want your cake and you want to eat it, too. You want the freedom to attack Windows apps distributed with the OS (ie. IE, Outlook Express, etc) -- but then don't want to take criticism for apps distributed with Redhat. Too bad.

As for your other nonsensical post, I'm not double-counting Gentoo and other Linux distributions. I think it's fine to look at Gentoo or Redhat. Either way, you're still way more vulnerable using those open source products than Windows.
378 posted on 08/29/2005 4:07:37 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 375 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson