Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Watch for the issues Stevie boy doesn't address

Story: Microsoft's Ballmer bombards Linux OS

Total Replies: 0

Author	Content
AnonymousCoward Oct 27, 2004 5:52 PM EDT	Watch also for issues which he finesses... for example: Worms and viruses generally don't appear as separately reported vulnerabilities, and they don't always rely on exploiting other known vulnerabilities. MS-Windows has these by the bucketful (we're talking hundreds of thousands of different viruses) and Linux has essentially none (Mac OS X, as of the last few weeks, has one). Even Homer Simpson on a bad day could work out that it's greatly to any Microsoft employee's advantage to transmute a discussion of viruses into a discussion of vulnerabilties, and then by carefully choosing a timeslice or category for the vulnerabilities presented, make their product appear not so bad or at least muddy the waters enough that the emperor's absence of clothes isn't so blatantly obvious. A recent example http://www.theage.com.au/articles/2004/10/25/1098667679077.h... of this came in response to this http://www.smh.com.au/articles/2004/10/18/1097951615940.html opinion piece. Ben English either timesliced or blind-alleyed or didn't carefully check a volatile hacked-websites log which normally reports about 4 vandalised win32 sites for each linux site. He also ignored the application density covered by the vulnerabilities (hundreds of win32 apps vs thousands to tens of thousands of linux apps) He ignores what might be called the "quality" of the vulnerability. Is it remotely exploitable? Does it require administrator, root or other special rights? Is it difficult to implement an exploit for? Does it care very much about exact versions, names or locations of things? About processor architecture? The vulnerability lists don't care, but it does make a huge difference to the outcome. Ben ignores Microsoft's habit of ignoring and downplaying security issues, new attitude or not. It is to Microsoft's commercial advantage to be seen as more secure, but Linus Torvalds doesn't much care about his reputation - like it or lump it, this does influence the admission and rating of vulnerabilities. and so on. Summary: if you look closely enough at what Steve's saying, he's full of it.

Author

Content

AnonymousCoward

Oct 27, 2004
5:52 PM EDT

Watch also for issues which he finesses... for example: Worms and viruses generally don't appear as separately reported vulnerabilities, and they don't always rely on exploiting other known vulnerabilities. MS-Windows has these by the bucketful (we're talking hundreds of thousands of different viruses) and Linux has essentially none (Mac OS X, as of the last few weeks, has one). Even Homer Simpson on a bad day could work out that it's greatly to any Microsoft employee's advantage to transmute a discussion of viruses into a discussion of vulnerabilties, and then by carefully choosing a timeslice or category for the vulnerabilities presented, make their product appear not so bad or at least muddy the waters enough that the emperor's absence of clothes isn't so blatantly obvious. A recent example http://www.theage.com.au/articles/2004/10/25/1098667679077.h... of this came in response to this http://www.smh.com.au/articles/2004/10/18/1097951615940.html opinion piece.

Ben English either timesliced or blind-alleyed or didn't carefully check a volatile hacked-websites log which normally reports about 4 vandalised win32 sites for each linux site.

He also ignored the application density covered by the vulnerabilities (hundreds of win32 apps vs thousands to tens of thousands of linux apps)

He ignores what might be called the "quality" of the vulnerability. Is it remotely exploitable? Does it require administrator, root or other special rights? Is it difficult to implement an exploit for? Does it care very much about exact versions, names or locations of things? About processor architecture? The vulnerability lists don't care, but it does make a huge difference to the outcome.

Ben ignores Microsoft's habit of ignoring and downplaying security issues, new attitude or not. It is to Microsoft's commercial advantage to be seen as more secure, but Linus Torvalds doesn't much care about his reputation - like it or lump it, this does influence the admission and rating of vulnerabilities.

and so on. Summary: if you look closely enough at what Steve's saying, he's full of it.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!

Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

Watch for the issues Stevie boy doesn't address

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software

Login

Today's Big Story

LXer Features

Have something to say?

Latest Discussions

Site Menu

Other News

Watch for the issues Stevie boy *doesn't* address

Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Watch for the issues Stevie boy doesn't address