Let's translate a bit here:
|
| Author | Content |
|---|---|
| PaulFerris Mar 22, 2005 5:48 PM EDT |
"We believe there to be inaccuracies," Mark Cox, the leader of Red Hat's security response team. Translation: These people are smoking crack. Tell them to back away from the pipe for a bit and let the smoke clear. "All this study can do is give people pause, to say they shouldn't go with common wisdom over which platform has more security," said Herbert Thompson, one of the three authors of the paper... Translation: Maybe if Microsoft pays me enough, I'll tell people the Sun sets in the East too... The paper has already caused controversy, as some details were presented at the RSA Conference last month. Translation: People were going out and buying birds, just so they could line their new cages with the results. A server using Red Hat Enterprise Linux ES 3 had more than 12,000 days of risk, while a Microsoft configuration had about 1,600, they said. Translation: This is mostly because a Windows server is down most of the time getting patched, hacked, or redirected for sending spam. Red Hat's Cox countered the findings in his blog posting. "There were only eight flaws in Red Hat Enterprise Linux 3 that would be classed as 'critical' by either the Microsoft or the Red Hat severity scales," he wrote. "Of those, three-quarters were fixed in a day, and the average was eight days." Translation: These people need their heads examined. If they had a clue-meter, it would need a recalibration before it started reading Zero... Microsoft did fund the study, the researchers acknowledged. The software giant released a statement on Tuesday that indicated I think either is infinitely securable by a skilled Jedi administrator. --Herbert Thompson, study author the report was part of Microsoft's "Get the Facts" campaign... Traslation: And everyone knows we're drinking our own bathwater here, who are you going to trust? Microsoft? or your lying eyes... Richard Ford, a computer science professor at the Florida Institute of Technology, and Fabien Casteran, a security test engineer at Security Innovations, were the authors of the report alongside Thompson. The researchers hope to stave off criticism by publishing their methods as part of the report. Translation: Never trust results you haven't rigged yourself. Maybe if we show what laughably stupid methods we've used here, people won't think we're complete morons. Just partial morons that have gotten paid to look like complete morons. "The methodology was designed to allow others to validate it for themselves--it has to be quantitative and repeatable," Thompson said. "We didn't just want to hand people the cake; we wanted to give them a recipe as well." Translation: That way they can make their own crack, like we did. Thompson admitted, however, that security largely depends on the expertise of the administrator. Translation: Someone besides us is going to take the blame for your cracked web servers after all. "I think either (operating system) is infinitely securable by a skilled Jedi administrator," Thompson said. "If I have a Linux guru, then I want that guy to do the Linux web server. I am more of a Window guru, so I would use Windows." Translation: I can only click on dialog boxes and watch pretty little status indicators. When I have real enterprise-class security items -- I call in the professionals. Once you've worked the trade press for a while, you learn to read these things the right way... |
| hkwint Mar 23, 2005 2:05 AM EDT |
Like the translations! Hope you don't mind if I add some: Companies face greater risks if they run their Web sites on Linux rather than Windows ..... Last year, Web servers based on Windows Server 2003 had fewer flaws to fix than those based on Red Hat Enterprise Linux ES 3 Translation: Of the 349 maintained Linux distro's, only Red Hat was worse then Microsoft, and only if the Red Hat server is run by a complete moron like Bill Gates, and the Microsoft server is run by someone smarter than Einstein+God himself. Windows Server 2003 had fewer flaws to fix than those based on Red Hat Enterprise Linux ES 3 Fewer people took the effort to report the bugs in MS, since they pay big money for their bugs, so they won't like them to be removed! Actually, they're addicted to their bugs, since those beasts look so nice when you're on crack. Especially those red/purple South-American bugs are great! "We believe there to be inaccuracies," As usual, MS paid the people working for it for inserting bugs. Counting the holes "18" replied Bill Gates, when he came back from the golf course. "Not bad after all, eh?" The researchers also studied Red Hat and Windows Web servers in minimal configurations It wasn't possible to configure Windows Web Server beyond minimal configurations, and moreover, we are so imcompetent, we can't really configure a Red Hat Server. Microsoft had far fewer high-severity flaws in both the default and minimal configurations For us people at MS, bugs are only critical if: 1) People like Osama can remotely control (the US) nukes using our software 2) They could cost more than 1 billion if we get sued for it 3) There's a remote-hole, allowing customers to remotely steal our crack 4) If more than 5000 customers beg more than 3 times per minute to solve them "We encourage customers to review and evaluate the data in the context of their own computing environments." This crappy study is in fact useless. In fact, my 9-year old nephew could have done this better. People should get the facts and research the facts themselves. Well, after all that talk, we suddenly realize we should look up the word "fact" in the dictionary, to find out what it means, since we actually don't know, and that's a fact! we wanted to give them a recipe as well. We're out of opium and invite people to make their own crack and sell it to us. They watched Fear and Loathing in Las Vegas too many times! |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!