Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Shades of "Get the Facts"

Story: "Linux more secure than Windows", Microsoft vulnerability report suggests

Total Replies: 3

Author	Content
schestowitz Aug 21, 2007 1:54 PM EDT	Typical Get the Facts-like Big Lie. http://www.daniweb.com/blogs/entry1599.html Also consider the hidden things they patch silently and group, e.g. Microsoft reacts to kernel hacks, defends Vista ,----[ Quote ] \| Microsoft wasn't much help in figuring out exactly what was beefed up by the \| PatchGuard update; the accompanying information was extremely vague. The \| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting \| to the center's blog. "The update adds additional checks to Kernel Patch \| Protection for increased reliability, performance, and security," Conant \| said. `---- http://www.infoworld.com/article/07/08/15/Microsoft-reacts-t... Skeletons in Microsoft’s Patch Day closet ,----[ Quote ] \| This is the first time I’ve seen Microsoft prominently admit to silently \| fixing vulnerabilities in its bulletins — a controversial practice that \| effectively reduces the number of publicly documented bug fixes (for those \| keeping count) and affects patch management/deployment decisions. `---- http://blogs.zdnet.com/security/?p=316 Beware of undisclosed Microsoft patches ,----[ Quote ] \| Forget for a moment whether Microsoft is throwing off patch counts \| that Microsoft brass use to compare its security record with those \| of its competitors. What do you think of Redmond’s silent patching \| practice? `---- http://blogs.zdnet.com/microsoft/?p=527 Microsoft explains this Jeff Jones-type stratgegy here: http://antitrust.slated.org/www.iowaconsumercase.org/011607/... “There’s an interesting article in the April 2007 issue of Harper’s magazine about panels, audits, and experts. It is called CTRL-ALT-DECEIT and is from evidence in Comes v. Microsoft, a class action suit in Iowa. Here’s a paragraph from a document admitted into evidence, called “Generalized Evangelism Timeline,” about guerrilla or evangelical marketing: Working behind the scenes to orchestrate “independent” praise of our technology is a key evangelism function. “Independent” analysts’ reports should be issued, praising your technology and damning the competitors (or ignoring them). “Independent consultants should write articles, give conference presentations, moderate stacked panels on our behalf, and set themselves up as experts in the new technology, available for just $200/hour. “Independent” academic sources should be cultivated and quoted (and granted research money). They advise cultivating “experts” early and recommending that they not publish anything pro-Microsoft, so that they can be viewed as “independent” later on, when they’re needed. This type of evangelical or guerilla marketing is apparently quite common in the high-tech fields, and seems to be used liberally by open source developers. The document admitted into evidence also says, “The key to stacking a panel is being able to choose the moderator,” and explains how to find “pliable” moderators–those who will sell out. It is all a big money game. Most activists in any field know of countless “hearings,” in which hundreds of citizens would testify before a panel, only to be ignored in favor of two or three industry “experts.” When a panel is chosen, the outcome seems to be a foregone conclusion. As with elections, they don’t leave anything to chance.” (a post from a Mark E. Smith about exhibit PX03096 “Evangelism is War” from Comes v. Microsoft). More on the issues to consider: Microsoft is Counting Bugs Again ,----[ Quote ] \| Sorry, but Microsoft's self-evaluating security counting isn't really a \| good accounting. \| \| [...] \| \| The point: Don't count on security flaw counting. The real flaw is \| the counting. `---- http://www.microsoft-watch.com/content/security/microsoft_is... Independent, non-Microsoft studies: How secure are Linux, Window and Mac OS? http://www.masuran.org/node/29 2006 Operating System Vulnerability Summary http://www.omninerd.com/2007/03/26/articles/74 Linux vs. Windows: Which is Most Secure? http://www.esecurityplanet.com/views/article.php/3665801 Linux Security: A Big Edge Over Windows http://www.linuxinsider.com/rsstory/54742.html The problems with Vista laid bare - What might have been http://www.theinquirer.net/default.aspx?article=38419 Why Windows is less secure than Linux http://blogs.zdnet.com/threatchaos/?p=311 Linux more secure than Windows, national survey shows http://www.xomba.com/linux_more_secure_than_windows_national... Microsoft Windows: Insecure by Design http://www.washingtonpost.com/ac2/wp-dyn/A34978-2003Aug23?la... If Only We Knew Then What We Know Now About Windows XP http://www.washingtonpost.com/wp-dyn/content/article/2006/09... Why Windows is a security nightmare. http://www.smh.com.au/articles/2004/05/21/1085120110704.html The Structural Failures of Windows http://www.theinquirer.net/default.aspx?article=15305 More than half of Microsoft Vista needs re-writing http://www.theinquirer.net/default.aspx?article=30516
phsolide Aug 21, 2007 2:23 PM EDT	Do you get the feeling that if something like Groklaw had existed in 1997, that the public sentiment about that MSFT anti-trust trial would have been substantially different? I mean, in 2003, the "press" painted a generally favorable chance of SCO's chances in its original lawsuit against IBM. In 1997/98, the "press" merely reprinted Wag-Edd propaganda about "innovation". The findings of fact got totally ignored.
schestowitz Aug 21, 2007 2:51 PM EDT	I never trust the press. It has sources of revenue, thus it has an agenda. A mixture of (sort of) peer-reviewing blogs make a sensible source of information.
Aladdin_Sane Aug 24, 2007 10:53 AM EDT	This is really good stuff, I mean helpful at exposing MS dirty tricks. I guess more research in to the Comes evidence is in order. A corroborating link to the 3096 PDF quoted is at http://edge-op.org/iowa/www.iowaconsumercase.org/011607/3000... Here's some more from pages 53-54 of that document: "MSDN and Platform marketing are the regular forces, exchanging blows with the enemy mano a mano. Evangelism should avoid formal, frontal assaults, instead focusing its efforts of hit-an-run [sic] tactics." "Competitors will make surprise announcements, lie through their teeth, and generally try to screw you just as hard as you are trying to screw them."

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!