Vista Security Claims Debunked

An anonymous reader writes "Apparently Microsoft still hasn't learned that counting vendor acknowledged vulnerabilities isn't a good way to establish the security of an OS. As an analysis of Microsoft's claims on Full Disclosure shows, we see that the methodology used was badly flawed. A bug in Firefox (not to mention emacs), counts as a flaw for Linux, while IE bugs get ignored on Vista's chart. Then we see that vulnerabilities aren't vulnerabilities when they're security-challenged features such as Vista's Teredo. Also, there's far too little consideration given to severity, given that it stoops to counting even extra access restrictions on a file in OSX to have something to show. In short, the original Microsoft analysis was good PR and poor research."

Microsoft found making PR-FUD-ing research

[MukiMuki]

In other news, scientists have confirmed that water is, in fact, wet.

As Gunnery Sergeant Hartman would say

[Anonymous Coward]

Well... no shit...

Shocked!

[yotto]

I am totally shocked. I just bought 10 licences too and threw away all my Linux computers!

You don't need to see our identification.

[Bombula]

These aren't the droids you're looking for.

Microsoft "Research"

[WilliamSChips]

Bears are Catholic. The Pope shits in the woods.

Now...

[Anonymous Coward]

Does that sound like a people_ready business to you?

And here I was...

[Anonymous Coward]

riding a flying pig on my way to get a sweater at the store 'cause I heard Hell had frozen over. At the gamestop next to the sweater store, some kid was playing Duke Nukem Forever, which I thought was an amazing game. ...so what do you mean the report isn't true?

Re:Get The Facts

[node 3]

Well, no doubt CmdrTaco carefully sifts through all the tags submitted for every story, and diligently evaluates them for selection. He even, I'm certain, cross-references tags for relationships to other projects to see if one is just an unlabeled continuation of the other. After such fastidious examination, and only then, does it make the grade. A grade which your most impressive tag passes with ease.

Given Slashdot's exemplary editorial standards, how could it possibly be otherwise?

This is clearly a gross oversight on Taco's part, and will be looked into with the gravest of concern, there can be no doubt. I suspect your well-crafted tag will don the front page in no time, perhaps even in an extra-crisp font to make up for any negligence and mishandling involved.

I look forward to it with heightened eagerness, and commend you on the alacrity and aplomb you've shown in this, your all-important tag-choosing endeavor.

Godspeed, you will prevail.

Submit Macro

[WiseWeasel]

"I need a submit macro"

You mean like the "Preview" button right next to the "Submit" one?

Re:Microsoft "Research"

[cronot]

... and this is, scientists have concluded, Sparta.

Remove the power cord too

[EmbeddedJanitor]

After extensive research we found that having the computer powered up was the source of all the security flaws. Don't blame MS - they don't make the power cords!

Vista on Firewalls...

[flyingfsck]

I haven't seen Cisco jump to run Vista on their Firewall Machines. So, maybe, just maybe, they had a reason to stick to *nix.

Re:Microsoft found making PR-FUD-ing research

[Actually, I do RTFA]

But, I just quit my job at Google and applied to work at Microsoft based on this: http://slashdot.org/article.pl?sid=07/06/27/131421 9/ [slashdot.org].

I Am So Amazed That MS Would Deceive

[NeverVotedBush]

I mean, in their entire history, when has Microsoft ever done ANYTHING untrustworthy?

Like literally copying/stealing other people's code line for line and putting it in their OS? (Stacker)

Like putting in software hooks to see if competing office products were running and then crash them or make them run slow? (WordPerfect)

Like swapping code in an OS and a browser to make it appear that the browser was integral to the OS to weasel out of antitrust issues? (Win98 / Explorer)

Naw... I just can't believe that MicroSoft would stoop so low as to try to promote its "ground-up" new OS (that amazingly has many of the exact same vulnerabilities as XP) as being hardened and more secure than Linux and OSX>

They wouldn't do anything like that, would they?

Re:Microsoft "Research"

[Gorshkov]

Recent longitudinal studies released by the NIH in Atlanta, funded my grants from the Bill Gates foundation, have concluded that scientists are the leading cause of cancer in lab rats.

Re:Remove the power cord too

[Sarisar]

Oooooh! I just thought of a cool 'invention'. A power cord that protects 100% against all vulnerabilities both known and unknown!

(Yes it's a broken cord)

Perhaps I should call it the iCord? Putting an 'i' in front of the word seems to be the in thing at the moment.

And don't worry, After I've made my fortune I'll make the cord open source so everyone can make their own iCords!

Re:Teredo

[ozmanjusri]

It's not about reality, it's about what they will say, how they will spin it

Look, Windows can't even compete on features against Puppy Linux.

No Microsoft sales droid will ever get in a pissing contest against a full blown Linux distro with more than 20,000 packages installable. They'd just end up with a wet leg and a deep-seated sense of personal inadequacy.

Re:Microsoft found making PR-FUD-ing research

[Tumbleweed]

Au contraire - Gartner Group just released a study which concluded MS Water(tm) was not, in fact, wet*, unlike GNU/Water or H2O-BSD.

(*) MS Water(tm) tested at temperatures below 0 degrees C and above 100 degrees C, GNU/Water and H2O-BSD tested between 0 degrees C and 100 degrees C.

Re:The really sad part....

[presearch]

you just have low expectations, that's all.

The bug about emacs...

[darksith69]

...was well counted, after all, it's a nice OS with a poor text editor.

Emacs is a bug?

[Bob54321]

A bug in Firefox (not to mention emacs), counts as a flaw for Linux...

I like text editor wars as much as the next guy, but calling emacs a bug...

Re:Thing I learned in the marketing class I failed

[adamofgreyskull]

Marketing is cheaper than R&D.

You haven't read an annual company report recently, or ever for that matter?

You haven't read the title of the grandparent. He said he failed it, sheesh...you people.

Re:Teredo

[fonik]

I like this argument. My Linux box is extremely secure because my apartment is too messy for anyone to ever find it. It's not filth, it's extra security!

Most Secure Windows ever

[number6x]

• 486 SX 66Mhz machine running Windows 3.1
• In Dick Cheney's Bunker
• No Modem
• No Token Ring
• No Banyan VINES
• No Ethernet or IPX
• No TCP/IP winsock implementation.

Most Secure Windows Ever!

Re:Upfront cost isn't the point

[Quince alPillan]

Particularly when it comes to computers or any other sort of information technology, which most people view the way the monkeys viewed the black monolith, as a mysterious object to be feared.

This reminds me of an appropriate bash.org quote:

#2328 [bash.org] <TeamsterX> man watching 6 MSCE's around a sun box, looks alot like the opening scene's of 2001:space odyssey and the monkey's with the monolith

And these are people who are supposed to be technically savvy. I can't imagine what people who know nothing about computers would do.