Ten Common Security Myths
,----[ Quote ]
| While browsing and in discussion with friends, I have come across many
| misconceptions regarding security. Some of them are planted by the marketing
| division of software companies, some are the result of fanboyism and some are
| due to plain ignorance. The following are some of the most common:
|
| Myths regarding the OS:
|
| * Windows is insecure because of its popularity...
|
| [...]
`----
http://freewebsoftwarereviews.blogspot.com/2008/01/ten-common-security-myths.html
The Microsoft shills tend not to count all those Linux servers out there.
Someone has just E-mailed me this:
___
Another article which recently disappeared, this one after 12 years online
was :
http://www.acm.org/classics/oct95/
which can still be found at
http://web.archive.org/web/19961220000801/http://www.acm.org/classics/oct95/
[...]
Like I wrote, it's available.
http://cm.bell-labs.com/who/ken/trust.html
For me what was interesting was that it disappeared from the ACM site
after 12 years, only a few months after I started making a lot of noise
about it. It may have been in October. It was still in Google cache
then, but unavailable.
___
Very interesting.
Related:
Critical Vulnerability in Microsoft Metrics
,----[ Quote ]
| This is a small subset of all the vulnerabilities, because the
| vulnerabilities that are found through the QA process and the vulnerabilities
| that are found by the security folks they engage as contractors to perform
| penetration testing are fixed in service packs and major updates. For
| Microsoft this makes sense because these fixes get the benefit of a full test
| pass which is much more robust for a service pack or major release than it is
| for a security update.
`----
http://blog.mozilla.com/security/2007/11/30/critical-vulnerability-in-microsoft-metrics/
http://antitrust.slated.org/www.iowaconsumercase.org/011607/3000/PX03096.pdf
Skeletons in Microsoft’s Patch Day closet
,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.
`----
http://blogs.zdnet.com/security/?p=316
Beware of undisclosed Microsoft patches
,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----
http://blogs.zdnet.com/microsoft/?p=527
Microsoft is Counting Bugs Again
,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a
| good accounting.
|
| [...]
|
| The point: Don't count on security flaw counting. The real flaw is
| the counting.
`----
http://www.microsoft-watch.com/content/security/microsoft_is_counting_bugs_again.html?kc=MWRSS02129TX1K0000535
Microsoft is the world's biggest cause of zombie remailers
,----[ Quote ]
| In China, it would take about one and one-half years wages (for the
| average Chinese) to buy a legitimate copy of Windows Vista. If you
| could find it here.
|
| Microsoft is the biggest cause of zombie remailers in the world,
| because they make noises, but do not do anything to address the
| real digital inequities in the world.
`----
http://www.theinquirer.net/default.aspx?article=38202
Excuse me sir: there's a rootkit in your master boot record
,----[ Quote ]
| Every version of Windows, including Vista, is vulnerable to the rootkit.
`----
http://www.theregister.co.uk/2008/01/09/mbr_rootkit/
|
|
