Linked by Thom Holwerda on Mon 19th Mar 2007 00:29 UTC, submitted by vicious1
Privacy, Security, Encryption "In response to Jeff Jones' Monthly Security Scorecard I did some research on Secunia and made some statistics to answer his. Jeff's Scorecard is quite minimal in my opinion and as pointed out by some of the comments, is missing some interesting facts. These facts include the outstanding advisories, for example, and of course the amont of software installed. Since Linux installs a lot more software the numbers are a bit skewed; however, even if I only take the numbers from Secunia with regard to advisories, vulnerabilites fixed, etc., things still look quite different then on Jeff's charts."
Permalink for comment 222499
To read all comments associated with this story, please click here.
RE[3]: Selective memories...
by lemur2 on Mon 19th Mar 2007 10:01 UTC in reply to "RE[2]: Selective memories..."
lemur2
Member since:
2007-02-17

{ If that were to be true, it'd be impossible to compare systems and their software. }

Que? Say what ?

How is it impossible to compare "three critical unpatched vulnerabilities in 10 million lines" versus "6 identified but now patched moderate vulnerabilities in 60 million lines"?

I think you have re-discovered the art of the non-sequitur.

http://en.wikipedia.org/wiki/Non_sequitur_%28logic%29

(not that it was ever a lost art, mind you).

I think you are seriously confused between "number of vulnerabilities in a system" and "number of vulnerable systems".

Different things entirely. Only the first quantity is any measure of "the security of the system".

Edited 2007-03-19 10:10

Reply Parent Score: 3