Linked by Amjith Ramanujam on Mon 11th Aug 2008 16:13 UTC, submitted by gonzo
Privacy, Security, Encryption Ars Technica has analyzed recently publicized Vista's security flaws. "Unfortunate, yes, but not as was reported in the immediate aftermath of the presentation evidence that Vista's security is useless, nor does this work constitute a major security issue. And it's not game over, either. Sensationalism sells, and there's no news like bad news, but sometimes particularly when covering security issues, it would be nice to see accuracy and level-headedness instead. ... Furthermore, these attacks are specifically on the buffer overflow protections; they do not circumvent the IE Protected Mode sandbox, nor Vista's (in)famous UAC restrictions."
Permalink for comment 326579
To read all comments associated with this story, please click here.
RE[2]: Comment by Soulbender
by netpython on Tue 12th Aug 2008 09:44 UTC in reply to "RE: Comment by Soulbender"
Member since:

so if it's game over for Vista, then it has always been game over for Mac OS X or Linux.

Not perse,

"Address Space Randomization is used for the stack and library mappings since SUSE Linux Enterprise 10 and SUSE Linux 10.1"

"The "Fortify Source" extensions in gcc and glibc are enabled for all packages by default (using -D_FORTIFY_SOURCE=2) since SUSE Linux 10.0 and SUSE Linux Enterprise 10. "

"Runtime stack overflow checking using -fstack-protector is used in some critical packages in SUSE Linux 10.1 and SUSE Linux Enterprise 10 and enabled by default for all packages starting with openSUSE 10.2. "

etc etc

Which makes me think..

Reply Parent Score: 4