Linked by Thom Holwerda on Fri 16th Mar 2007 17:02 UTC, submitted by Shawna McAlearney
Privacy, Security, Encryption "Starting today, I plan on posting a monthly vulnerability scorecard for common server and workstation Operating System products. I'm going to keep these scorecards pretty clean of discussion, but you can review my methodology, sources and assumptions." Note that these results speak only of fixed vulnerabilities; the author aims to include information on non-fixed problems and the time it takes to fix problems as well. You should also read this, by the way.
Thread beginning with comment 221961
To read all comments associated with this story, please click here.
Bring it on!
by Buck on Fri 16th Mar 2007 18:07 UTC
Buck
Member since:
2005-06-29

Yeah! Look! Vista has a perfect score! Guess it's time to wipe off that FreeBSD partition and also sell those Xserves... Heh.
And it's absolutely hilarious how he didn't include pre-SP2 XP. Talk about... bias.

Edited 2007-03-16 18:07

Reply Score: 5

RE: Bring it on!
by leos on Fri 16th Mar 2007 18:18 in reply to "Bring it on!"
leos Member since:
2005-09-21

Indeed, the Vista score is a bit misleading to say the least. Vista wasn't released to the general public at all during the period he is examining. And no competent business will have deployed Vista anywhere but in testing in that period either. So it is quite natural that it has had no fixes.

However, it is not biased to not include pre-SP2 XP. SP2 has been out for years, and everyone at all concerned with security should be running it by now. Just like he didn't include old version of Linux in his comparison.

Then again, these numbers don't mean much if you keep your systems up to date. I will be very interested to see his data on non-fixed problems and time to fix. Much more relevant to determining security than fixed issues.

Another addition that would help the credibility of this piece is a detailed view where the vulnerabilities are listed, broken down by component.

Edited 2007-03-16 18:23

Reply Parent Score: 5

RE: Bring it on!
by flanque on Fri 16th Mar 2007 21:32 in reply to "Bring it on!"
flanque Member since:
2005-12-15

Yeah, sure is biased!

Why isn't my Red Hat 9 install included on there?? Damn you bias Microsoft fanboi.

Reply Parent Score: 4