Linked by Thom Holwerda on Fri 16th Mar 2007 17:02 UTC, submitted by Shawna McAlearney
Privacy, Security, Encryption "Starting today, I plan on posting a monthly vulnerability scorecard for common server and workstation Operating System products. I'm going to keep these scorecards pretty clean of discussion, but you can review my methodology, sources and assumptions." Note that these results speak only of fixed vulnerabilities; the author aims to include information on non-fixed problems and the time it takes to fix problems as well. You should also read this, by the way.
Thread beginning with comment 222022
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Sorry...
by sbergman27 on Fri 16th Mar 2007 20:18 UTC in reply to "RE[2]: Sorry..."
sbergman27
Member since:
2005-07-24

"""
And, as you might know from reality, the biggest vulnerability resides between keyboard and chair.
"""

The engineer in me makes me want to say that we should eliminate that component, then. ;-)

Reply Parent Score: 3

RE[4]: Sorry...
by Doc Pain on Fri 16th Mar 2007 20:33 in reply to "RE[3]: Sorry..."
Doc Pain Member since:
2006-10-08

""""
And, as you might know from reality, the biggest vulnerability resides between keyboard and chair.
"""

The engineer in me makes me want to say that we should eliminate that component, then. ;-)"


Well, the engineer in me suggests, we'd actually have to replace that component with one that works better because it's better educated and has a higher ability of moral judging, but the psychologist in me want's to give the engineer some sedativa. :-)

I'd like to repeat a thing that someones seem to have forgotten: The article counts the vulnerabilities detected and corrected, so it tells nothing about how secure a system is. The statistics are saying nothing.

Reply Parent Score: 4

RE[4]: Sorry...
by stestagg on Sat 17th Mar 2007 18:11 in reply to "RE[3]: Sorry..."
stestagg Member since:
2006-06-03

I know you were joking, but this links in to a related issue:
Only security freaks, and network managers with inferiority complexes eliminate anything that is a vulnerability. Yes, now that windows has been largely fixed, the user is currently the weakest link in the security chain. But he is also a necessary part of the chain. Too often, the line between security and usability is drawn far too close to security. Features are removed or disabled in software because of 'security issues' when the usability/productivity benefits of leaving said features in far outweigh the security drawbacks.

Reply Parent Score: 2