Linked by Thom Holwerda on Fri 16th Mar 2007 17:02 UTC, submitted by Shawna McAlearney
Privacy, Security, Encryption "Starting today, I plan on posting a monthly vulnerability scorecard for common server and workstation Operating System products. I'm going to keep these scorecards pretty clean of discussion, but you can review my methodology, sources and assumptions." Note that these results speak only of fixed vulnerabilities; the author aims to include information on non-fixed problems and the time it takes to fix problems as well. You should also read this, by the way.
Thread beginning with comment 222072
To read all comments associated with this story, please click here.
Member since:

where a senior Microsoft security "guru" recommends that Vista vulnerabilities be considered less serious than XP ones.


I believe we are now seeing the Microsoft spin machine roll into action, now that OneCare has been demonstrated to be both useless and stupidly implemented.

So now to spur sales of Vista, we get treated to one Microsoft bozo who wants Vista vulnerabilities downgraded and another Microsoft bozo who is spinning the comparative rates of vulnerability between OS's.

This is a joke.

Somebody step forward and directly call both these gentlemen Microsoft LIARS.

NOBODY at Microsoft who is authorized to talk to the public tells the truth. NOBODY - except maybe that one guy who said OneCare shouldn't have been released.

And he'll be on the unemployment line tomorrow, no doubt.

Microsoft employees - and I don't care WHO they are, or where they come from, whether it's some OSS organization or not, or WHAT their background is with UNIX or anything else - are LIARS by definition. The biggest liar is Bill Gates himself.

The people at Microsoft make the people at Enron look like nuns.

Reply Score: 4

PlatformAgnostic Member since:

Read Michael Howard's blog entry about Vista vulnerabilities... It does not say the words that you put into his mouth. Do you not understand how much the online press distorts all news about Microsoft? And you have to understand who's doing the Vista vulnerability ratings: MSRC-- Microsoft's Security Response Center... It's not like they're asking CERT or someone else to do this. Michael Howard just said that he's not happy that the mitigations in Vista will not really affect the vulnerability rating though they will affect the ease of a hacker actually making an exploit.

Would you explain to me what your background is in security and what expectations you have of any OS? If you can hack a Windows box, I'd certainly like to learn from you, oh guru.

Reply Parent Score: 2