Linked by Thom Holwerda on Tue 21st Aug 2007 18:19 UTC, submitted by SEJeff
Jeff Jones has published another one of his vulnerability scorecards comparing various operating system offerings. As always, these figures just list the patched vulnerabilities over the designated period of time; they do not take into account any unfixed or undisclosed vulnerabilities. Hence, these reports are not proper measurements of security - they are just that, a tally of fixed vulnerabilities. Any conclusions like "x is more secure than y" cannot be drawn from this data set. As always, do with it as you please.
Thread beginning with comment 264891
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-04-20
Without other information to go on, this data tells you absolutely nothing. Has Windows XP had fewer security fixes because it is a mature, secure OS that doesn't need a lot of work, or are there a lot of unfixed or unknown security holes? Can't tell from this data. Is Ubuntu an incredibly insecure OS that requires constant patching, or are the Ubuntu devs more diligent at fixing things? Can't tell from this data. Is Vista a more secure OS, or has it had fewer fixes purely because it is fairly new? Can't tell form this data.
Essentially, this data is utterly useless, because it has no context where comparisons can be made. OF course, people will draw their own conclusions by filling in the missing information with their own biases, preconceptions, experiences and knowledge, but these graphs themselves are a ridiculous waste of time on their own.