Linked by Thom Holwerda on Fri 17th Dec 2010 22:06 UTC, submitted by poundsmack
Windows While Microsoft's Security Essentials has been very well received because of its small footprint and unobtrusive nature, it didn't always rank among the very top when it came to its detection rates. Overall, I'd still say it's one of the best antivirus tools. Now, with version 2.0, Microsoft has improved the detection mechanisms, but of course, it'll take some tests before we can see how effective they are.
Thread beginning with comment 454219
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[7]: overrated
by bassbeast on Mon 20th Dec 2010 14:01 UTC in reply to "RE[6]: overrated"
bassbeast
Member since:
2007-11-11

Uh huh...explain the SIX YEAR OLD X server bug that was passed through nearly a dozen kernel revs with NOBODY noticing it? Not even once? Your ENTIRE premise hinges on a logical fallacy, the "if the code is out there SOMEBODY must be checking it" which the X server bug drove a stake right through the heart of.

The simple fact is all OS level code is COMPLEX...full stop. Even the guys who work on it every single day can't figure up the complex interactions between their code and the rest of the OS, which is why we have patches. Pretending that "ohhh source code is magic protection!" is just a complete fallacy. There is good and bad of BOTH.

Reply Parent Score: 1

RE[8]: overrated
by lemur2 on Mon 20th Dec 2010 22:03 in reply to "RE[7]: overrated"
lemur2 Member since:
2007-02-17

Uh huh...explain the SIX YEAR OLD X server bug that was passed through nearly a dozen kernel revs with NOBODY noticing it? Not even once? Your ENTIRE premise hinges on a logical fallacy, the "if the code is out there SOMEBODY must be checking it" which the X server bug drove a stake right through the heart of. The simple fact is all OS level code is COMPLEX...full stop. Even the guys who work on it every single day can't figure up the complex interactions between their code and the rest of the OS, which is why we have patches. Pretending that "ohhh source code is magic protection!" is just a complete fallacy. There is good and bad of BOTH.


Everyone being able to see source code doesn't ensure that obscure bugs are spotted. It would be good if it were so, but it just isn't. There are some bugs that are very obscure.

However, what transparency of the source code does ensure is that there aren't included a couple of hundred lines which have malicious functions such as "launch a daemon to capture all keystrokes and send a copy of them to denizen.hackersIP.net".

Please argue against the actual points being raised, and not some strawman points that you just make up only to tear down. Sorry, but strawman argument attacks don't work.

Edited 2010-12-20 22:04 UTC

Reply Parent Score: 2

RE[9]: overrated
by oiaohm on Tue 21st Dec 2010 10:57 in reply to "RE[8]: overrated"
oiaohm Member since:
2009-05-30

"Uh huh...explain the SIX YEAR OLD X server bug that was passed through nearly a dozen kernel revs with NOBODY noticing it? Not even once? Your ENTIRE premise hinges on a logical fallacy, the "if the code is out there SOMEBODY must be checking it" which the X server bug drove a stake right through the heart of. The simple fact is all OS level code is COMPLEX...full stop. Even the guys who work on it every single day can't figure up the complex interactions between their code and the rest of the OS, which is why we have patches. Pretending that "ohhh source code is magic protection!" is just a complete fallacy. There is good and bad of BOTH.


Everyone being able to see source code doesn't ensure that obscure bugs are spotted. It would be good if it were so, but it just isn't. There are some bugs that are very obscure.

However, what transparency of the source code does ensure is that there aren't included a couple of hundred lines which have malicious functions such as "launch a daemon to capture all keystrokes and send a copy of them to denizen.hackersIP.net".

Please argue against the actual points being raised, and not some strawman points that you just make up only to tear down. Sorry, but strawman argument attacks don't work.
"

You missed the critical part. 6 years is not the critical part here. In the last 4 new tech for auditing code has appeared. This is why the 6 year old and other bugs were found. The oldest one found in the audit of code in Linux kernel related to X11 is not 6 but 10 years of not being noticed.

Please be aware the new tech in code auditing need source code to test against. Linux kernel has on average a very low bug detect rate vs the amount of code contained. This is keeping on improving even with 10 year odd bug being dug out.

Tech changes with time. What we could automatically audit for 4 years ago is quite primitive to what we can today. 10 years ago what we could automatically audit for was stoneaged. We are really only starting to enter the IT auditing equal to the industrial revolution. So things will keep on improving.

Source code means the latest tech in auditing can be used against it even if the first maker is no more. There are a lot of games and other things out there were the source code has been lost for good since the company died. Made before the current advances in auditing tech. So they are also not fixable in an affordable way if a issue turns up.

Source code advantage is not just secuirty. Its also the means to correct a secuirty flaw that you would not be able to otherwise.

Reply Parent Score: 1