Measuring Linux and Open Source
,----[ Quote ]
| How do you measure success?
|
| This question is often asked in the Linux business and development
| communities, with various answers given: "the number of servers in
| the enterprise," "the number of desktop deployments," "or the number
| of new bugs found in Vista today."
|
| Measuring success is a matter of definition, and therefore it can be
| a hard thing to pin down. And, it seems, the challenges of measurement
| go a lot deeper than something as subjective as "success."
`----
http://www.linuxplanet.com/linuxplanet/reports/6397/1/
Related:
Microsoft is Counting Bugs Again
,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a
| good accounting.
|
| [...]
|
| The point: Don't count on security flaw counting. The real flaw is
| the counting.
`----
http://www.microsoft-watch.com/content/security/microsoft_is_counting_bugs_again.html?kc=MWRSS02129TX1K0000535
Skeletons in Microsoft’s Patch Day closet
,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.
`----
http://blogs.zdnet.com/security/?p=316
Beware of undisclosed Microsoft patches
,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----
http://blogs.zdnet.com/microsoft/?p=527
|
|