Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Red Hat Says Microsoft Software is less Secure; Figures From Microsoft Are Fake, Fraudulent

  • Subject: [News] Red Hat Says Microsoft Software is less Secure; Figures From Microsoft Are Fake, Fraudulent
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Sat, 03 Jul 2010 15:56:47 +0100
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.4.2
Hash: SHA1

Open Source is Inherently More Secure, Says Red Hat

,----[ Quote ]
| But in the closed source world, you have 
| to trust your vendor completely. All you 
| get to see are binaries, so you have no 
| way of knowing how they were built. 
| President Reagan was fond of saying to 
| Soviet leader Mikhail Gorbachev, "Trust, 
| but verify." With proprietary software, 
| you simply have to trust.
| Microsoft, for example, pushes out 
| security updates on the second Tuesday of 
| every month. Bressers said they can't do 
| that. Microsoft has the advantage of 
| hiding security flaws and working on them 
| at their leisure, but with open source 
| software, that's not possible because 
| everyone can see that there's a problem 
| and they expect it to be fixed right away.
| And if a security hole isn't plugged 
| quickly enough, you can fix it yourself, 
| Bressers explained.
| An example of the power of open source is 
| the ping of death bug. Back in the late 
| 1990s someone figured out that if you send 
| a giant ICMP packet to a computer, just 
| about any computer, it will crash. The bug 
| affected every operating system, routers, 
| printers, etc. When the problem was 
| discovered, the open source Linux 
| operating system had the bug squashed in 
| about 2 hours, Bressers recalled. The 
| closed source operating system vendors, 
| however, took days, weeks and even months 
| to make and distribute a patch for the 
| ping of death.


Microsoft: 10,000 PCs hit with new Windows XP zero-day attack

,----[ Quote ]
| Nearly a month after a Google engineer 
| released details of a new Windows XP flaw, 
| criminals have dramatically ramped up 
| online attacks that leverage the bug.
| Microsoft reported Wednesday that it has 
| now logged more than 10,000 attacks. "At 
| first, we only saw legitimate researchers 
| testing innocuous proof-of-concepts. Then, 
| early on June 15th, the first real public 
| exploits emerged," Microsoft said in a 
| blog posting. 


Hackers target Microsoft Windows XP support system

,----[ Quote ]
| Hi-tech criminals are "escalating" attacks 
| on an unpatched bug in the Windows XP help 
| and support system.
| Microsoft said it had seen more than 
| 10,000 machines hit by the attack that, so 
| far, it has not found a fix for.



Netgear modem/router giving your browser âPage Not Foundâ errors? Blame Windows 7, then hit it with a hidden hotfix.

,----[ Quote ]
| Windows XP and Vista are not affected. Linux
| is not affected. Itâs not a problem with the
| router.
| See: KB983528 â The TCP receive window
| autotuning feature does not work correctly in
| Windows Server 2008 R2 or in Windows 7
| Microsoft, probably in an attempt to cover up
| Windows 7 defects, jury rigged that article
| to not show up in search engines. Go ahead
| and google as hidden it, deliberately, with
| robots.txt tfor KB983528 and youâll see that
| Microsoft hrickery.
| Anyway, if anyone is similarly afflicted, try
| whacking it with that Hotfix and tell me what
| you get. :)


Microsoft issues 'silent' patches; AT&T to pay for slow DSL speeds


Microsoft "silently" patches vulnerabilities, leaves admins in the dark


Security Firm Makes Noise About Microsoft Silent Patching

,----[ Quote ]
| Note that a policy such as this implies that
| Microsoft will not patch known, internally-
| discovered vulnerabilities if an externally-
| sourced vulnerability of the same or lesser
| severity is not available for the silent
| patch to piggyback on. They'll sit on it, and
| we won't know for how long because they don't
| document it.


US government finally admits most piracy estimates are bogus

,----[ Quote ]
| We've all seen the studies trumpeting
| massive losses to the US economy from
| piracy. One famous figure, used literally
| for decades by rightsholders and the
| government, said that 750,000 jobs and up to
| $250 billion a year could be lost in the US
| economy thanks to IP infringement. A couple
| years ago, we thoroughly debunked that
| figure. For years, Business Software
| Alliance reports on software piracy assumed
| that each illicit copy was a lost sale. And
| the MPAA's own commissioned study on movie
| piracy turned out to overstate collegiate
| downloading by a factor of three.
| Can we trust any of these claims about
| piracy?
| The US doesn't think so. In a new report out
| yesterday, the government's own internal
| watchdog took a close look at "efforts to
| quantify the economic effects of counterfeit
| and pirated goods." After examining all the
| data and consulting with numerous experts
| inside and outside of government, the
| Government Accountability Office concluded
| (PDF) that it is "difficult, if not
| impossible, to quantify the economy-wide
| impacts."

Version: GnuPG v1.4.10 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index