MS: Vista More Secure than Linux, Mac OS X

http://www.eweek.com/article2/0,1759,2149391,00.asp

The problem with comparisons such as these is that they primarily use quantitative, rather than qualitative, analyses and consequently provide a misleading assessment. As the article mentions, it's not the number of vulnerabilities that matters as much as the severity of those vulnerabilities and whether they have been fixed sufficiently. Also, as security blogger Ryan Naraine pointed out, Microsoft have not publically disclosed numerous vulnerability fixes that I'm assuming weren't included in this report. If that is the case, then it fundamentally undermines the validity of this report. If the criteria upon which the comparison is based is susceptible to manipulation, and such manipulation has been acknowledged, then that in principle invalidates the comparison.

The sensationalist title is more misleading then the report, but I guess they have to garner our attention somehow. Even though the article doesn't delve into the bold claim in the title, the entire report is cast in that light, basically as an obvious marketing tool attempting to demonstrate the relative security of Vista.

 

A few more links about this.

http://blogs.zdnet.com/security/?p=321

http://www.engadget.com/2007/06/22/report-vista-more-secure-than-os-x-and-linux/

http://www.vnunet.com/vnunet/news/2192615/microsoft-claims-vista-secure

 

This is the significant part of the quote:

 

Thats a seriously unfair comparison. Red hat Desktop WS contains Tonnes of desktop apps (it comes on dozens of discs).

Nice to see MS doing a fair comparison again.

 

What a load! No article's like these are going to have me do an about-face, I'm done with closed source.
*It's fair to point out that nowhere during the course of a typical day do my need's require proprietary soft.

Steve

 

Likewise. I'm about | this far | from switching to Linux permanently. I'm currently looking at a number of different distros that I've saved on my other hard drive and am running in VirtualBox, and will likely check out a few more. When I find one that I like and can run my printer (always seems to be that problem), I'm liable to dump MS for good. I've already dropped MS Word for Abiword in XP. I think most of the printer problem has to do with virtualbox rather than the distros.

XP is good for a few more years, but why wait. Linux is just as easy with most apps these days, as I've found out in the past week, and if it comes down to it, WINE might solve the problem for me ... maybe ... possibly(?) if I keep XP on a partition - a small partition.

 

yea, sure...

/Cerxes.

 

0_o
o_0

>_>


<_<


XD

 

Well, what else were m$ gonna say?

 

hahahaha, what else? hahahaha

 

Hello,
The last throes of a dying animal. They are going to lose the battle. Oh yes!
Mrk

 

Update

http://www.washingtonpost.com/wp-dyn/content/article/2007/06/22/AR2007062200052.html?referrer=email

Not sure if the link will work as it is the indirect link from their email newsletter I get. Just in case it doesn't, I will sum up the article in brief.

Basically it starts off using the report that this thread deals with to show that Vista has more unpatched vulnerabilities than XP in the first 6 months each was released, noting the differences in those vulnerabilities. It then addresses the problematic nature of using the report to compare the security of Vista to Linux and OS X, citing HD Moore (one of the hackers behind the popular Metasploit penetration testing toolkit). Lastly, it references Randy Abrams from ESET, noting that the stats will be more interesting once Vista becomes more popular than XP and is thus targeted more by hackers.

 

...and here´s one reply to the security statement:

http://seclists.org/fulldisclosure/2007/Jun/0528.html

/Cerxes.