Summary: While technology news may have gotten obsessed with Linux and USB, it is actually Microsoft and Apple that suffer from critical problems
EARLIER this week we noted that Linux is inherently very secure and we also cited someone who had posted a good rebuttal to the “USB” claims that are spread out there right now. The short story is that the alleged USB-related flaw is very much exaggerated and good explanations exist to refute the original claims. On the other hand, consider the fact that Microsoft is claiming to plug 22 security vulnerabilities this Tuesday (the real numbers may be a lot worse):
Microsoft issued 12 security bulletins today to cover nearly two dozen vulnerabilities, including critical ones in Internet Explorer and Windows.
Moreover, The Inquirer says that “anti-virus software is losing the battle, and the war”:
ANTI-VIRUS SOFTWARE is fighting a losing battle against malware, and there’s nothing that can be done to turn the tide, according to a security testing firm.
NSS Labs, an independent security product and certification test lab, looked at 10 anti-virus products on the market. It found that the effectiveness of the software was variable, to say the least, with some products more effective at protecting against malware on USB keys than in email, and vice versa.
From the same source we learn that Apple’s proprietary hypePhone can be hacked in six minutes:
INSECURITY RESEARCHERS have busted an Iphone’s encryption protection in just six minutes to gain access to passwords.
Boffins at the Fraunhofer Institute for Secure Information Technology (SIT) in Germany devised the hack. The researchers did the tests to demonstrate that passwords aren’t secure on Iphones that have been lost.
They obviously had a point to prove and weren’t happy with just hacking Apple’s shoddy security encryption in six minutes. Within the allotted time, the team also managed to retrieve most of the passwords stored on the Iphone, accessing personal data that could be used to get into bank accounts.
Visibility of code and wide sharing of it breed bug reports and quick fixes. The mainstream press has been focusing on the wrong targets over the past few days. █
Update: Gordon (thistleweb) has just posted a pointer to “yet ANOTHER #Microsoft story without mentioning the M or W word #BBC #pathetic #poorjournalism http://tighturl.com/2xsj twice in 1 week too”