Microsoft is Moving the Security Goalposts
- Dr. Roy Schestowitz
- 2013-03-05 17:48:12 UTC
- Modified: 2013-03-05 17:48:12 UTC
Armchair reseachers fall right into the trap
Summary: Microsoft's "patch Tuesday" is being rebranded and studies that are based on it continue to make GNU/Linux look bad
The game of counting vulnerabilities is a dirty game which Microsoft knows how to cheat in.
"Microsoft renames "patch Tuesday"," said a reader of this site, pointing to
this article. "What those updates would contain remained a mystery to the experts," says the article. Yes, because when you patch proprietary software nobody really knows what is going on.
This comes amid some security PR from Microsoft partners like Trustwave [
1,
2] (it got to
LWN) and Sourcefire,
which seems to think that Linux has existed since 1988 in its
so-called analysis which neglects to take account of
Microsoft's hidden patches. Be wary and sceptical of so-called 'security' reports that compare platforms on particular criteria that they score based on public knowledge alone. Microsoft has already admitted hiding security-related patches.
⬆
Comments
Needs Sunlight
2013-03-05 18:44:41
In these cases the data is held hostage not only by the proprietary data formats, but also by being on M$ hosted servers. That's an additional harm that "cloud" does. When the bills stop being paid, or the contract runs out, or M$ just feels like it, the data goes away. With data hosted on your own hardware, the data tends to stay until it is actively removed. On your own hardware, bulk transfers and backups are feasible. That is not the case with "cloud" data.
Dr. Roy Schestowitz
2013-03-05 19:02:20