Security FUD

Two weeks ago we debunked a wave of security FUD which followed another similar wave. Every 3 months or so, Microsoft issues pretty much the same deficient report whose purpose is to give the illusion that Windows is secure. It repeats itself over and over again despite scrutiny. The company does this in order to capitalise on a Big Lie-like effect. Here is another response and rebuttal to the latest FUD.

As I said, these claims are full of issues. Here are the problems with the arguments: (not every such argument suffers from all these flaws, but all of them suffer from one or more of them)

* The severity of the vulnerabilities is not included. Security vulnerabilities are ranked by what kind of a threat they pose. If this data is not included, a product with 100 minor glitches of almost no consequence would be considered less secure than a product with 75 major glitches. (The kind of thing where a hacker can take control of your computer.) * There is no consideration of the status of a vulnerability. If a vulnerability is quickely fixed it is counted the same as if it has been weeks or months and is still unfixed. * Not all companies admit to all the bugs that exist. In an open-source project like Ubuntu, if a bug is found and can be duplicated, it is known and reported, but not all companies act this way.

Interestingly enough, Bruce Schneier spoke about fighting security FUD just a couple of days ago. As we pointed out before, the media always plays a role in these charades. But the bit which seems more relevant to this Web site is the following FUD.

Patent Claims

Watch this new comment from Open Sources (InfoWorld):

According to attendee at a recent Sydney Linux User Group meeting - Microsoft Q&A of which Sarah Bond, Platform Strategy Manager Microsoft. Stated that according to their legal people they cannot reveal which patents are infringed upon because if they do and are they are found to be in breach, then they can claim triple the compensation that they otherwise would be entitled to.

Show us the Patent breaches MS or is it just more fud.

What a cop out.

Microbloat dont care about interoperability only their IP and the money they can make from it. If they really wanted to work with the Open Source community they would embrace existing licenses and not shove the permissable license down every ones throats.

We dont need OOXML or Microsofts unstable platforms and development model.

If I were a company I would tell MS to go and jump regarding their IP. Im not infringing upon their copyright so why should I be concerned.

We did happen to mention this one particular situation where Microsoft infiltrates LUGs. A reader informed us and it later showed up in Free Software Daily.

Steven Vaughan delivers his good analysis as well. Having watched that offensive diagram which reveals Microsoft's perception of GNU/Linux, he responds with the piece "Microsoft's Open-Source Plan: WAMP Instead of LAMP".

Pragmatically, open-source companies have to work with Windows. At the same time, though, any Linux business executives must keep in the forefront of their minds that Microsoft will never be a friendly partner. Actually, forget that, Microsoft has always been, is now, and always will be a hostile partner.

Remember that Apache incident (seemingly innocent invitation) from last month. Also remember Microsoft's deal with Zend, which is intended to optimise PHP for improved performance in Windows. These are not coincidences because there is plenty of reason and evidence behind this. ⬆