Favorite Files

No favorite files added yet

Recent Posts

1. Comment - 5,198 Linux, Windows OS Flaws in 2005

   (Jan 6, 2006 - 1:15 AM)

   I would almost say that I'm going back to Windows 95 or 98, except for the fact that probably the only reason there's so few flaws with them is, no one is looking at them anymore....
   
   Truth be known, when I posted that list to the other (private) newsgroup, and consequently here, I never even considered X-Server or any other shell. I probably should have posted those stats also.
   
   In the end, it's like quite a few have said. It really doesn't matter who's got more security holes (or bugs in general). It's that if there is one, it's one too many.
   
   And, if you bury your head in the sand and say "My OS, be it Windows or Linux, is more secure then your OS." and you don't make sure you get the patches or workarounds set up, you're in for a world of hurt.
   
   Basically, in the end, regardless of what OS you use, it's not 100% secure. So quit whining about who's system is better, and make sure YOUR system is as secure as YOU can make it.
   
   Patrick.

2. Comment - 5,198 Linux, Windows OS Flaws in 2005

   (Jan 5, 2006 - 3:53 AM)

   Ok, take this and do with it what you want. But, here's a little more accurate set of statistics (IMHO). Be forewarned that it's based on 2003 through 2005/6, not just 2005. It comes from Secunia's website listed by product.
   
   http://secunia.com/product/#os_M
   
   For Windows XP Home, there are 109 Security Advisories and 25 of them are unpatched (2003-2005).
   
   For Windows XP Professional, there are 124 Security Advisories and 29 of them are unpatched (2003-2005) Some of these are the same as XP Home, I'm pretty sure.
   
   For Windows 2000 (I'm combining all of the Server and also Professional for this one to conserve space), there are 425 Security Advisories and 76 are unpatched. Granted, some of these probably overlap between the various versions of Windows 2000. The best that Windows 2000 did, was 91 Security Advisories, where 15 are unpatched (Windows 2000 Advanced
   Server).
   
   For Windows 95, there are 7 Security Advisories between 2003 and 2005, and 3 are still unpatched.
   
   For Windows 98 SE, there are 30 Security Advisories, and 3 are still unpatched.
   
   For Windows ME, there are 33 Security Advisories and 3 are still unpatched.
   
   For Linux Kernel 2.0.x, there is 1 Security Advisory, which is patched.
   
   For Linux Kernel 2.2.x, there are 8 Security Advisories, where 1 is unpatched.
   
   For Linux Kernel 2.4.x, there are 54 Security Advisories, where 12 are unpatched.
   
   For Linux Kernel 2.5.x, there are 2 Security Advisories, where none are unpatched.
   
   For Linux Kernel 2.6.x (which is the latest version), there are 64 Security Advisories, where 14 are unpatched.
   
   Adding Gnome 2.x to the Linux part, there are 4 Security Advisories, and all 4 are unpatched.
   
   KDE 2.x, there are 11 Security Advisories, where 1 is unpatched.
   
   KDE 3.x, there are 35 Security Advisories, where 2 are unpatched.
   
   I didn't look into the average time that it took to patch the security advisories. And, this is taken at face value. Secunia even says you shouldn't do a 'face value' comparison, because there are a lot of other factors that need to be taken into account.
   
   Patrick.

3. Comment - 5,198 Linux, Windows OS Flaws in 2005

   (Jan 5, 2006 - 3:25 AM)

   Excellent post again....
   
   I would like to add a point of my opinion, and maybe a clarification to this also.
   
   6) The fact that 5200 flaws have been identified (and I'll add that more are yet to be identified) demonstrates that the concept of good code writing has been lost. Now, it's get the code out quickly because we can't sell the product if it's not finished, and we'll fix the bugs later.
   
   A LONG (10 years) time ago, I was a Computer Science major in a small college. We were taught OOP (Object Oriented Programming), structured code, and we were taught to bug-check our code until it was as perfect as we knew how to make it.
   
   A clarification, if you will allow me to. Because Linux is based on Unix, if you go into the 2,328 flaws that Linux/Unix has, and remove the ones that are applicable to Unix, how many does it leave?
   
   It's like someone else pointed out, you're comparing Windows, which is one product with Linux, Unix, Mac OS, AND probably BSD as well (although I'm probably wrong about BSD).
   
   Isn't that like saying that Los Angeles is better then the entire United States, because LA had 200 murders last year, but the rest of the United States had 2,000?
   
   On an off-topic note, are you the same GoodThings2Life that used to host in Wizards Room? If so, it's been a long time.. (I was AlwaysSmilingGuy in there for a while).
   
   Patrick.
   
   Also, I should note that I'm typing this on Windows in Internet Explorer. I dabble in Linux, and am going to play with Solaris soon. But, I like Windows, as much as I like Linux. In fact, I have on occasion, beta tested for Microsoft on some of their products (and will continue to as long as they ask me).

4. Comment - 5,198 Linux, Windows OS Flaws in 2005

   (Jan 5, 2006 - 2:55 AM)

   I agree with you about this also. And, I read somewhere a couple of years ago, that software companies should be putting their dll files in a subfolder inside of their folder in Program Files. That way, they don't need to register the dll file, and if one is version dependent, then another one won't break it, when they use a newer version of the dll.
   
   Windows\System and Windows\System32 should be ONLY for Windows related files. Then, it's up to each software company to fix the dll file, if it's insecure. Of course, it means that Microsoft would have to release the source code of the dll file to them (if Microsoft created it), so they can update it.
   
   Patrick.

5. Comment - Flaw Found in Windows XP SP2

   (Aug 24, 2004 - 2:55 PM)

   I would have to agree with Microsoft for the moment on this.. Until the proof of concept code is set to show that a single mouse click will cause a malicious program to be saved to your Windows Startup Folder (or anywhere on your computer without your knowledge), it's not as big of an issue as it's made out to be.
   
   Why????
   Because most people don't even realize they HAVE a Windows Startup Folder, let alone how to drag a file to it.
   AlwaysIcey