deathseeker25 Posted January 4, 2006 at 10:40 PM Report #10801 Posted January 4, 2006 at 10:40 PM Em 2005, foram detectadas 5.198 vulnerabilidades nos sistemas operativos, sendo que 812 encontradas exclusivamente no Windows, 2.328 nos sistemas Unix/Linux e 2.058 que afectaram vários sistemas operativos, inclusive os citados anteriormente. A informação foi divulgada no anuário do US-CERT, órgão responsável pela segurança da internet nos EUA, que reuniu informações de fontes independentes no período entre Janeiro e Dezembro de 2005. Na lista, falta a recém-descoberta vulnerabilidade do Windows, relacionada com os ficheiros WMF (Windows Metafile). Nenhuma vulnerabilidade foi listada especificamente para o Mac OS X, mas como ele é desenvolvido na plataforma Unix, está vulnerável a algumas falhas associadas a este sistema operativo. Fonte: Infortech United Nem são assim tantas. Apesar dos sistemas Unix serem os que mais falhas apresentam, são as falhas mais rapidamente corrigidas e as menos perigosas em termos de ataques (já se sabe porque...)! Cumps
QuickFire Posted January 4, 2006 at 10:44 PM Report #10803 Posted January 4, 2006 at 10:44 PM Mais um argumento para os fan-boys da m$ 😄 enfim á que saber intrepretar os results e como o death diz são coisas resolvidas em minutos em comparação com as semanas da m$ 😄
Bruno Posted January 4, 2006 at 10:58 PM Report #10807 Posted January 4, 2006 at 10:58 PM Sim, e além disso no Unix são descobertas porque há pessoal sempre a mecher no codigo e a topar essas coisas... e no windows são descobertas apenas por ataques! O q faz toda a diferença!
deathseeker25 Posted January 5, 2006 at 06:00 PM Author Report #10868 Posted January 5, 2006 at 06:00 PM Sim, e além disso no Unix são descobertas porque há pessoal sempre a mecher no codigo e a topar essas coisas... e no windows são descobertas apenas por ataques! O q faz toda a diferença! Ora nem mais. Enquanto que no e-mail recebo notificações da própria comunidade hacker de Debian relativamente a Linux, com o Windows recebo notificações de ataques ou de falhas exploradas por mentes mál intencionadas... cumps
deathseeker25 Posted January 6, 2006 at 09:56 PM Author Report #11052 Posted January 6, 2006 at 09:56 PM Mais lenha para a fogueira em mais um artigo da NewsForge. É uma crítica á Microsoft por querer fazer com que os leitores interpretem mal a notícia e uma crítica tambem á US-CERT pelo facto de não apresentar todos os dados organizados e permitir que a Microsoft faça isso. Everywhere you look in the trade press today, you'll find glowing misrepresentations of US-CERT's latest annual summary of vulnerabilities discovered in 2005. If you take the summary findings at face value, you would likely conclude that Windows -- with 812 reported vulnerabilities -- is a much safer operating system than something called "Unix/Linux," which totaled 2,328. The US-CERT summaries have become the fodder for a FUD festival, and many scribes sympathetic to the Microsoft cause go out of their way to make sure the real picture never emerges. Microsoft wants you to read the headlines as "Windows 3X safer than Linux." (If Microsoft is being quiet about the US-CERT numbers, it's because the company is too busy trying to come up with a fix for the Windows Meta File (WMF) vulnerability.) But even the most cursory examination shows that the two figures are not representative of today's two major operating system platforms. One figure represents the vulnerabilities found in Windows operating systems: XP, NT, 98, and so on. The other represents a total figure not just for Solaris, AIX, HP-UX, the BSDs, and Linux, but for a hundred different versions of Linux. The sum of all the unique vulnerabilities from all the Linux distros does not equate to the sum of vulnerabilities in any single Linux distro, and one could say the same about the various versions of Windows. That's why it is a completely meaningless exercise to discuss those totals as if they present an accurate picture of the relative security of Windows and Linux. Numbers don't mean everything After all this time, you'd think that the mainstream tech press could get it right when reporting on security. The sheer number of vulnerabilities means little when compared with other factors, such as the severity of the vulnerability, how easy it is to exploit the vulnerability, and how long it takes a vendor to respond to the vulnerability. This is not to say that the data from US-CERT is a meaningless aggregation. You can easily spot the most vulnerable operating system in wide use today by taking a look at the Technical Cyber Security Alerts issued by US-CERT last year. Here's the bottom line: * 22 Technical Cyber Security Alerts were issued in 2005 * 11 of those alerts were for Windows platforms * 3 were for Oracle products * 2 were for Cisco products * 1 was for Mac OS X * None were for Linux That's quite a different picture than the one the Microsoft press machine wants you to see. Here's more of the same. US-CERT's list of current vulnerabilities contains a total of 11 vulnerabilities, six of which mention Windows by name, and none of which mentions Linux. Still, scribes in the trade press are once again playing the US-CERT FUD game by trumpeting the misleading totals noted at the top of the story as being significant in weighing the relative security of Windows and Linux. Shame on them for purposely -- or ignorantly, as the case may be -- misleading their readers. And shame on US-CERT for presenting its summary in a way that allows such easy misrepresentation. Basta uma pesquisa no Google para ver a campanha de promoção que a Microsoft andou todo este tempo a fazer: http://www.google.com/search?hl=pt-BR&q=current+vulnerabilities+2005&btnG=Pesquisar&lr=
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now