advertisement

Weblog:   Microsoft Gets Anti-Spyware Right - Sort Of
Subject:   Common Fallacy
Date:   2005-01-11 08:04:00
From:   DavidCorpstein
jwenting is repeating the common fallacy that "If product X were as prevelant as product Y, its security flaws would be targeted more and an equal number and severity of exploits would be developed." This statement only holds true if and only if X and Y share equivalent numbers and severities of security flaws. It seems clear that this is NOT the case when comparing flaw-riddled products such as IE to a high quality browser such as Firefox.


Although I can not evaluate jwenting's statement that most spyware is propagated through pirated software or the unclearly defined freeware category, I firmly disagree that Microsoft competes well with other, better software developers when it comes to timely release of security updates. I learned this lesson the hard way by once running mission-critical applications on a Microsoft product with a built-in back door that went unpublished month after month, exposing my employer to catastrophic legal and financial risk.
Full Threads Oldest First

Showing messages 1 through 3 of 3.

  • Common Fallacy
    2005-01-24 08:11:48  jonathancrabtree [Reply | View]

    Well I can firly disagree with where most spyware is propgated. Or at least how it gets onto peoples systems. The big problem of spyware can be significantly reduced by removing the Microsoft JVM, which MS no longer support, and if you search on thier website, they do actually recommend the Sun JVM.
    But do they inform the millions of users about it? Does windows update remove the MS JVM?
    Does Microsft address the big security issues?
    No, No & No.
  • Common Fallacy
    2005-01-15 22:57:21  aristotle [Reply | View]

    Not only is the statement fallacious, it's only half the truth. Even if Firefox were just as insecure as IE, there's an issue at play he fails to even mention: reaction time. The Firefox team has acknowledged, patched and reproduced security holes, tested the patch, and put patches and patched installation packaged only within 24 hours several times. I'll eat a broom if MSFT ever manage this feat. And the average reaction time for Firefox holes is a couple of days.

    I promise that noone who matters would even care about how buggy MSFT software is if their reaction times were at all acceptable.

    Sometimes critical take-over-the-computer exploits go unfixed for half a year. That's plain ludicruous.
  • Common Fallacy
    2005-01-11 09:20:33  tlaurenzo1 [Reply | View]

    By my observation jwenting repeats a lot of common fallacies where Microsoft is concerned.
Showing messages 1 through 3 of 3.