On GameSpot: Next-gen DS, Xbox tech contracts set?
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 24 of 73:
Next »
« Previous
Thanks
Thank you for explaining the table, even after re-reading
the article I would never have worked it out.

I can't assess whether the particular metric is reasonable or
not, but given that only one exploit has been created for OS
X I find it unbelievable that if 3 Macs were found in about 3
hours, it took 3 days to find 4 vulnerable Windows boxes -
MSBlast infected millions Windows of computers within a
few days.

A number of theoretical exploits have been reported for OS
X, but none ever malliciously exploited and certainly
nothing along the lines of MSBlast or the various e-mail
attachment trojans/worms/etc.

I can only presume that Immunity were looking for boxes
not patched for certain vulnerabilities - a somewhat
esoteric measure of little real world value (typical of
boffins). How do you judge when many exploits are
theoretical and never exploited, even for Windows?

My measure of vulnerability would be a combintion of the
time it takes an expert to hack a stock system,
a measure of exploitable boxes on the net as a percentage
of the total population and how many actual exploits are in
the wild that can attack the exploitable systems.

The results would then help to diagnose the corrective
actoin - e.g. OS X may score pooly because of the
percentage of unpatched systems, highly becaue there
aren't any mallicious hacks around and medium on the time
to hack because ... well ... that's my guess.

Ranking the number of exploitable boxes by exploit would
help to show which updates need to be applied urgently.
These figures are useful for all OSs.
Posted by: Fred Fredrickson   Posted on: 08/16/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story No further replies to this post will be accepted.

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

this is nice and all....but where's the link?  Monkey_MCSE | 08/13/04
This is a white paper  dhk | 08/14/04
Talk about your misleading titles...  Michael Kelly | 08/13/04
Well, it's a staple for ZDNet..  Jeff Spicoli | 08/13/04
SP2  georgep_z | 08/13/04
Nope, you missed the point  AbsolutelyNot | 08/13/04
Don't any of you understand what constitutes data?  dhk | 08/14/04
Without data the whitepaper is opinion, not fact  balsover | 08/15/04
Linux is not for everyone -- so why are you worried about this paper?  dhk | 08/15/04
Here is the a link to the paper.  toadlife | 08/13/04
I think you missed the point  dhk | 08/14/04
Allow me to break it down for you  toadlife | 08/14/04
You just don't get it  dhk | 08/14/04
You take the paper too seriously  toadlife | 08/14/04
The paper is serious  dhk | 08/15/04
You might have a few misconceptions about me  toadlife | 08/15/04
My conceptions can only be based on what you say  dhk | 08/15/04
The servers weren't patched  toadlife | 08/15/04
I've just rechecked CERT & others -- you're incorrect  dhk | 08/15/04
I'm completely and utterly dumbfounded.  toadlife | 08/15/04
I believe you are dumbfounded  dhk | 08/16/04
Disagree re OS X  Fred Fredrickson | 08/15/04
You misunderstood the data in the table  dhk | 08/15/04
Thanks  Fred Fredrickson | 08/16/04
Still makes no sense  ITGuy04 | 08/16/04
Re: Thanks  dhk | 08/16/04
Re: Still makes no sense  dhk | 08/16/04
Thanks... again  Fred Fredrickson | 08/16/04
I agree...this paper was not for the lay reader  dhk | 08/16/04
I have to admit...lol..that was AWESOME..  DigitalKid | 08/13/04
The paper wasn't written to be serious...  el1jones | 08/13/04
Because...  toadlife | 08/13/04
Oh, but it was...  AbsolutelyNot | 08/13/04
And it sounds like he's unprofessional to me...  TimeBomb | 08/14/04
It doesn't matter  NonZealot | 08/14/04
You're not a zealot????  Mack DaNife | 08/15/04
Finally, some quality stuff on ZDNet..!  Xunil_Sierutuf | 08/13/04
So do you only accept articles that match your point of view?  Linux_Developer | 08/13/04
We see the light  NonZealot | 08/13/04
Please stop joking...  TimeBomb | 08/14/04
Dude  nomorems | 08/16/04
Ummm, monoculture,  FilledOut | 08/15/04
MSZealot  nomorems | 08/16/04
Far too slanted to be taken seriously  Cerowyn | 08/13/04
i think he's basing it towards MS papers on TCO  Monkey_MCSE | 08/13/04
TCO to implement???  voska | 08/13/04
implement is just one of those grey words  hipparchus2000 | 08/13/04
Why not  seosamh_z | 08/13/04
Longhorn  nomorems | 08/16/04
TC0 not TCO  dhk | 08/14/04
Hmmm...  ITGuy04 | 08/16/04
Wow, productive  FilledOut | 08/14/04
ms needs to go back to making great OSs  V Sanders | 08/14/04
Odd way of putting it...  AmusedAtItAll | 08/14/04
Hey!  toadlife | 08/15/04
re: ms needs to go back to making great OSs  TtfnJohn | 08/14/04
SP2 INCLUDE Media player 9  balsover | 08/15/04
Scary  tripolitan | 08/15/04
Re:ms needs to go back to making great OSs  tripolitan | 08/15/04
"go back to"?!? It'd be good if they start.  hayesk | 08/15/04
Mac point of view  frabjous | 08/22/04
Article based on opinion not fact  EnterPrise_Analyst | 08/15/04
Do Windows users have a sense of humour?  hayesk | 08/15/04
Some 'anti-microsoft' people are taking it way too seriously  toadlife | 08/15/04
If the show were on the other foot  FilledOut | 08/16/04
Lower cost of total ownership? (nt)  Fred Fredrickson | 08/15/04
Watch those Microsofties squirm  whisperycat | 08/16/04
Your job will be in INDIA  Hamburger Chef | 08/16/04
TAKE THAT NO_AX!!!  itanalyst | 08/16/04
you are anti-American join Abul  Hamburger Chef | 08/16/04
What The Title Of The Article Was Supposed To Be Was This:  itanalyst | 08/16/04
INDIA will own you and YOUR JOB  Hamburger Chef | 08/16/04
Degreed India Hamburger Chef  Hamburger Chef | 08/16/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here