MS *attacks* Linux !?

Started by Metgod, November 12, 2003, 03:33:08 PM

Previous topic - Next topic
November 12, 2003, 03:33:08 PM Last Edit: November 13, 2003, 12:00:30 AM by Metgod
This is, without a doubt, the worst mistake I can think of Microsoft doing. I am dumbfounded as to why they would state that their security is better than Linux's. They use poor logic and the samples in their comparisons are absolutely horrible. The article says enough but I HAVE to reply.


http://www.infoworld.com/article/03/11/11/HNmsassault_1.html

By Kieren McCarthy
Techworld.com
November 11, 2003  

Microsoft Corp. is preparing a major PR assault over Windows'
perceived security failings in which it will criticize Linux for
taking too long to fix bugs, we have learned.

[ Linux developers take a few hours to solve the problem and create a patch. Microsoft takes days, weeks, or even months. On top of that, they make security patches for security patches. This alone should stop Microsoft but apparently, the folks at Microsoft are incredibly stupid... more than I had ever thought they were. ]

In a sign that the inroads made by the Open Source community are
starting to rattle the software giant, Microsoft has hired several
analysts to review how fast holes are patched in the open source
software and is expected to announce that Windows compares favorably.

[ anything to avoid their problems and make themselves look 'good', when they are the one who take an incredibly large amount of time to patch a program/os they wrote.  I sure hope the analysts didn't get much money, because they did a horrible job. Worse than horrible.  Below explains it quite well. ]

The strategy, called "Days of Risk," measures the number of days it
takes programmers to release a public patch after a vulnerability is
revealed. While high-profile holes in Linux and associated software
tend to be swiftly dealt with, less prominent problems -- which could
be just as potentially damaging -- can take weeks or even months to
appear.

[ ah, so they are studying Microsoft then ? Or that would make sense, but this sure as hell does NOT. And I have to ask -- what would Microsoft know about whether a vulnerability is damaging or not before someone exploits it ? This is just a joke.. when the cDc released Back Orifice (I think it was 1998 but I can't remember for sure), Microsoft said it wasn't even an issue. Or a spokeswoman for them said that. ]

Microsoft's aim is to undermine critics and place a question mark over
Linux's security by revealing that, on average, Windows poses less of
a security risk. By turning attention away from its own software bugs
while at the same time launching several security initiatives, it
hopes to be able to tackle one of main worries business has with its
proprietary operating system.

[ This paragraph makes sense actually.. they are taking attention away from their problems just to make more money (just like the bounty on the writers of a couple worms that ravaged their software). I can't believe how selfish people get over money. Just because one of their competitors have a more stable system, doesn't mean they should attack them (especially with empty or false arguments) for money. Doesn't Microsoft have enough money as it is, and for not good reasons either ? Billions of dollars and they have to get more ? Or maybe it's more than that.. and yet they even care about a competitor ? Greedy snobs.. ]


Windows security is a club constantly used by Linux advocates to beat
Microsoft over the head -- made all the more relevant following the
extremely damaging Blast worm and SoBig virus that spread rapidly
thanks to vulnerabilities in Microsoft's software.

[ Unfortunately the club doesn't do much good.. they still lie and avoid their problems.. maybe a mace with huge spikes on their head would be better ? ]


Microsoft Chief Executive Officer Steve Ballmer is known to have made
security a top priority. Last week, the company announced a $5 million
reward program aimed at bringing virus writers to justice. Although it
is unlikely to reap any tangible results, the message was clear:
Microsoft is taking security seriously.

[ I really hope they don't find anyone.. no one deserves that kind of money because they turned in a 'virus' writer; MS should be held responsible like the lawsuit a little bit ago did.. here they go again turning the blame to someone else. I think the last line should be read as something such as "Microsoft is taking their liability for security seriously!"]

And at the end of October, Ballmer gave the audience at Gartner's
autumn symposium a taster of what was to come when he attacked Linux's
assumed security superiority. "In the first 150 days after the release
of Windows 2000," he said, "there were 17 critical vulnerabilities.
For Windows Server 2003, there were four. For Red Hat Linux 6, they
were five to ten times higher."

[ Like I was saying.. very bad samples and logic.. Red Hat Linux 6.. right, why don't they talk about what is released now ? what is it.. Red Hat 9 ? I don't particularly care about Red Hat but I hate how MS would attack them for something as stupid as they are doing it for. :)  -- And really, who cares how many critical vulnerabilities from Microsoft.. MS is so stuck up they wouldnt really know what is critical compared to everyone else in teh security field. And even if they did, just because one OS of their's got less vuln's doesn't mean they are superior !? I reckon there will be many other vulnerabilities on 2003. It's just a matter of time. ]

He also questioned the notion that the open source's community
approach to fixing problems was superior to Microsoft's. "Why should
code submitted randomly by some hacker in China and distributed by
some open source project, why is that, by definition, better?"

[ It isn't by definition 'better'.. it is more efficient. It is quicker and it is more reliable. how long does it take Microsoft to release a patch ? Days.. weeks, etc. And just recently, they decided to only release security patches per month. Not only does that mean larger files, it also means more time to be exploited! And with security patches for security patches, it really doesn't matter what the reason is -- the point is open source can be a lot more secure, and in this case, it is. ]

A spokeswoman for Red Hat was undaunted by the prospect of a full
frontal security assault by Microsoft however. "We just don't have
viruses," she told us. "Our problems are located and fixed more
proactively. Because the source code is open, we find there is a patch
before there is even a problem."

[ no need to really comment this.. at least this person has some idea of what is really going on... ]

She also denied there was an issue of professionalism: "We have dozens
of Fortune 500 customers we have to report to. We would never let a
bug go unfixed."

[ don't doubt this one bit.. many companies use unix or linux for their servers especially.. ]

However, Microsoft is thought to have pulled out all the stops to
prove its security case. That means it should have something more
tangible than the questionable reports it has sponsored in the past in
an attempt to show Windows has a comparable or lower total cost of
ownership than Linux.

[ not to mention the current vulns.. being AVOIDED for this.. they need to stop attacking others and get to fix their problems... how can anyone with half a brain say that others are worse when in reality they don't even fix their own problems, do a poor or late job, or just avoid it for the time being ?]

"There is always some assertion by Microsoft," the spokeswoman told
us. "And its example is always on a very small part of Linux. But when
you look at Linux as a whole, it is very reliable and our customers
considerable it superior."

[ of course.. MS always has something negative to say.. about OTHERs.. ]

Microsoft failed to respond to our questions, although its law and
corporate affairs spokeswoman told us that she didn't think the
company intended to launch a security attack on Linux and that it
would be "odd" if the company used strong comparative information to
state its case. It would be more odd if it didn't.

[ it'd be a bad idea if they do.. they'll get a lot (more ?) of negative attention.. and people will realize more (I hope) that they are the ones with the problems and they need to pull their act together and quickly. I can't even imagine what the linux and even unix community would say as a whole.]


"My Terminal is my Soul"

SMF spam blocked by CleanTalk