On 7/27/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Someone has written an article under "Information Security News",
entitled "Linux patch problems: Your distro may vary". As if
OpenBSD
were a "Linux distro".
In this article, he compares response times to vulnerabilities and
then
gives various Linux distros and OpenBSD a "score". OpenBSD came 2nd
last, but get this, Ubuntu, the Linux which had the root password
logged
to disk in the plain from the installer, complete with a community
which
did not notice this until almost the next release was out... came
first!
Good job Edmund! This is one of the worst articles on security I
have
ever read. Talk about missing the point.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_
gci1202417,00.html
i'd ask to see the actual data used. the text says "For example, if
we look at the July update for the highly critical libmms
vulnerability, we see that all the announced updates occurred within
one day." But if you follow the link, only two distros are listed.
So does not fixing something at all also result in a score of 100?
