Re: [newbie] good and bad news mandrakesoft security.
On Fri, 2 Apr 2004 11:11:40 +0100 Anne Wilson disseminated the following: If you can believe that you can believe anything. There are flaws in XP that have been known since the days of NT4. OK - security patches exist for most of them, but 2 releases on, why were they not fixed in the release? Very good point. I totally missed that. There is definitely some sloppy 'analysis' going on. There are vulnerabilities in IE, I'm pretty sure, that to this day have not been patched. IIRC, there was a list of these publicized on the Web, but the site was taken down. Well, I'm off to find the e-mail address of this 'Senior Analyst Laura Koetzle'! -- JoeHill Registered Linux user #282046 Homepage: www.orderinchaos.org +++ I don't give a hoot about what people have to say, I'm laughing as I'm analyzed, Lunatics Anonymous, that's where I belong, sure 'cuz I am one, til my strength is gone yeah this beat goes on... -- The Kings Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
RE: [newbie] good and bad news mandrakesoft security.
Thought this might be an interesting read to some of you. http://www.eweek.com/article2/0,1759,1557749,00.asp The one thing I didn't get from the article was if they factored in the amount of applications that ship with Linux vs. the amount of applications that ship with windows. They did factor in at least some non-essential Linux apps (apache was mentioned), but nothing was said about the exploits in 3rd party windows applications. My guess would be that the numbers would be a lot lower for Linux if they looked at ONLY the comparable applications that ship with each OS or a lot higher for windows if they looked at comparable windows applications. And I type this from a windows box, isn't that's stupid. Josh Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] good and bad news mandrakesoft security.
On Friday 02 April 2004 08:30 am, JoeHill wrote: It's a mildly interesting statistic that Mandrake came out not so near the top, but hey, we're competing with Red Hat, Debian and Suse here, these are tough competitors, so I'm not surprised. They have serious financial and/or human resources backing them up, much more so than Mandrake. Actually, I personally think that the more interesting aspect is that Mandrake is much more cutting edge and current regarding versions of software than either Red Hat or Debian. Debian is known for its stability and the fact that a lot of work goes into packages before they get released. Also, which version you are running. The stable version of Debian would be considered behind the times at least as far as versions of software go that are in the distribution. I don't know how Suse stacks up compared to Mandrake in regard to how cutting edge the packages are. But the more current the software, the more likely you are to put out a package before all possible exploits have been discovered. Last, I would take with several grains of salt, anything that any of the analyst companies put out regarding Linux and Microsoft products. We have seen several get bought and steer studies in the direction that MS wants as well as refusing to release raw data. These aren't exactly scientific studies that are being done, it is very easy to steer the results to reach conclusions that you want or at the least, to mediate bad results. I note that there aren't any Linux marketing funds, nor RD budgets, nor companies anxious to pay for information recommending Open Source products. -- Bryan Phinney Software Test Engineer Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] good and bad news mandrakesoft security.
On Friday 02 April 2004 15:44, Bryan Phinney wrote: Last, I would take with several grains of salt, anything that any of the analyst companies put out regarding Linux and Microsoft products. We have seen several get bought and steer studies in the direction that MS wants as well as refusing to release raw data. These aren't exactly scientific studies that are being done, it is very easy to steer the results to reach conclusions that you want or at the least, to mediate bad results. I note that there aren't any Linux marketing funds, nor RD budgets, nor companies anxious to pay for information recommending Open Source products. I was thinking this analyst company sounded familiar and then it occurred to me that Forrester Research is the company who changed its policy about sponsored research studies when they got caught last year, right? http://www.linux.org/news/2003/10/07/0004.html -- 15:55:06 up 23:52, running Mandrake Linux release 10.0 (Community) for i586, kernel 2.6.3-7mdk Registered Linux user #324360 Nietzsche is pietzsche, but Schiller is killer, and Goethe is moethe. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] good and bad news mandrakesoft security.
On Friday 02 April 2004 05:58 pm, Glenn wrote: I was thinking this analyst company sounded familiar and then it occurred to me that Forrester Research is the company who changed its policy about sponsored research studies when they got caught last year, right? http://www.linux.org/news/2003/10/07/0004.html Also the ones who refused to say that what they did was wrong, refused to admit after being publicly lambasted about selectively seeking data that their study was compromised, and said only that they would not accept paid studies for publication with their name attached, not that they wouldn't accept money for research. I think that they were more embarrassed by the fact that such a shoddy piece of work was publicly put out with their name on it than that they had transparently put handed over a piece of garbage study for pay. I wouldn't blindly trust a tobacco company scientist with one if his studies, even if he swore he wasn't getting paid for the study itself, I wouldn't blindly trust a government scientist who just happens to advocate greater government spending in his own area of research and I certainly wouldn't blindly trust an IT analyst firm who suggests that spending more money on software is a good bet. A harlot by any other name -- Bryan Phinney Software Test Engineer Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re: [newbie] good and bad news mandrakesoft security.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 02 April 2004 23:17, Josh wrote: Thought this might be an interesting read to some of you. http://www.eweek.com/article2/0,1759,1557749,00.asp The one thing I didn't get from the article was if they factored in the amount of applications that ship with Linux vs. the amount of applications that ship with windows. They did factor in at least some non-essential Linux apps (apache was mentioned), but nothing was said about the exploits in 3rd party windows applications. My guess would be that the numbers would be a lot lower for Linux if they looked at ONLY the comparable applications that ship with each OS or a lot higher for windows if they looked at comparable windows applications. And I type this from a windows box, isn't that's stupid. Yhere's a niggling deja vu about this article. I'm certain I have seen it before, and that they did include a whole distro for linux, but only the os for windows. In fact, the report is as full of holes as windows itself, IIRC Anne - -- Registered Linux User No.293302 Have you visited http://twiki.mdklinuxfaq.org yet? -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFAbkGjkFAvMr/nNX8RAoYEAJ9dq706RhGr2DqMpnlqUA4G416oRACdHcWv Y1N93fNG7m2DKgPbdk02eAk= =T1GC -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] good and bad news mandrakesoft security.
Thought this might be an interesting read to some of you. http://www.eweek.com/article2/0,1759,1557749,00.asp -- rgds Frank Hauptle (aka Franki) For free scripts, online webmaster tools, HTML, XHTML, Perl PHP tutorials and stuff, visit: http://htmlfixit.com Free web developer resources. Please sign our petition to encourage notebook manufacturers to offer video card upgrades just like desktops. http://www.petitiononline.com/inspiron/petition.html Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com