OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
RE: bill gates' claim about security vulnerabilities per LOC in Unix versus Windows

From: J.A. Terranson (measlmfn.org)
Date: Sun Nov 02 2003 - 17:24:01 CST

On Sun, 2 Nov 2003, David E. Mollico Jr wrote:

> *laughs*
> You all are funny if you think one of the richest men in the world would
> make a claim nationally that he couldn't back up with studies and facts.

This is a fallacious argument. Mr. Gates riches are not germane to his
reliability.

> I'm sure some of you might reply saying he fakes the studies or does
> something to hurt them or make them bias.

No. I am implying that Mr. Gates flat out believes what he makes up.

> Fact is, microsoft has some of
> the best products out there.

I agree that MS makes the best products for certain applications. However,
this is also not germane to the argument. Realize also that they can have
"the best product" for a given application while the statement you are
objecting to is still valid.

> They hold some of the most sensitive information in the world. Hense,
> they are attacked more than anything else in the world.

Non-sequitor. Please come back when you complete your 5th grade logic
course.

--
Yours,
J.A. Terranson
sysadminmfn.org

        "Every living thing dies alone."
        Donnie Darko

 

> -----Original Message-----
> From: J.A. Terranson [mailto:measlmfn.org]
> Sent: Friday, October 31, 2003 11:19 PM
> To: misseiden.com
> Cc: secprogsecurityfocus.com
> Subject: Re: bill gates' claim about security vulnerabilities per LOC in
> Unix versus Windows
>
>
>
> On Fri, 31 Oct 2003 misseiden.com wrote:
>
> > in an interview done after his speech at the ms developer's
> > conference, http://www.itbusiness.ca/index.asp?theaction=61&sid=53897
> > bill gates claims (among other things)...
> >
> > ..."The fact is, there are security vulnerabilities in peoples'
> > applications in many places. I mean, people act like some other
> > systems don't have vulnerabilities; actually all the forms of Unix as
> > well as Linux have had more vulnerabilities per line of code. They
> > don't propagate as much because they're not as dense as our system is,
>
> > so the things that prevent the propagation are particularly important
> > for our world."...
> >
> > The "density" claim I think refers to the distribution of Windows
> > systems, densely packed on the agar dishes of corporate lans.
> >
> > But does anyone actually know what studies might have compared
> > vulnerabilities per LOC among different operating systems?
> >
> > the distinction between "bugs" and "exploitable vulnerabilities"
> > may come to bear.
> >
> > or maybe the huge number of lines of code in the denominator is what
> > makes this claim is based on.
>
> More likely this claim is based on thin air.
>
>