Computer Security
Dec. 30th, 2005 08:24 amTime for some computer security geeking. None of this is overly technical, so even if you're not an extreme geek, please, keep reading.
Having source code available and freely modifiable means it's insecure, right? That's a common misconception going around the net, but it's hard to convince the holders of that opinion that it's wrong. Finally some hard numbers
In 2004, each browser had a period of time where it had unpatched, publicly known vulnerabilities, or the time that it was definitely attackable, not just theoretically attackable:
IE (no sourcecode): 98% of the time
Opera (no sourcecode): 17% the time
Firefox (sourcecode freely available to anyone): 15% of the time
That really says something about the quality and speed of the IE development team. Now you can see why I recommend against IE, and against Windows if you can swing it.
And from the "WTF are they thinking department" at cnn:
Having source code available and freely modifiable means it's insecure, right? That's a common misconception going around the net, but it's hard to convince the holders of that opinion that it's wrong. Finally some hard numbers
In 2004, each browser had a period of time where it had unpatched, publicly known vulnerabilities, or the time that it was definitely attackable, not just theoretically attackable:
IE (no sourcecode): 98% of the time
Opera (no sourcecode): 17% the time
Firefox (sourcecode freely available to anyone): 15% of the time
That really says something about the quality and speed of the IE development team. Now you can see why I recommend against IE, and against Windows if you can swing it.
And from the "WTF are they thinking department" at cnn:
The Treasury Department says that cyber crime has now outgrown illegal drug sales in annual proceeds, netting an estimated $105 billion in 2004, the report said.
At the same time, the Department of Homeland Security's 2005 research budget for cybersecurity programs was cut 7% to $16 million.