The Rolex Forums   The Rolex Watch

ROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEX


Go Back   Rolex Forums - Rolex Forum > General Topics > Open Discussion Forum

Reply
 
Thread Tools Display Modes
Old 25 July 2010, 06:37 AM   #1
Yazo
"TRF" Member
 
Yazo's Avatar
 
Join Date: Dec 2009
Location: Dallas TX
Watch: Rolex
Posts: 2,812
Icon2 "Apple has displaced Oracle as the company with the most security vulnerabilities"

Thought this was an interesting article....

Apple has displaced Oracle as the company with the most security vulnerabilities in its software, according to security company Secunia. Over the first half of 2010, Apple had more reported flaws than any other vendor. Microsoft retains its third-place spot. Secunia has tracked security vulnerabilities and issues advisories since 2002, producing periodic reports on the state of software. Together, the top ten vendors account for some 38% of all flaws reported.

Though this does not necessarily mean that Apple's software is the most insecure in practice—the report takes no consideration of the severity of the flaws—it points at a growing trend in the world of security flaws: the role of third-party software. Many of Apple's flaws are not in its operating system, Mac OS X, but rather in software like Safari, QuickTime, and iTunes. Vendors like Adobe (with Flash and Adobe Reader) and Oracle (with Java) are similarly responsible for many of the flaws being reported.

To illustrate this point, the report includes cumulative figures for the number of vulnerabilities found on a Windows PC with the 50 most widely-used programs. Five years ago, there were more first-party flaws (in Windows and Microsoft's other software) than third-party. Since about 2007, the balance shifted towards third-party programs. This year, third-party flaws are predicted to outnumber first-party flaws by two-to-one.

Secunia also makes a case that effectively updating this third-party software is much harder to do; whereas Microsoft's Windows Update and Microsoft Update systems will provide protection for around 35% of reported vulnerabilities, patching the remainder requires the use of 13 or more updating systems. Some vendors—Apple, Mozilla, and Google, for example—do have decent automatic update systems, but others require manual intervention by the user.



http://arstechnica.com/security/news...insecurity.ars
Yazo is offline   Reply With Quote
Old 25 July 2010, 07:53 AM   #2
bodybump
⭐⭐⭐⭐⭐⭐
2024 SubLV41 Sponsor & Boutique Seller
 
bodybump's Avatar
 
Join Date: Sep 2008
Real Name: Oscar
Location: Florida
Watch: Me!!!
Posts: 23,233
Man Thanks for sharing Yaz!!! All they care is how to count those moneys in the bank...
__________________
bodybump is offline   Reply With Quote
Old 25 July 2010, 10:25 AM   #3
TheDude
"TRF" Member
 
TheDude's Avatar
 
Join Date: Oct 2007
Location: DC Area, USA
Watch: IIc,1680 Red,16660
Posts: 4,492
It's partly the culture of a closed system. Security is about open peer review. When you're closed and secretive, it's harder to vet the issues. To make matters worse, when issues are found, Apple covers its eyes "see no evil" style, and generally doesn't aggressively patch for security (or any other sort of issue).

Computing can be done safely on most any system though, but I'd say other OSes are now ahead in terms of proactive, simple patching and updating. Even my Linux systems are beyond simple in this regard.
TheDude is offline   Reply With Quote
Old 25 July 2010, 11:54 AM   #4
Ed Rooney
"TRF" Member
 
Join Date: Aug 2007
Location: Annapolis, MD
Watch: Sea-Dweller 16600
Posts: 5,081
Everything on the market is a massive security compromise. The best is when some neophyte says "I run such-and-such because it doesn't get viruses". Yeah, Ok.
Ed Rooney is offline   Reply With Quote
Old 25 July 2010, 11:57 AM   #5
Paulie
"TRF" Member
 
Paulie's Avatar
 
Join Date: Jul 2007
Location: Chicagoland
Watch: GMTII and OP!
Posts: 1,272
It's the top for "reported" security vulnerabilities on WINDOWS; Per the report. :)

It's the ones that are never reported that exist for years in multiple iterations of software that really scare me.
__________________
Paulie is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

OCWatches

Wrist Aficionado

My Watch LLC

WatchesOff5th

DavidSW Watches

Takuya Watches


*Banners Of The Month*
This space is provided to horological resources.





Copyright ©2004-2024, The Rolex Forums. All Rights Reserved.

ROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEX

Rolex is a registered trademark of ROLEX USA. The Rolex Forums is not affiliated with ROLEX USA in any way.