Tuesday, December 18, 2007

The Echo Chamber

ZDNet has just posted and some website called Electronista has just blogged about and MacSurfer has therefore posted links to, a pile of horseshit about how, according to Secunia, Apple Mac OS X had 234 vulnerabilities reported in 2007 compared to some tiny number for Windows XP and Vista.

I have absolutely no clue how they got these figures, possibly by googling Secunia for every single mention of Apple or BSD and 2007 and counting any hit as a vulnerability. I did click the first specific link for a Mac OS X vulnerability and instead found a report on a vulnerability in Flash Player 8. I don't think they're including application vulnerabilities in the Windows totals (e.g. they're not including that one).

A quick visit to Secunia's site shows that all reports for Mac OS X (10.0 to 10.5 client and server) numbered 27, while Microsoft Windows XP Professional numbered 30.

Again, I've previously discussed Secunia's slight pro-PC bias in choosing a threat level for vulnerabilities ... and just leaving that aside, this idiocy was able to be debunked by going to the source and checking in less than (including posting this blog entry) five minutes.

So much for the blogosphere.