Comment Scope of the issue (Score 1) 679
When we refer to a Microsoft vulnerability, we refer to software created by Microsoft, not just any software that runs under a Microsoft OS.
A vulnerability in WinAmp (for instance) would not not considered a Microsoft, or even a Windows vulnerability. It would be considered a vulnerability in an application that runs on Windows. Might also be a vulnerability in a version of that application that runs on other OS's.
A vulnerability in Apache is not a Linux vulnerability. A vulnerability in Apache is certainly not a RedHat, or SUSE, or Debian, or ... vulnerability. A vulnerability in the linux kernel version 2.4.5 is a linux vulnerability. A vulnerability in rpm is a RedHat vulnerability. A vulnerability in OpenOffice, etc.
On the other hand, a vulnerability in Windows2k, Exchange, Outlook, Internet Explorer, Windows Media Player, Word, Excel, Visual Basic, etc. are windows vulnerabilities.
Since most people don't bother to examine boundaries (hmmm, socially engineered wetware buffer overflows?) it is easy to send this entire discussion off into outer space.
Damn, I think I might have already exceeded my MTV attention span limit. No One is probably reading this anymore. They've all gone to check their E-Bay bids.
To recap:
It doesn't matter if they are lying or not, or if Bill lied, or George lied. LOOK!!! There's Elvis!!!
The issue is scope, and we have allowed the scope to be whimsically defined. The scope is self-referentially defined as Windows vs. Linux vulnerabilities but we all apparently have a problem following a train of thought without flying off to Vegas for a long weekend of drinking and gambling... I wonder if they use windows in those slot machines? Hmm. People in Vegas stay up all night a lot don't they? I heard George Bush stayed up all night once with Bill Clinton at a Whitewater development party.
Ultimately the whole thing is a convenient distraction from more important social issues that, because of the limitations of our collective intellect, we can't deal with either.
For those of you who made it this far, I will recap one more time:
Vulnerability in software created by X = vulnerability in software created by X.
Vulnerability in software created by Y that runs in, under, on or needs in some other way software created by X = vulnerabiity in software created by Y.
Vulnerability in Exchange = Microsoft vulnerability.
Vulnerability in sendmail = sendmail vulnerability.
Vulnerability in sendmail running on windows != windows vulnerability.
Vulnerability in sendmail running on linux != linux vulnerability.
Vulnerability in sendmail running on RedHat != RedHat vulnerability.
Vulnerability in RPM = RedHat vulnerability.
Vulnerability in RPM when run on Debian system = RedHat vulnerability.
A vulnerability in WinAmp (for instance) would not not considered a Microsoft, or even a Windows vulnerability. It would be considered a vulnerability in an application that runs on Windows. Might also be a vulnerability in a version of that application that runs on other OS's.
A vulnerability in Apache is not a Linux vulnerability. A vulnerability in Apache is certainly not a RedHat, or SUSE, or Debian, or
On the other hand, a vulnerability in Windows2k, Exchange, Outlook, Internet Explorer, Windows Media Player, Word, Excel, Visual Basic, etc. are windows vulnerabilities.
Since most people don't bother to examine boundaries (hmmm, socially engineered wetware buffer overflows?) it is easy to send this entire discussion off into outer space.
Damn, I think I might have already exceeded my MTV attention span limit. No One is probably reading this anymore. They've all gone to check their E-Bay bids.
To recap:
It doesn't matter if they are lying or not, or if Bill lied, or George lied. LOOK!!! There's Elvis!!!
The issue is scope, and we have allowed the scope to be whimsically defined. The scope is self-referentially defined as Windows vs. Linux vulnerabilities but we all apparently have a problem following a train of thought without flying off to Vegas for a long weekend of drinking and gambling... I wonder if they use windows in those slot machines? Hmm. People in Vegas stay up all night a lot don't they? I heard George Bush stayed up all night once with Bill Clinton at a Whitewater development party.
Ultimately the whole thing is a convenient distraction from more important social issues that, because of the limitations of our collective intellect, we can't deal with either.
For those of you who made it this far, I will recap one more time:
Vulnerability in software created by X = vulnerability in software created by X.
Vulnerability in software created by Y that runs in, under, on or needs in some other way software created by X = vulnerabiity in software created by Y.
Vulnerability in Exchange = Microsoft vulnerability.
Vulnerability in sendmail = sendmail vulnerability.
Vulnerability in sendmail running on windows != windows vulnerability.
Vulnerability in sendmail running on linux != linux vulnerability.
Vulnerability in sendmail running on RedHat != RedHat vulnerability.
Vulnerability in RPM = RedHat vulnerability.
Vulnerability in RPM when run on Debian system = RedHat vulnerability.
