And The Software With Most Vulnerabilities In 2016 Was… Android!

[ProjectBox153]

29 minutes ago, AnonymousGuy said:

I still have a working 300Mhz Pentium 2 box running Windows 98.  The hard drive is suicide-inducing loud.

 

My parents use it for the parallel port.

I have a 400MHz Slot 1 Pentium 2 machine with 256MB of RAM. I use Windows 98 SE on it, and surprisingly it plays DVD movies quite well. The hard drive I have is a 6.4GB Maxtor. It works, but is loud enough to be heard from down the hall. 

[Mihle]

Doesnt say anything on how bad they are

[silberdrachi]

13 minutes ago, Mihle said:

Doesnt say anything on how bad they are

Seems like theres a lot of information its missing, or obfuscating unless you really dive into the details of each program and the issues they had. Things like the affected number of users, severity of the issue, time taken to fix, etc. are all things that are really important, but this just goes off a single metric on # of things found.

 

Feels like the backblaze results every year where we have to put a huge ass * next to the article so that people know to take it with a grain of salt and look into it more before they just take it as gospel.

[LAwLz]

45 minutes ago, silberdrachi said:

Seems like theres a lot of information its missing, or obfuscating unless you really dive into the details of each program and the issues they had. Things like the affected number of users, severity of the issue, time taken to fix, etc. are all things that are really important, but this just goes off a single metric on # of things found.

 

Feels like the backblaze results every year where we have to put a huge ass * next to the article so that people know to take it with a grain of salt and look into it more before they just take it as gospel.

Sigh...

I tried to make this as painfully obvious as possible. For crying out loud I wrote 4 times in the OP (once in big red letters) that it was just the number of vulnerabilities and did not consider how critical they were, or when/if they got fixed, or how severe they were.

 

I tried my hardest to make that as obvious as possible, but I guess people just read the headline.

There is no need for an asterisk if people bother to read literally the first two sentences.

[AnonymousGuy]

1 hour ago, jagdtigger said:

What kind of ancient equipment can require a parallel port?

My parents HP Laserjet 4L.  The thing is now 25 years old and still prints just fine using the same technology found in the laser printers HP makes today.   And they still make the toner cartridges for it.

 

It prints 4 pages per minute.  It's incredily slow, but the reason why I bought a Laserjet 1018 for is because of my parent's experience and it too has lasted 8 years now.

[AnonymousGuy]

1 hour ago, Jamiec1130 said:

I have a 400MHz Slot 1 Pentium 2 machine with 256MB of RAM. I use Windows 98 SE on it, and surprisingly it plays DVD movies quite well. The hard drive I have is a 6.4GB Maxtor. It works, but is loud enough to be heard from down the hall. 

Ha, think my old box uses Maxtor for the hard drive too.  They were a solid brand back in the day.  Now acquired by Seagate, and Seagate has *always* been dog shit for hard drives.

[jagdtigger]

8 minutes ago, AnonymousGuy said:

Ha, think my old box uses Maxtor for the hard drive too.  They were a solid brand back in the day.  Now acquired by Seagate, and Seagate has *always* been dog shit for hard drives.

Well i really hope they sorted out the problems. Im running out of space and started to look for HDD's. The 10TB ironwolf is roughly at the same price as a 8 TB WD RED so i have a little dilemma here...

[silberdrachi]

29 minutes ago, LAwLz said:

Sigh...

I tried to make this as painfully obvious as possible. For crying out loud I wrote 4 times in the OP (once in big red letters) that it was just the number of vulnerabilities and did not consider how critical they were, or when/if they got fixed, or how severe they were.

 

I tried my hardest to make that as obvious as possible, but I guess people just read the headline.

There is no need for an asterisk if people bother to read literally the first two sentences.

Hey im not saying its your fault, i just feel like some people just see the first few lines of these articles (not just yours) and take it on face value. Not clicking on links, not looking into the comments to see further discussion.

 

Unfortunately theres not much you can do about those people except try to educate them when they try regurgitating these facts as if they are the end all and be all of statistics.

 

Teaching people to think critically and read deeper is a hard skill to instill in people, especially adults who are set in their ways.

[AnonymousGuy]

54 minutes ago, jagdtigger said:

Well i really hope they sorted out the problems. Im running out of space and started to look for HDD's. The 10TB ironwolf is roughly at the same price as a 8 TB WD RED so i have a little dilemma here...

I have about 50/50 WD Red Pro's and HGST Deskstar NAS drives.  Both have been about the same reliability which is to say pretty good.  WD has better warranty handling than HGST, offering free cross shipping and 2 day air vs. having to send the drive and wait for UPS ground.   The Seagate 3TB drives being god-awful and the "refurbished" ones being even worse (I had one literally fail in the first 60 seconds of power on) has earned the brand a place on my blacklist.

[Dabombinable]

Thinking about it, if the versions of Windows got separated, why didn't they separate the individual Linux kernels and Android versions? And at any rate there are a lot of different kernels for Android as well.

[Dabombinable]

2 hours ago, Jamiec1130 said:

I have a 400MHz Slot 1 Pentium 2 machine with 256MB of RAM. I use Windows 98 SE on it, and surprisingly it plays DVD movies quite well. The hard drive I have is a 6.4GB Maxtor. It works, but is loud enough to be heard from down the hall. 

Drop that down to a Celeron 333 and DVD playback becomes erratic. Also, Windows ME seems to run better on Pentium II/Celeron (I've got my 333 modded to run the FSB at 100MHz-so it runs at 500MHz) than Windows 98SE. And I know what you mean with old Maxtor HDD as I've recently got a lot of them working like new-even a 420MB (which goes with a 422MB WD, 426MB Seagate, 80MB Maxtor and 85MB WD AC280)

.

[Sauron]

I don't think it's a coincidence that more vulnerabilities are found on open source software.

[Misanthrope]

In the interest of fairness, probably also the most popular.

[Drak3]

9 hours ago, mynameisjuan said:

But the more people report the more that is patch and the more secure it is. So I hope people dont take this as windows is more secure than any linux distro.

Without context of how critical these vulnerabilities are, it's hard to say if operating systems with similar numbers of vulnerabilities are more or less secure based on total # of vulnerabilities alone.

Also, many of the vulnerabilities in the Linux Distros come from the open source nature of the Linux OS family, and can't easily be patched out without essentially creating a completely new OS family.

[LAwLz]

6 minutes ago, Drak3 said:

Also, many of the vulnerabilities in the Linux Distros come from the open source nature of the Linux OS family, and can't easily be patched out without essentially creating a completely new OS family.

Ehh... Can I ask you where you got that idea from? Because one of the biggest advantages of GNU/Linux is its modular design. You can even patch the kernel vulnerabilities without rebooting in some distros.

 

Please don't look at Android and just think "that's just how open source stuff is". 

 

As for how critical the vulnerabilities are, you can simply click on the names and you will be taken to a list of the vulnerabilities.

[Drak3]

Just now, LAwLz said:

Ehh... Can I ask you where you got that idea from? Because one of the biggest advantages of GNU/Linux is its modular design. You can even patch the kernel vulnerabilities without rebooting in some distros.

 

Please don't look at Android and just think "that's just how open source stuff is". 

It's rather easy to get malware worked into an ecosystem without it being undetected, even when there are hundreds of thousands of man hours dedicated to preventing it.

 

You've also got hundreds of developers working independently of each other for most of what Linux is, without unified coordination to keep vulnerabilities and bugs from occurring as much as they do, with a few companies backing only their versions, still relying on the proverbial clusterfuck. There is no reliable structure to hunt down these vulnerabilities, like there is with Microsoft's Windows or Apple's OSX, and those both still have a large amount of vulnerabilities.

Some of those developers also don't have the best intentions either, and many of those developers have experience in embedding vulnerabilities that can go undetected for years.

 

Remember the BASH bug? That went back for years before it was found and publicized. That vulnerability affected Linux, MacOSX, Unix, and BSD, and went undetected for years with all the eyes seeing the open source BASH.

[SansVarnic]

Windows Phone/Mobile doesn't make the list. Still the best.  

[imreloadin]

1 hour ago, SansVarnic said:

Windows Phone/Mobile doesn't make the list. Still the best.  

Doesn't it fall under Windows 10 though since it's supposed to be a unified OS now?

[SansVarnic]

3 minutes ago, imreloadin said:

Doesn't it fall under Windows 10 though since it's supposed to be a unified OS now?

no

[Tech_Dreamer]

+1 for title image @LAwLz

[Guest Darth Revan]

13 hours ago, Princess Cadence said:

Windows 7 safer than Windows 10? so much for the Microsoft telling us to stay as up-to-date as possible to avoid vulnerabilities

My thoughts exactly.

1 hour ago, SansVarnic said:

Windows Phone/Mobile doesn't make the list. Still the best.  

That's because no one is using it.

[SansVarnic]

1 hour ago, Darth Revan said:

That's because no one is using it.

Its all about prestige my friend.  

[Guest Darth Revan]

42 minutes ago, SansVarnic said:

Its all about prestige my friend.  

I do admit that is a nice comeback, actually a very nice comeback. But still doesn't change the fact that no one uses that system.

[LAwLz]

6 hours ago, Drak3 said:

It's rather easy to get malware worked into an ecosystem without it being undetected, even when there are hundreds of thousands of man hours dedicated to preventing it.

 

You've also got hundreds of developers working independently of each other for most of what Linux is, without unified coordination to keep vulnerabilities and bugs from occurring as much as they do, with a few companies backing only their versions, still relying on the proverbial clusterfuck. There is no reliable structure to hunt down these vulnerabilities, like there is with Microsoft's Windows or Apple's OSX, and those both still have a large amount of vulnerabilities.

Some of those developers also don't have the best intentions either, and many of those developers have experience in embedding vulnerabilities that can go undetected for years.

 

Remember the BASH bug? That went back for years before it was found and publicized. That vulnerability affected Linux, MacOSX, Unix, and BSD, and went undetected for years with all the eyes seeing the open source BASH.

Yeah.... You have absolutely no idea what you're talking about. I don't know how you think open source works, but it's not the way you think. 

 

It's not a text file that everyone can write to. 

[ForsakenLive]

It would be very interesting how many of those vulnerabilities are still there. 

For example Ubuntu had tons of vulnerabilities on 2016, but hey had a lot of them fixed:

first 10 pages https://www.ubuntu.com/usn/ are all 2016 vulnerabilities that were taken care of.