The Washington Post’s maven of computer security, Brian Krebs, has been posting some interesting things lately.
On January 10, he posted a scorecard on Microsoft’s handling of patches and fixes. This scorecard was essentially complementary.
In today’s Security Fix blog, on www.washingtonpost.com, he posted some very interesting commentary on how Oracle is doing in the patch fixing department, and noted that many people are beginning to grumble that Microsoft is doing okay, while Oracle is doing not okay.
He noted that Oracle is having to do a large number of “internal fixes” that apparently have more to do with vulnerabilities in the Linux star product, Apache Server, than in their own software.
So, in fact, Microsoft is not the Evil Empire. Hacker boys (and girls) are. If you’ve been watching hackerspace lately, you may have noticed that the script kiddies have graduated to industrial espionage and data thievery, and that we continue to be woefully unprepared.