Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Open Source   (RSS)

Firefox in 2008 – No Single Version Available for The Full Year?

I’ve been busy doing analysis for the next article in my cio.com Firefox series of articles, looking at vulnerability disclosures during 2007 and 2008 and I stumbled upon a little factoid that I had not previously noticed – no single version of Firefox Read More...
Posted Thursday, February 26, 2009 11:58 PM by jrjones | 7 Comments

Perception: Case in Point

I love it when a good, real-life example falls right into your lap. As you know from my recent posts, I’ve been doing a series of articles probing Mozilla and Firefox security claims.  I think I’ve been pretty open about why, but I always seem to Read More...
Posted Thursday, February 05, 2009 8:38 PM by jrjones | 3 Comments

CIO.COM: Mozilla and “Counting Still Easy…”

[DISCLOSURE for those who don’t read about boxes: I work for Microsoft.] I admit that I enjoy discussing issues and digging into claims to see if I can find fractures or flaws in logic. When I ran product management teams for companies in previous roles, Read More...
Posted Thursday, February 05, 2009 7:03 PM by jrjones | 1 Comments

Brian Krebs Blog on ‘at Risk’ Chart Methodology

I am a couple of articles into my series: Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? , and Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? (Part 2) In part 2, I probed Mozilla’s usage of an ‘at risk’ Read More...
Posted Friday, January 30, 2009 6:57 PM by jrjones | 1 Comments

CIO.COM: Can Mozilla Support Their Security Claims?

Mozilla bills Firefox as the most secure Web browser on the planet, but is it really? Follow along with this series and see if the claims hold up to close scrutiny. Today, I started a multi-part article series on cio.com (Security landing page: http://www.cio.com/topic/1419/Security Read More...
Posted Thursday, January 15, 2009 12:24 AM by jrjones | 28 Comments

Download: H1 2008 Desktop OS Vendor Report - Vulnerabilities and Days-of-Risk

This report looks at all of the vulnerabilities fixed by Apple, Microsoft, Red Hat and Ubuntu during the first half of 2008. At the vendor level, the report examines all vulnerabilities as well as Days of Risk (DoR) associated with those vulnerabilities. Read More...
Posted Monday, October 27, 2008 8:00 AM by jrjones | 10 Comments
Attachment(s): 1H08-desktop-vuln-report.pdf

Q1 2008 - Client OS Vulnerability Scorecard

This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2 Read More...
Posted Thursday, May 15, 2008 12:04 AM by jrjones | 38 Comments
Attachment(s): q108-client-scorecard.pdf

Download: Internet Explorer and Firefox Vulnerability Analysis

Summary: For most people, their web browser is central to their interaction with the Internet, connecting to global web sites and helping them consume online services providing everything from booking flights to banking services to online shopping. This Read More...
Posted Friday, November 30, 2007 4:01 PM by jrjones | 24 Comments
Attachment(s): ie-firefox-vuln-analysis.pdf

Red Hat Enterprise Linux 4 Passes 1000 Vulnerabilities

A few weeks after my July OS Vulnerability Scorecard posting, I was amused to see a posting about it on truthhhappens.redhatmagazine.com (click to see the post). I can't even do it justice by paraphrasing, so here is the text: A Microsoft vulnerability Read More...
Posted Tuesday, October 16, 2007 6:23 PM by jrjones | 5 Comments

July 2007 - Operating System Vulnerability Scorecard

Summer and work travel have really had an impact and I've missed a couple of months of scorecards, so last weekend, I decided to dig in and catch up to July. I hit a few road bumps: Sun changed their Security Alerts web site, making it a bit more challenging. Read More...
Posted Thursday, August 16, 2007 11:47 PM by jrjones | 19 Comments

Windows Vista - 6-Month Vulnerability Study

I was nudged by some colleagues this week, telling me that some folks may only be reading my technet blog, but that I hadn't been doing a great job of cross-posting some things. Six months is a much more interesting time frame than the previous Windows Read More...
Posted Saturday, June 30, 2007 1:34 PM by jrjones | 1 Comments

2006 Client OS Days of Risk

As a follow-up to my previous Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris, I've also completed a look at the latest client products that were available for Read More...
Posted Monday, June 18, 2007 9:19 PM by jrjones | 1 Comments

Background and Overview for Days-of-Risk

I just published a Basic Guide to Days of Risk over on my CSO Magazine Blog , in preparation for a new quarterly days-of-risk study I'm going to start publishing. If you don't have a good understanding of the days-of-risk metrics, the post will give you Read More...
Posted Friday, May 18, 2007 11:52 PM by jrjones | 1 Comments

March 2007 - Vuln Scorecard

I just posted my March 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. Here is Read More...
Posted Thursday, April 05, 2007 9:01 PM by jrjones | 2 Comments

February 2007 - Vuln Scorecard

I just posted my February 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. I do Read More...
Posted Friday, March 30, 2007 12:14 AM by jrjones | 1 Comments
More Posts Next page »
 
Page view tracker