How Many Holes are There in That Other OS, It’s Office Suite and InternetExploder?

“Microsoft has fixed 26 vulnerabilities in its software products, including several considered critical, the company said on Tuesday in its monthly security patch report.”

That’s the kind of news we hear every month from M$. It gives a clue to the magnitude of the insecurity of that other OS. Suppose there are a dozen critical vulnerabilities in that other OS that are fixed each month. Presumably those were all present on Day One of the release but some could be introduced in other patches. The odds are that they all existed from the last release though. If the product lasts a decade, 120 months, then we are looking at ~1K critical vulnerabilities.

Compare that with the world of FLOSS where the bug-count for a whole repository and all kinds of bugs is less than 1K…

Amazing isn’t it? For a lot less money you get to use better code. Use FLOSS. It’s the right way to do IT.

see Microsoft patches critical security holes in Windows, Office, IE | ITworld.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

25 Responses to How Many Holes are There in That Other OS, It’s Office Suite and InternetExploder?

  1. Brillo says:

    This guy is a hardware engineer who needs to have his main circuit board run through the solder bath again

    Hardware engineer? Are you even sure about that?

    Oiaohm certainly does not seem like one to me.

    The best way to counter this type of Linux cracked pot is to ignore him because he thrives on attention.

    In the old days when neither the Internet nor the slang term “trolls” existed, we had plenty of intelligent and effective ways to deal with similar situations. Now when people deal with the Internet equivalent of prank callers and other social annoynances, they use idiotic strategies invented by those who have little social experience outside of working with others on their D&D dice-rolling stuff. We sure have put the world in reverse gear and floor it good, haven’t we?

  2. Chris Weig says:

    Just as a reminder:

    Meet JeffM = Telic = Oiaohm = Peter Dolding.

    This guy is a hardware engineer who needs to have his main circuit board run through the solder bath again. He is a nut’s nut and a complete OSS fanatic. He used to post as telic on various boards and blogs but got a reputation for being insane so he changed his nym to oiaohm. He posts in COLA as JeffM but hangs out on Roy’s irc literally 24×7 and is known there as oiaohm. The best way to counter this type of Linux cracked pot is to ignore him because he thrives on attention.

  3. Brillo says:

    –BEGIN OIAOHM-SPEAK–
    Really you need to learn to read what you link to properly Brillo. Quoting a bug that was down graded proves nothing.

    Oiaohm you clear dumb a bug that was down graded proves everything even higgs boson and intelligent design yes I am in fact proving those.

    Yes Privilege Exploit Later on it was down graded as the Privilege Exploit was found impossible todo.

    Yes Privilege Exploit and DOS are same so that bug is invalid though still in CVE. In fact all DOS bugs for Windows in CVE are bogus in same way:

    http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-17153/version_id-74208/opdos-1/Microsoft-Windows-7.html

    What is a Local DOS. Yes its the system locked up dead. Brillo. Linux when a Local DOS happens due to X11 defect the kernel panic will not always display.

    Again yes and no, the bug locks system only when package manager is running and when the manager stop kernel ceases panic and goes clam again.

    Do you know what that oval tells you. USA Nist detected MS10-048. They made patch USGCB.patch to fix then had to wait for MS to apply it upstream.

    Yes and no Nist has access to source but they use cross platform language to produce patch:

    http://oval.mitre.org/

    So basically anyone can submit patches as long as they write in open vulnerability and assessment language not C.

    Linux kernel releases have been stopped by the security team at times.

    I know security team for Linux and one member lives in tin shed in rural australia. Yes the same antenna array operator and Russian cosmonaut curious but true.

    Yes Coverity and other projects.

    Covertiy is almost size of a small island. Large I know but not as large a project as others:

    http://www.coverity.com/

    Linux can correct for memory errors because its a expected event.

    You idiot memory errors are as expected as software bugs. If memory error chooses to be in a it wont be in b so the kernel knows where to look for it. In the same way kernel expect bugs to occur in some places so crash is stopped before it happens.
    –END OIAOHM-SPEAK–

  4. oiaohm says:

    Brillo read the reference on CVE-2010-1887
    It was release because it was first believed to be a possible “Microsoft Security Bulletin MS10-048 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege”

    Really you need to learn to read what you link to properly Brillo. Quoting a bug that was down graded proves nothing. MS simply does not release bugs that just cause crashes onto CVE unless its by mistake.

    Yes Privilege Exploit Later on it was down graded as the Privilege Exploit was found impossible todo.

    Brillo
    “The Linux kernel overall does not have a unified or formalized life cycle model of any kind. A bug in the code may persist over multiple versions before it is discovered by someone who may or may not be the originator of the code. Also, of course, attackers do use the CVE database as their “shopping list” regardless of OS types or versions.”

    Completely bogus in fact. A bug in windows also persists over multiple versions before its discovered. Also windows has reported security bugs persist in its releases for over 10 years.

    Microsoft Security Development Lifecycle is mostly bogus to what really happens. Yes mostly a work of wishful thinking on Microsoft part. You see release after release of microsoft programs that you apply metasploit and you see hey this fault as existed for years. Reported for years yet its still there even that the Microsoft Security Development Life-cycle says it should not be. Please don’t quote works of security fiction like the Microsoft Security Development Life-cycle. A person can write a huge stack of process documents and change nothing if it not obeyed and its quite simple to skilled people do demo the fact.

    In security a document is worthless. Results is what you work by. How long from reported to fixed. The better you security management cycle is working the shorter that will be. Next is the fact that none come back from the dead. Also happens in windows that a security flaw comes back from the dead. Only thing I can think they don’t follow the prac of creating a testcase to detect the security flaw. Wait the Microsoft Security Development Life-cycle does not list doing that critical step.

    Brillo Linux reports more 100 percent worthless to the CVE for a remote access to data. This makes using the CVE more time consuming.

    Brillo
    “The answer to linux lock up is yes and no. Linux lock up can be resumed with some pressing of buttons so it appears to lock up but not really. Windows lock up cannot be resumed without reset so it in fact locks up where linux does not.”

    Really you provided the link that proves you don’t know what you are talking about. http://www.cvedetails.com/cve/CVE-2012-2373/

    What is a Local DOS. Yes its the system locked up dead. Brillo. Linux when a Local DOS happens due to X11 defect the kernel panic will not always display. To get out of a Linux local DOS bug most times it is reset.

    Both windows and linux suffer from Local DOS issues. Microsoft Security Bulletin does not report Local DOS unless there is a possible Privilege exploit as well.

    That Linux treats Local DOS as a security issue is why it locks up less.

    You really don’t know how to read CVE. Brillo.

    “oval:gov.nist.USGCB.patch:def:11681” Interesting right. “MS10-048: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)”

    Do you know what that oval tells you. USA Nist detected MS10-048. They made patch USGCB.patch to fix then had to wait for MS to apply it upstream. That right MS10-048 was not detected by Microsoft it was detected by a third party that was given access to the Microsoft Source code. The patch to fix it was also not made by Microsoft.

    So you have not quoted a Microsoft fixed bug at all for your windows example.

    Most people don’t know how to read oval url format.

    Brillo
    “Each product from MS is required internally to undergo team-wide code review during implementation and a final security review right before RTM.”

    There is a process even with the Linux kernel. There is a security team. They have veto releases in the past.

    Really team-wide code review sorry that is not how it works at all. The source code at Microsoft is sent to third parties for review like Nist. It does not remain internal at all Brillo before the RTM.

    Linux and Microsoft are both using a very related model. Linux kernel releases have been stopped by the security team at times.

    Same thing of going external before release happens with Linux http://news.cnet.com/Homeland-Security-helps-secure-open-source-code/2100-1002_3-6025579.html
    Yes Coverity and other projects.

    Linus does not make is selection to release solo. Neither does any of the major project leads.

    Brillo
    “MS requires NDA so reporters get no bounties even they say they do. I know scary but true there no real bounties for bug reports and no further bug reports are allowed.”

    You get paid if you include the clause for payment. For true security flaws MS does pay researchers of course reporter has to sign the right NDA that says unless paid has the right to release. Researcher working in Russia particularly are paid since there is no offence to breaking a NDA if you have not be paid for services. The transaction of money is required to buy your silence in Russian law.

    If you get paid does partly depend on the country you are in.

    PS
    “idiot oiaohm Linux even corrects memory errors in cheap embedded systems. No Linux not perfect but close enough.”
    Linux can correct for memory errors because its a expected event. I said unexpected event. This is something you did not plan on happening so the code to handle it does not exist.

    So Brillo does not know the difference between expected event and unexpected event.

  5. Brillo says:

    RP’s blog ate my links.

    Here are the non-working ones in their order of appearace:

    1) http://www.cvedetails.com/cve/CVE-2010-1887/

    2) http://www.cvedetails.com/cve/CVE-2012-2373/

  6. Brillo says:

    First off, to clarify a few things:

    1) Denial-of-Service type vulnerabilities in Windows, local or remote, are listed in the CVE database just the same way those in Linux are listed there. There is no simply merit whatsoever in oiaohm’s statement that “you see no Windows Local DOS”.

    2) Usually the cited Security Bulletin provides the source of the information if such source exists. Each product from MS is required internally to undergo team-wide code review during implementation and a final security review right before RTM. Any other remaining problem in the product is gathered via a collaborative effort with external parties.

    3) The Linux kernel overall does not have a unified or formalized life cycle model of any kind. A bug in the code may persist over multiple versions before it is discovered by someone who may or may not be the originator of the code. Also, of course, attackers do use the CVE database as their “shopping list” regardless of OS types or versions.

    Now…

    — BEGIN OIAOHM-SPEAK —

    So idiot Brillo you can chart up the sources of every CVE report. Microsoft are most third party almost none direct from Microsoft. Linux on the other hand Most are direct from Linux developers to CVE with a small few from third parties.

    Clearly incompetent idiot oiaohm if you chart up the sources in CVE you can see most Linux CVE are direct from a tin shed. Yes a tin shed in outback Australia in case you are not aware. Its owner is software engineer. Curiously he also a hardware engineer, a system administrator and surprise an antenna array operator and Russian cosmonaut.

    Anyone who attempt to claim that any OS never locks up due to some unexpected event is a idiot. Human can make nothing that is perfect.

    Idiot oiaohm Linux even corrects memory errors in cheap embedded systems. No Linux not perfect but close enough.

    You will find that I have never ever said that Linux does ever not lock up. The closest you will find is that it locks up less.

    The answer to linux lock up is yes and no. Linux lock up can be resumed with some pressing of buttons so it appears to lock up but not really. Windows lock up cannot be resumed without reset so it in fact locks up where linux does not.

    Really you are dumb enough to claim Microsoft does not pay bug bounties. They do. Normally with a requirement to sign a NDA. Yes Microsoft does pay for bugs.

    MS requires NDA so reporters get no bounties even they say they do. I know scary but true there no real bounties for bug reports and no further bug reports are allowed.

    — END OIAOHM-SPEAK —

  7. oiaohm says:

    Brillo
    “Oiaohm you idiot Linux bugs reported by hobbyists. Yes hobbyists play large part in bug reporting more than professionals. Look no further to firefox reward from report bugs for Linux.”

    To be correct when you look at cve numbers and where those have come from. A large percentage don’t come from hobbyist or bug bounties. Most come from the the general development process.

    Every CVE has who it comes from. http://www.cvedetails.com/cve/CVE-2012-2373/

    So idiot Brillo you can chart up the sources of every CVE report. Microsoft are most third party almost none direct from Microsoft. Linux on the other hand Most are direct from Linux developers to CVE with a small few from third parties.

    Brillo
    “You clearly imcompetent oiaohm linux never locks up. In fact linux kernel with debugging built in yes linux fixes itself thus never locks up in kernel mode. kernel also attempts debug apps but will shut them down if found not fixable.”

    Anyone who attempt to claim that any OS never locks up due to some unexpected event is a idiot. Human can make nothing that is perfect.

    A sign that a number is bogus is when something that should be there is no there. You will find that I have never ever said that Linux does ever not lock up. The closest you will find is that it locks up less.

    Brillo
    “Linux bug reports go direct thru Linus Torvalds home plumbing thus dirty and fast.”
    Go back read the CVE report and notice who submit them. Linus Torvalds of the current crop submitted none. 2 years ago their was one submitted by Linus.

    Brillo
    “Ms does not open source to windows and reward programs are thus impossible.”
    http://www.csoonline.com/article/687494/microsoft-s-bluehat-goal-kill-bugs-dead

    Really you are dumb enough to claim Microsoft does not pay bug bounties. They do. Normally with a requirement to sign a NDA. Yes Microsoft does pay for bugs.

    Do you want to keep on proving you know nothing Brillo or will you learn to do some homework first.

    Brillo by the way if I want to read the source of windows I can. All I have to do is sign a NDA. Windows is not closed source to attackers. The reality is lots and lots of people have access to the windows source code.

    Basically this is Microsoft lets pretend to be closed source and give it to every government who wants to see it and their sub contractors.

  8. Phenom says:

    Brillo, I only hope that someday I can buy you a couple of your favourite drink!

  9. Brillo says:

    @Oiaohm

    Oh, Oiaohm, Oiaohm… You just never give up trying, do ya? You have been proven irrefutably again and again that you are both a liar who makes up technical-sounding nonsense as he goes along and has no understanding of your own source material. Although it’s quite ironic to see that RP still cling onto you in his last-ditch effort to seek allies in his fool’s errant… I mean, cause, taking you seriously is just a waste of time.

    So, how about I try something new here: from now on I’ll reply to you in the same way you reply to other comments, with the same make up crap and the same lack of knowledge in everything and the same broken English. How’s that?

    Actually, you don’t need to answer that question. You are going to get what’s coming for you whether you like it or not. Let’s begin…

    — BEGIN OIAOHM-SPEAK —

    Linux most are in fact reported by the Linux Kernel Developers themselves.

    Oiaohm you idiot Linux bugs reported by hobbyists. Yes hobbyists play large part in bug reporting more than professionals. Look no further to firefox reward from report bugs for Linux.

    http://www.mozilla.org/security/bug-bounty.html

    As foss continues grow more reward programs will be offered to hobbyists to find bugs. Ms does not open source to windows and reward programs are thus impossible.

    In fact no. Since both are using different defines of security reporting this is why particular faults on Linux like Local DOS reported and you see no Windows Local DOS.

    Security reporting for wide scale DDOS only. Local DOS thru intranet not possible since bug reporting repeats too many times and DOS bug report system. Sysadmin could LOIC Linux install first and report thus reduce reports sent to maintainers.

    Chris Weig you would have seen a windows machine lock-up at some point. Yet by the the number you are quoting that never happens. See the problem yet. Every lock-up under Linux is a security fault.

    You clearly imcompetent oiaohm linux never locks up. In fact linux kernel with debugging built in yes linux fixes itself thus never locks up in kernel mode. kernel also attempts debug apps but will shut them down if found not fixable.

    Windows is some of the most exploited because the CVE report of Windows is clean. You want it dirty as possible.

    Windows CVE report clean only because bugs are reported to local laundromats. Linux bug reports go direct thru Linus Torvalds home plumbing thus dirty and fast.

    When you limit down to take control of system. This is priv, overflow and bipass.

    Again show you incompetent oiaohmn. Linux over report bipass also. Fact is linux also report tripass and quadpass. Windows does not report tripass and quadpass and this make CVE a shopping list for attackers.

    — END OIAOHM-SPEAK —

  10. Brillo says:

    I should have written, “the last year” instead of the last “six months”.

    And that only accounts for bugs that have been discovered in the last six months. Most of these bugs have already been around for much longer than that lenght of time.

    The way you slice the figures simply makes no sense.

    This is, of course, not to mention the value of “evaluations” based on vulnerabilities discovered is always at best questionable.

    because they are on more PCs it does way more damage

    So how would the picture become different if all these PCs were given a Debian install instead? At the end of the day, you still have all the holes in the kernel and the same amount of users. I am sorry but unless you can convince me that Linux has in fact some sort of magical power that stops exploits dead from their tracks, you are still not making any sense.

    Of course, by “magic power” I don’t mean:

    The number of “developers” working on the source code – in part or in whole. Unless you can convince me that every segment – right down to every character – of the code in question is examined by this same number of “developers”, who are professionals with strong backgrounds in evaluating vulnerabilities and not students, hobbyists or even professionals with little of such knowledge, the number itself is simply worthless.
    Mitigatory measures against exploits. These include ASLR, NX bit, StackGuard, PaX, and other stalling tactics that slow down but do not prevent the development of exploits. Any financial or political incentive large enough will simply override the apparent difficulty to develop an exploit that can be launched against a target, and I don’t see you promoting anything other than “Debian GNU/Linux” (because, in your opinion, “it just works”).
    Worms, trojans and other malware. Let’s face it – they are just exploits wrapped in packages aimed at users running the same operating system. The lack of financial incentives (such the only existing target being a home-grown vegetable farmer in Manitoba) might prevent such packages from being created, but as the number of users grows, so will the financial incentives. Again, the problem here is that I don’t see you promoting anything other than “Debian GNU/Linux”.

    Alas, maybe I have over-killed here since thus far I have not yet seen an argument that this not along the line of:

    Linux is more secure because it has less pieces of malware than Windows.
    Linux has less pieces of malware than Windows because it is more secure.

    See the problem there? That’s circular reasoning. Am I supposed to not laugh at this, RP?

  11. oiaohm says:

    Ted my real-name is findable. Just I don’t like it.

    Chris Weig those numbers you are pulling have a problem. Source of report of the flaw. Linux most are in fact reported by the Linux Kernel Developers themselves.

    Yet Microsoft every flaw is reported by third parties.

    Chris Weig
    “And you conveniently forget that the Linux Kernel doesn’t constitute a working OS, therefore Windows 7′s metrics are even better.”
    In fact no. Since both are using different defines of security reporting this is why particular faults on Linux like Local DOS reported and you see no Windows Local DOS. Anything under Linux that can cause the kernel to stop is report as a possible DOS attack. No matter how impossible it will be to pull off.

    So this cause a big problem in compare. Also a buffer overflow if or if not it possible to create a security flaw in Linux is reported as such. Windows there has to be a confirmed exploit possibility for it to be a security flaw report on both sites.

    Chris Weig basically you have do number alterations to make the number play by the same rules so you can even compare them.

    Linux Developers report security flaws more. Yes something that causes a local crash and nothing else does not get written up as a security fault for windows but it is for Linux.

    So when you know how to read the numbers Windows is worse than Linux most of the time. Sometimes equal.

    Phenom
    “It is hardly Microsoft’s fault that some moron designed Linux to have all the drivers into its kernel.”

    The result of MS design is worse. It equals 1 device many different drivers. Then lot of drivers never being updated. So the number of holes in windows is more unknown than Linux.

    Even in the Linux world attackers normally don’t go after driver faults but target the core generic ones more. Because that flaw is going to be there.

    Chris Weig and Phenom you are both being trolls since you don’t know the security side and don’t have the knowledge to see that you are comparing wrong things.

    Number of drivers per device is a critical metric also how well those are maintained. Linux wins on that.

    Chris Weig you would have seen a windows machine lock-up at some point. Yet by the the number you are quoting that never happens. See the problem yet. Every lock-up under Linux is a security fault.

    This is the scary part about Linux. Almost every crash and lock-up under Linux ends up reported as a possible security fault. Why do this. Its call giving attacker a hard time. So they cannot go to the cve lists and go quickly shop for faults to exploit a system.

    Windows is some of the most exploited because the CVE report of Windows is clean. You want it dirty as possible.

    Linux is doing the right thing to slow attackers down Microsoft is not. CVE are just shopping lists for attack writers for Windows.

    When you limit down to take control of system. This is priv, overflow and bipass. We know linux over report overflow but this gets us close a fair metric. Then Linux is not that far out the ball park at any time.

  12. Chris Weig says:

    Further, Linux includes a mess of drivers whereas that other OS does not.

    But the many eyes, Mr. Pogson!

    Following your patented logic I will present my own conclusion: if the Linux Kernel, which unarguably is developed using the best processes FLOSS has to offer, is already that buggy, then you can expect all other FLOSS to be much, much worse in this respect.

  13. Ted says:

    “Notice that none of the pseudonyms provide a real name”

    So kozmcrae, Agent_Smith, oiaohm, lpbbear and the rest are real names? You had a point, “dougman”?

  14. Phenom says:

    Linux includes a mess of drivers

    It is hardly Microsoft’s fault that some moron designed Linux to have all the drivers into its kernel.

  15. Chris Weig wrote, “Where did you learn to count!?”

    At home. I should have written, “the last year” instead of the last “six months”. However you slice it that other OS has way more vulnerabilities and because they are on more PCs it does way more damage. Compare exploits if you want. There are about 1000 for that other OS for every one for Linux.

    Further, Linux includes a mess of drivers whereas that other OS does not.

  16. Chris Weig says:

    Where did you learn to count!?

    Linux Kernel 2012 Security Vulnerabilities: 97.

    Windows 7 2012 Security Vulnerabilities: 30.

    And you conveniently forget that the Linux Kernel doesn’t constitute a working OS, therefore Windows 7’s metrics are even better.

  17. Linux vulnerabilities of all kinds in the last year, 95.

    Windows 7 vulnerabilities of all kinds in the last year, 120.

    Windows XP vulnerabilities in the last year, 61.

    So, GNU/Linux has half as many vulnerabilities even though there’s only a tiny percentage of revenue available to deal with it. Imagine the result if I had included Vista and Server products. Imagine the result if M$ wrote all the drivers for that other OS… GNU/Linux is the right way to do IT. People who live in glass houses should not throw stones.
    (rp: changed “six months” to “year”)

  18. Chris Weig says:

    There’s no defense necessary. Mr. Pogson’s article speaks for itself. It’s another bragging piece in which he presents speculation as fact. Arguments won’t be of any help here, as they’d be falling on deaf ears. But just for the fun of it:

    Windows 7:

    178 CVEs with a CVSS score greater than 7 (“high” severity)

    Linux Kernel:

    240 CVEs with a CVSS score greater than 7 (“high” severity)

    You can verify this at CVE Details.

  19. kozmcrae says:

    The Cult of Microsoft is shamed into showing up. Let’s see… a quick perusal of the posts reveals nothing about Microsoft’s disastrous security. Yep, a bunch of fair weather friends of Microsoft. Won’t even come to their defence. You are pathetic.

  20. Brillo says:

    Notice that none of the pseudonyms provide a real name, a link to their website or even blog on the subject matter

    Again, that blog thing…

    You see, I have enlightened me here. Instead of doing anything productive during the day, form now on I’ll simply write essays after essays on the subject of “why people should go on a diet of tree bark instead of wash their hands before meals to avoid getting sick”, put them all on a website and dress the sucker up with a theme of mostly black, a bit of brown and splatters of grainy, public-domain images all over. I am so excited with this idea I think I’m gonna tell everyone I meet about it in my underwear.

    Whaddaya think?

  21. Brillo says:

    I gesture to say that Phenom, ch, @ldman, Ted, Tar, Chris Weig, Brillo, Ivan and Clarence Moon are all one in the same person.

    I ain’t sure that qualifies you as an electrician but you sure sound like you have spent quite a fair amount of time licking 9V batteries.

    Don’t get me wrong here: Picture someone who has been posting here 24/7 nonstop instead of sleeping, eating, sh… You know, for months and months and months. Surely such an outstanding survivalist deserves more respect than you have been giving.

    Perhaps you could theorize this in a different way. Say, the posters in question are in fact the enslaved souls of broken chairs and Steve Ballmer is an evil necromancer who controls the desktop market with reanimated corpses of your ancestors. Does that sound plausible to you? Sure it does!

  22. Clarence Moon says:

    Doughman (is that your real name?), you are so charmingly naive! You brag of having a web site, but it is so clumsy and only reveals that your “business” seems to be preying on technical unsophisticates willing to trust you to refurbish the performance of their PCs after a spate of downloading every piece of adware that they come across. At the same time you disparage their intelligence. Not much of a life, but maybe that is the best you can do, so congratulations!

    As a caution, where you “gesture” (an odd idiom, to be sure. Did you mean “venture”) to say that you think anyone with a contrary thought is just a pseudonym for one person, you show a sort of paranoia that can only get worse unless you get hold of yourself and start to consider things more rationally.

  23. dougman says:

    I gesture to say that Phenom, ch, @ldman, Ted, Tar, Chris Weig, Brillo, Ivan and Clarence Moon are all one in the same person.

    Notice that none of the pseudonyms provide a real name, a link to their website or even blog on the subject matter, save for giving Pog 15 reasons why Linux cannot be used for productive means.

    M$ zealots protect the value of Microsoft and Bill Gates. More often than not, you’ll find this group is controlled by security experts and IT professionals that use Windows regularly. To them, Linux is just another loser operating system that can’t stand up to the power of Microsoft and its minions. Worse, Linux distributions are crap, M$ Office can take Google Docs and LibreOffice for a ride anytime it wants, and if people start calling on Microsoft for its security issues and poor software craftsmanship, they can always revert to the classic line, “is that all you can say? When do you ever say anything different? M$ zealots are what the MVP program is all about!

    On another subject, and after seven years, Microsoft’s Office 2013 will finally provide ODF 1.2 support and perhaps pave the way for LibreOffice adoption.

    Note a typical comment from a typical M$ zealot, on that subject: It could be but it won’t. Do you know how many ODF files I’ve come across? None. Do you know how many ODF files people have asked for? None. This support won’t do anything. Its not the ODF support, its just that ODF just doesn’t have all the features one would need to be productive in an office environment. I hate to break it to you ODF fans, but people do more than just write up a simple text file.

  24. kozmcrae says:

    The Cult of Microsoft usually avoid articles about Microsoft’s security nightmare. Ain’t that right Phenom, ch, @ldman, Ted, Tar, Chris Weig, Brillo, Ivan and Clarence Moon. There’s no advocating for Microsoft’s horrendous security. It’s just a train wreck best left alone.

    Some advocates you are. A bunch of chickens. If you do try to defend Microsoft you do it by blaming the user. Now that I’ve goaded you let’s see what you’ve got. I’m always ready for a good laugh and your feeble defence of Microsoft security is a joke.

  25. dougman says:

    “Windows”, “Micro” and “soft” were words carefully chosen, to succinctly describe the operating system as a whole.

    Buyer BEWARE!

Leave a Reply