[LINK] Study shows pop-up warnings are ineffective

Marghanita da Cruz marghanita at ramin.com.au
Wed Oct 1 17:59:49 EST 2008

Ivan Trundle wrote:
> On 01/10/2008, at 5:11 PM, Marghanita da Cruz wrote:
>> and here is mozilla's view
>>> A number of press articles surrounding Symantec’s Internet Security 
>>> Threat Report, and other recent similar reports from Cenzic and 
>>> Secunia, are offering the confusing and incorrect conclusion that the 
>>> effective security and safety of web browsers can be measured by 
>>> simply counting the number of vendor disclosed software flaws.
> I did mention this in the earlier conversation I had with my 
> brother-in-law. He countered this assertion with the information that 
> the vendor (Microsoft) and organisations such as Auscert etc routinely 
> inform him of security flaws which have not yet been made public, in the 
> interests of finding a patch before it becomes more widely known.

Is that in the interests of finding or testing a patch?

> Either way, counting the number of security flaws without measuring the 
> likely impact is a flawed measure indeed.
> iT

Marghanita da Cruz
Phone: (+61)0414 869202

More information about the Link mailing list