this post was submitted on 16 Aug 2024
380 points (98.5% liked)

Cybersecurity - Memes

1891 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world
380
We're probably not the only ones running outdated software (feddit.org)
submitted 3 weeks ago by cron to c/cybersecuritymemes@lemmy.world
45 comments fedilink hide all child comments
 

Fun fact: The outdated software runs on outdated hardware, too.

you are viewing a single comment's thread
view the rest of the comments
[–] homesweethomeMrL@lemmy.world 12 points 3 weeks ago (7 children)

I've said it before and I'll say it again - Cybersecurity as an enormous global industry owes it's existence to Microsoft. Period.

If Microsoft suddenly disappeared, cybersecurity would be more like Accounting - basic systems, managed in-house.

[–] ByteOnBikes@slrpnk.net 2 points 3 weeks ago (4 children)

I was going to make a Linux joke being why my company's security has been stable... Until the XZ Utils exploit.

[–] cron 0 points 3 weeks ago (2 children)

Just this months patch tuesday notes:

Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day.

Sure, security vulnerabilities exist in the linux world, but luckily not that many.

[–] ben_dover@lemmy.ml 5 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

yes and no. if you look at the number of reported CVEs, debian takes the crown of all operating systems. still feeling more secure on linux than any closed source system

[–] OhNoMoreLemmy@lemmy.ml 3 points 3 weeks ago

Yeah, that's because there's an entire cottage industry of people scraping old bug reports, and linter errors to create CVEs they can sell to customers worrying about security. It creates a huge number of false positives. E.g. see https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/

I think any measure that is looking at a raw count is going to be meaningless. Particularly, comparing raw counts between open and closed software.

load more comments (1 replies)
load more comments (3 replies)