Showing posts with label stats. Show all posts
Showing posts with label stats. Show all posts
Friday, July 10, 2009
Questioning marketshares of webservers
Nothing developed here, just a question: aren't the statistics about the market shares of the various servers obfuscated by the use of front-end technologies such as reverse proxies, web accelerators, load balancers, etc?
Tuesday, January 27, 2009
Spammers are back at it
I blogged two months ago about a sharp decrease in spam, due to removing a big spammer from the Internet, by legal means. The spammers are back, though not yet at their highest level.
The article at Network World.
The article at Network World.
Friday, November 14, 2008
Sharp decrease in spam
A big spammer was cut out of the Internet. 70% of the world's spam seems to have vanished.
I was once told by Olivier Caleff that there could be no decrease in spam, that if you saw a decrease in the number of spams caught by your antispam, it was that your antispam was falling behind the smartness of spammers.
But I think it doesn't apply to this situation. If we don't watch the pessimist side "they will start their spamming business again somewhere else and all that will be for nothing!", that's very good news :-)
Not often a security guy can get happy by reading news.
I was once told by Olivier Caleff that there could be no decrease in spam, that if you saw a decrease in the number of spams caught by your antispam, it was that your antispam was falling behind the smartness of spammers.
But I think it doesn't apply to this situation. If we don't watch the pessimist side "they will start their spamming business again somewhere else and all that will be for nothing!", that's very good news :-)
Not often a security guy can get happy by reading news.
Monday, November 3, 2008
Decrease in vulnerabilities: a myth
Joseph Tartakoff just published a statistics about the number of vulnerabilities in Microsoft products. They have decreased by 38% in six months. That seems to be good news, for sure, yet I would like to underline two not-so-good elements of explanation about it:
I am quite skeptical about the interpretation of whatever statistics of vulnerabilities. Except if the numbers were zero or infinite, I don't think we can get something productive out of it.
- It's possible that the number of vulnerabilities decreased simply because the guys looking for vulnerabilities (either white, grey or black hat) don't focus on the operating system that much anymore. Online applications have come to replace a lot of our previous applications.
- It's possible that the numbers don't reflect the actual numbers of vulnerabilities, because found vulnerabilities are sold to the underground of black hats, and not published in the open.
I am quite skeptical about the interpretation of whatever statistics of vulnerabilities. Except if the numbers were zero or infinite, I don't think we can get something productive out of it.
Subscribe to:
Posts (Atom)
Posts
