Microsoft security report not that intelligent, Schiffman says

Microsoft recently released its semi-annual Security Gospel According to Microsoft Report, otherwise known as the Microsoft 

Security Intelligence Report (MSIR). The report attempts to provide a perspective for the second half of 2007. It is full of statistics and is an otherwise professional-looking report. But Network World Security Phreak" blogger Noah Schiffman says don't let appearances fool you. After reading the report's Key Findings Summary, he says it "appears to have been co-authored by Microsoft Bob and Clippy."

He continues with more biting criticsm:

"While some of the data they provide is more speculative, than authoritative, the ultimate downfall of the MSIR results from its lack of standardization and clarification of data and graphs. Many of the comparative statistics are rendered meaningless due to erroneous assumptions and absent relative variables. Actually, it became pretty painful to read after a while."

Schiffman doesn't just take exception to the misleading statistics, he combed through each section pointing out flaws in logic, in data or both. He notes that the report actually touts the security of newer products by claiming they are more secure than older products (um, yeah, newer products should be more secure, shouldn't they?). The MISR goes on to applaud the good work of the Malicious Software Removal Tool, even though its good work is extremely limited, even by Microsoft's own account.

The upshot, Microsoft security sure is wonderful, in Microsoft's own mind. READ Schiffman's full blog post.

Go to the Microsoft Subnet home page for more news, blogs, podcasts.

More Microsoft Subnet blog posts:

Massive SQL-injection attack not Microsoft's fault, security official saysDoes Microsoft itself engage in Vista bashing? 3Q financials show Microsoft needs a jump start XP from Dell will continueNew Microsoft virtualization tool coming soon Plus, check out Microsoft Subnet's expert bloggers:Mitchell Ashley's Converging on Microsoft blogMitchell Ashley's Converging on Microsoft podcastTyson Kopczynski: Hidden Microsoft Kerrie Meyler: Managing Microsoft Glenn Weadock: Windows Server 2008 Alex Lewis: Windows into Silicon Valley Brian Egler: SQL Server StrategiesMore Microsoft Subnet bloggers

Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)


Copyright © 2008 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022