Re: [Full-disclosure] Windows' future (reprise)

["Thor (Hammer of God)" <Thor@xxxxxxxxxxxxxxx>]

The error in your overall thesis is your failure to identify the difference 
between threat and risk.  You are interacting with Symantec's report of "x new 
threats" as if it actually means something, or more specifically, that these 
new threats somehow translate into some new level of risk.  They don't.

According to Stephen Hawking, there are new threats emerging based on the 
statistical probability of the existence of aliens.  Therefore, a "threat" 
exists where I may be struck in the head by a falling block of green alien poo, 
frozen in the atmosphere after being flushed out by a passing pan-galactic 
alien survey ship.  However, the actual *risk* of me being hit in the head 
while walking to a matinée of The Rocky Horror Picture Show doesn't dictate 
that I apply a small mixture of Purell and Teflon to my umbrella and fill my 
squirt gun with alien repellent.

The risk of me personally being struck by falling alien poo is *far* lower than 
the risk of any one of the almost 7 billion people on the planet being struck 
by falling alien poo.  You may be able to calculate the risk of my being poo'd 
in relation to any given human being poo'd, but no level of math will allow you 
to determine what my or any other person's individual chance of being poo'd is.

Your argument would call everyone to change the way they protect themselves 
from falling alien poo out of the mere existence of a threat without really 
qualifying the associated risk.  That does nothing for anyone, and would only 
cause a rise in the cost of umbrellas and squirt guns and would probably result 
in the theater putting the kibosh on Rock Horror completely and charging people 
to watch Born Free.  (Insert clever association of "Born Free" with "free" open 
source products here.  See what I did there?)

Further, the basis of this "threat" is that you would actually have to trust 
what Stephen Hawking is saying in the first place.  In his case, there really 
isn't any way to know that he's the one saying it, is there?  For all we know, 
the ghost of Carl Sagan could have hacked into his computer and has made Mr. 
Hawking's requests to have his Depends changed translated into "run for your 
lives, the aliens are coming, the aliens are coming"  when his computer talks.

My point is that you are taking threat statistics from Symantec that don't mean 
anything on their own, as there is no definition of how those threats would 
apply to any given system, and directly converting them into some global level 
of risk - and you are doing so to such extremes that you actually conclude that 
the solution is to do away with Microsoft products based on some unproven and 
imagined postulate that closed source is somehow at the core of the issue while 
at the same time admitting you don't know anything about the platform.   The 
fact that you are actually using Windows and programs written with Visual 
Studio out of convenience to you critically damages your argument.  If you as 
the author of this idea refuse to migrate from Windows or applications written 
with Windows development products and frameworks just because it is *not 
convenient* for you, how could you possibly expect anyone supporting any 
infrastructure of consequence to take your advice or even consider your ideas 
as anything other than hysteria when they would have to engage in unfathomable 
expense, effort and time to create a total and complete paradigm change in 
their business simply to try to defend against being hit by falling alien poo?

t


>An interesting point - Unicode?
>
>I don't think 5Mb files are infeasible, especially as time passes,
>that'll be just a blip before long.
>
>Stu
>
>On 15 May 2010 at 14:59, Christian Sciberras wrote:
>
>Date sent:      Sat, 15 May 2010 14:59:46 +0100
>Subject:        Re: [Full-disclosure] Windows' future (reprise)
>From:   Christian Sciberras <uuf6429 () gmail com>
>To:     stuart () cyberdelix net


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/