The worst security problems?

Friday, 15 November 2002, 7:58 AM EST

About a month ago, the SANS Institute, in cooperation with the U.S. Federal Bureau of Investigation, released its list of "The Twenty Most Critical Internet Security Vulnerabilities (Updated) - The Experts' Consensus" for 2002.

The information provided was picked up and relayed to the public by many news sites and major newspapers across the United States and Canada. Although the SANS Institute notes, further down in the top-20 page, that this is actually two top-ten lists, even sophisticated publications such as Computerworld, which referred to the list as the "top 20" throughout its front page treatment of the story, didn't make that distinction clear to readers.

In addition, you have to dig fairly deeply into the announcement to see the top 10 Windows list is limited to a few current variants of major Windows-brand server operating systems, while the Unix list includes applications, desktops and bugs going back at least as far as 1990. More subtly, the title coupled with the silent omission of all information about the relative costs and risks represented by the listed vulnerabilities invites readers to impute a rational basis, such as cost or risk, for the rankings shown.

[ Read more ]

Related items




Spotlight

Email scammers stole $215M from businesses in 14 months

Posted on 29 January 2015.  |  In 14 months there have been nearly 1200 US and a little over 900 non-US victims of BEC scams, and the total money loss reached nearly $215 million.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jan 30th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //