How secure is Novell's software? The answer is that it depends on Microsoft, whose insecure-by-design frameworks Novell is embracing. Moreover, as another reminder of an old issue, former Novell staff is now securing Windows and striving to make Windows more secure than GNU/Linux.

So go ahead, make my day: ignore the popularity of AppArmor in the user community, keep blocking AppArmor from inclusion in Linus’ kernel. If all I have to do is make Windows security easier and more effective to deploy than SELinux, then my job is practically done for me J

Novell's Achilles heel in security is probably its embrace of Microsoft's ActiveX (not to mention .NET and and XAML) if reports like this one are something to go by.

Security-wise, time is no cure. Microsoft's Windows Vista remains the same overburdened and insecure operating system that it has been from the very start. The hypnosis and the lies continue though, judging by some of the very latest.

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is “very unlikely.”

According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

It's part of a pattern of patch/flaw hiding. ⬆