On Thu, Aug 28, 2008 at 02:56:14PM +0100, Phillip Chandler wrote:
> > "The proportion of insecure software written in PHP, out of the total
> > of all common software vulnerabilities, amounted to: 12% in 2003, 20%
> > in 2004, 28% in 2005, 43% in 2006, 36% in 2007, and 33.8% for the
> > first quarter of 2008."
>
> So the figures you quoted. I take it they are proportionate to the
> amount of software thats being written. Rather than, say, theres 50
> progs and they are all getting slowly hacked. Or that there is 50 new
> progs being released each year, and 61 are being hacked. If you get my
> drift.
This is about known vulnerabilities rather than hacking. So it's the
proportion of vulnerabilities uncovered in software written in PHP each
year.
http://en.wikipedia.org/wiki/PHP
I assume it's weighted by the amount of software written in PHP, but I
very much doubt it's proportional to it.
Dan
