From jericho at attrition.org Thu Aug 4 00:18:54 2005 From: jericho at attrition.org (security curmudgeon) Date: Thu Aug 4 00:18:57 2005 Subject: [attrition] Update: Pigeon Message-ID: http://www.attrition.org/~jericho/pix/dated/04-07-26-blackhat/pigeon/ From jericho at attrition.org Fri Aug 5 06:25:17 2005 From: jericho at attrition.org (security curmudgeon) Date: Fri Aug 5 06:25:21 2005 Subject: [attrition] Errata: Statistics 2.0 Message-ID: After way too long, the Errata Statistics section has finally been overhauled and will be maintained from here on out. -- http://attrition.org/errata/stats.html They say that 83% of all statistics are lies. Think about that for a second. One of the largest things media outlets use to back their claims are statistics. It is absolutely incredible how many times a media outlet will quote a statistic and not credit where it came from. Further, they are fond of taking creative liberty with how they quote the article to suit their needs. These stats cover damage to system, percentage of intrusions, and everything else. There are simply too many instances of suspect statistics as they relate to the computer security industry to read, match and provide analysis of them all. Most of the statistics here are simply referenced and left to the keen reader to draw their own conclusions. Analysis is provided for articles and reports that are widely quoted or otherwise interesting. Use the feedback link at the bottom of the page if you wish to recomend an article or report for analysis, please include why you feel this article is important. So.. read the following stats. Look carefully at what each claims. I think it is only a matter of minutes before you start to see wildly varying stats that conflict with each other. Remember this when you read future articles! [..]