Hey, are you reading RiskAnalysis.is? You should be. Even if you don't read it on a regular basis, go and read Fear and Loathing in OS X Security Land; and then when you're done, read it again. Check out some of the awesome stuff:
Never take a magazine rating at face value. In fact, tell magazine reviewers that they need to put a metric up “How long the sales engineering team spent at our lab trying to get the stupid thing to start right.”
For sure. And keep in mind that not everybody reviewing a product necessarily installs it and runs it; I remember, for example, reading a review of Symantec's ESM for WebServers 1.0 back in the day (I wish I could find the reference) where the reviewer gave it the highest possible rating; needless to say, when I tried to install the product, I had some serious challenges getting it working - and then when it worked, it turns out that it didn't do what I (and probably most people) would need it to do. Clearly the review never actually tried to install and run it... In general, I find that the magazine reviews with a completely transparent methodology are the best ones to read.
(In reference to the ESM product - note that my experience was only that - my experience. Also, that was then and this is now, so I'm sure the new versions work great now and run like a champ.)
Posted by Ed at October 4, 2006 12:51 PM | TrackBack