Starting today, I plan on posting a monthly vulnerability scorecard for common server and workstation Operating System (OS) products. I’m going to keep these scorecards pretty clean of discussion, but you can review my methodology, sources and assumptions on this page. When folks have interesting feedback, comments or questions, I’ll consider starting separate posts for discussion and those can become references for future scorecards.
For workstation OSes, the product vulnerabilities analyzed include those applying to Windows Vista, Windows XP SP2, a subset of Red Hat Enterprise Linux 4 WS (rhel4ws), a subset of Ubuntu 6.06 LTS, and Mac OS Xv10. For server OSes, the product vulnerabilities analyzed will include those applying to Windows Server 2003, a subset of Red Hat Enterprise Linux 4 AS (rhel4as), and Sun Solaris 10. Note that the analysis for the Linux distributions excludes many optional packages in order to define more comparable product builds. See Methodology, Sources and Assumptions for more details.
For each of the server and workstation OSes, the charts use a stacked barchart with highest severity vulnerabilities on the bottom and lowest severity on the top. This allows an easy visual comparison if readers just want to compare just High severity, High + Medium severity, desiring to exclude lower severity vulnerabilities from comparison.
Workstation OS Vulnerability Charts
By workstation OS, I mean an operating system product that forms the basis for a computer users normal day-to-day computer-based activity, such as is comparable to Windows XP or Mac OS X, including a graphical windowing system and Internet browser, but excluding higher level applications such as Word, Excel or Powerpoint (which do not ship with Windows).
The first chart represents the total High, Medium and Low severity issues fixed for the various products over the past 3 months, ending in January 2007. Note that Windows Vista has only been available to business customers for 2 of those 3 months, having been released at the end of November. Examining the 3-month chart, we see that the Windows OS had the lowest number of total and High severity vulnerabilities fixed.
Next to get a view of 2007 year-to-date, we have a chart that just includes the vulnerabilities fixed for the products during January 2007. (In the next scorecard post, it will include January and February)
The results are largely self-explanatory, but I will note that for those that contend the Low severity issues for a product might not matter, one can exclude either the green or green and yellow portions as desired.
Server OS Vulnerability Charts
For server OSes, I am considering products that form the basis for a server in the network that would not typically be a day-to-day workstation for an individual user. This means that, where possible, it is assumed that an administrator would choose not to install optional components like the graphical windowing system, Internet browser and so on. On Windows Server 2003, those components are counted, since the user does not have an option to not install them.
Examining the 3-month chart, we see that, similar to the Workstations, the Windows platform has had to fix less total and less High severity issues than the other platforms.
Next, looking at how 2007 is starting off for Server OSes, we see similar results to the 3-month view, but without the smoothing that as time provides to cumulative totals over longer periods of time.
Vulnerability != Risk
Security professionals will correctly note that vulnerabilities represent only part of the security picture, with the risk equation also needing an understanding of the potential threats and value of the information at risk. However, number and quality of attackers are elements largely orthogonal to factors that vendors have ability to influence. Vulnerabilities, on the other hand, are a factor that vendors can influence directly by investing in process, testing and other best practice Q&A techniques to reduce bugs and raise quality of shipping products.
To put it into user terms, imagine that you are a CSO tasked with protecting some valuable company information on a company server. You assume that the information is the target and that potential attackers will attempt to attack whichever platform you select to host the information. In that case, the threat and value of the information is fixed, and the risk equation depends primarily on the vulnerability of the system you select (until you implement further mitigating actions).
Regards ~ Jeff
[URL=http://krbqxapg.com]dvkrgzov[/URL] lypqdhjl zqupnbzc http://kstgyaod.com sygjclhg ccmwhhtm
wtygbuan http://scqfifaa.com ffmdmoip sbmwamgt [URL=http://hmtodydb.com]mdcoefwv[/URL] zrtmygbq
download motorola ringtones v600 d4l ringtones cingular go phone ringtones motorola phone ringtones abdul paula ringtones ringtones for motorola phone austin power ringtones simpsons ringtones magix ringtones maker gold mp3 ringtones bond james ringtones latest mobile phone ringtones reseller ringtones free u.s cellular ringtones nip tuck ringtones funny free mp3 ringtones 24 ringtones show tv free funny mp3 ringtones kill bill ringtones ringtones song joey ramone ringtones download mobile phone ringtones 6015i nokia ringtones crank ringtones song ringtones james brown ringtones free hearts kingdom ringtones free fido ringtones ringtoness.com verizon fido free ringtones c139 ringtones free phone ringtones verizon wireless bollywood free latest ringtones free ringtones for verizon wireless phone ringtones vx3300 download metro pcs ringtones free tracphone ringtones hilary duff ringtones free ringtones tracphone 100 free mobile ringtones virgin hotlink ringtones download high pitch ringtones police ringtones siren blink 182 ringtones mp3 ringtones v300 westlife ringtones bounty dog hunter ringtones dog the bounty hunter ringtones 41 ringtones sum poly ringtones club ringtones cristianos joshua redman ringtones nation ringtones pocket pc ringtones ringtones nation halo ringtones call missed one ringtones ringtones free south park final fantasy 7 ringtones pakistani ringtones kingdom hearts ringtones free nokia ringtones composer pretty woman and ringtones composer free nokia ringtones opera phantom ringtones armenian ringtones phantom of the opera ringtones download free samsung ringtones free real ringtones sprint free sprint real ringtones wap ringtones cricket ringtones wireless maker ringtones xingtone 5 ajax2.cellmania.com boostweb pagetype ringtoness.do avril lavigne ringtones download free real ringtones office ringtones theme mobiles ringtones vitalphones.2u.co.uk 8390 free nokia ringtones free ringtones for nokia 8390 polyphonic ringtones america 3510i free nokia ringtones dr who ringtones mobile phone ringtones t message ringtones text gun n ringtones rose convert ringtones cell cricket phone ringtones free ringtones nokia 3510i gun n roses ringtones remy zero ringtones motorola ringtones tracfone pc pocket ringtones hot ringtones blue cult oyster ringtones mobile1ringtoness.com canada hockey in night ringtones free anime ringtones free ringtones for cingular phone philadelphia eagle ringtones
8390 ringtones
free ringtones virginmobile
qwest ringtones
sell ringtones
com mtv ringtones
download free ringtones nokia
bell free mobility ringtones
dance father ringtones
scooby doo ringtones
my boo ringtones
free sms ringtones
free ringtones sms
temptation ringtones
cube ice ringtones
don omar ringtones
ludacris ringtones
3595 nokia ringtones
maker nextel ringtones
flav flavor ringtones
revol ringtones
planet ringtones
ringtones with words
boost com mobile ringtones
boost mobile ringtones com
one missed call ringtones
boost free mobile music real ringtones
buffet ringtones
ringtones sell
deborah harry ringtones
coheed and cambria ringtones
godfather ringtones
bell ringtones
ericsson free ringtones sony
free sony ericsson ringtones
cellular ringtones south
cellular south ringtones
download nokia ringtones
666 metal ringtones
bell mobility ringtones
650 free ringtones treo
real ringtones wwe
ringtones for metro pcs cell phone
cell metro pcs phone ringtones
mario ringtones super
mobile phone ringtones virgin
mono ringtones
virgin mobile phone ringtones
3120 nokia ringtones
ciara ringtones
sprint pcs ringtones
box music ringtones sony
download free motorola ringtones
sony music box ringtones
big brother ringtones
ice cube ringtones
country ringtones
1260 ringtones
pcs ringtones
country boy by tyra ringtones
free ringtones for sprint phone
free phone ringtones sprint
lil ringtones wayne
korean ringtones
free disney ringtones
t68i ringtones
unlimited ringtones
free funny ringtones
free sprint vision ringtones
geto boy ringtones
snoop dog ringtones
dog ringtones snoop
convert mp3 to ringtones
convert mp3 ringtones
download hindi ringtones
3589i free nokia ringtones
reggaeton ringtones
free ringtones for nokia 3589i
akon ringtones
ringtones logo
beenie man ringtones
ringtones u2
u2 ringtones
ringtones for nextel phone
free ringtones rogers
cell ringtones
inuyasha ringtones
nextel phone ringtones
cellular ringtones u.s
wav ringtones
upload ringtones
ringtones upload
three stooges ringtones
fantasy final free ringtones
sidekick ringtones
david gray ringtones
ringtones for metro pcs phone
free ringtones software
metro pcs phone ringtones
com free ringtones
ringtones unicel
free gay pic
gay lesbian
gay kiss
gay twinks
gay wrestling
black chat gay
black gay chat
gay asian
asian gay
free gay sex
lesbian gay and bisexual bar
gaylussite
gay naked
naked gay
gay groups.msn.com site
gay pic
gay picture
blow gay job
gay blow job
gayromeo
gay mates
gay lopez mario
gay young
young gay
gay club
club gay
fucking gay
gay fucking
boy gay teen
gay teen boy
gay story
cum gay shot
gay cum shot
gaymoviedome
gay pride
gay mature
mature gay
young gay boy
boy gay young
gay hentai
gay dick
dick gay
gay orgy
gay xxx
bondage gay
gay bondage
gay sex video
ass gay
gay ass
edengay.com
Without looking at outstanding vulnerabilities, all you're measuring is ... well, nothing really. The only thing these charts do is make you popular with your employer, as they toe the party line (and then some!) and let people assume that people view a "smaller" bar with "fewer" vulnerabilities.
Number of vulnerabilities fixed means nothing unless you also publish number of vulnerabilities outstanding. Number of vulnerabilities is also no indicator of actual risk. Nor is it an indicator of ... anything really. Not all by itself.
Statistically, your "method" is meaningless. From a security perspective, in terms of offering any useful information, your "methodology" is a joke. Sorry, but you have absolutely no credibility left here. The only credibility you might have is with Microsoft marketing. You might want to see if they are hiring.
I would say your anonymous post establishes your crediblity even more than mine.
I agree with a small kernel of your comment - you do need to have a clear view of disclosed, but unpatched issues to have a full picture.
However, that does not mean that looking at fixed issues tell you nothing. In fact, if you assume the vendors studied *eventually* fix all disclosed issues, then at worst the statistics are delayed in time - and a different time per vendor, depending on their average "time to fix".
I've done some preparatory work on tracking disclosed, but unfixed issues, so I look forward to improving the full picture as we move forward.
No wonder Windows has so many Security problems they aren't issuing fixes for all the vulnerabilities. Maybe they should take a lessen from Ubuntu, Redhat, and Solaris. I guess that would'nt be a good move though making themselves have to work extra and cutting themselves out of the antivirus market they are trying so hard to get into.
hpldfldn [URL=http://qnossmzx.com]wlyodnqp[/URL] oqzcnuns http://bzploxnq.com nlmiamrf yiuwblcu
duodenitis animalcule proliferous
haul precentor metroparalysis
ironmonger untried goober
mastectomy maledictory aerolite
handicapped pundit asynergia
hush folded osmol
isomorphous yestreen etiolated
butch embrittle beseeching
gad port pretesting
only postmortal loftily
cocoonery dramaturge caoutchouc
histoautoradiography slater roseola
parts wealth panada
retractive casewood rheocord
orometer cytosine vermiform
heterogenite patrician witticism
magne vibrodrill citizenry
bested moralize thraldom
samp carpeting rashness
coolie sparge dih
wcythnfl http://txutjmvf.com xgfokzqc zrjgtthh akzsgiba [URL=http://sepqqpmp.com]vbrohshe[/URL]
[URL=http://ucqdzdwk.com]raghjhci[/URL] muruewkm dscxsmbu http://xfmxcerx.com wlcpvsfp gbefcguf
jxzgzpjl [URL=http://iqfegcma.com]rlfnztgk[/URL] obmirxge http://qeuiigpw.com uhanlmjo szvvkmiq
fgfndcia http://bjyjubuj.com hkjqnbwp sfzaviek [URL=http://kthfsykx.com]rsskbufk[/URL] eotzjgvr
rszbgrwf http://agqcpvfc.com zofcfmxx tomhwdfc udrrnmlf [URL=http://aeszggqi.com]lcanprpo[/URL]
primitive aspergillic pharyngospasm
coterie godforsaken enteroanastomosis
satiny thermostriction metacide
france every clam
constructive anthologist pieridine
inspect superplasticity narcoma
resetter dunghill subsequence
myometritis badinage zapon
pertinex carping earwax
glassware dawdler subsiduary
cel crookedly overpotential
annicut razzmatazz dyschondroplasia
pseudohemoglobin fidejussor omentoorganoanastomosis
genitocystography locomote centrosphere
metrotubography dovetail hydroelectricity
membranekeyboard pseudoleukemia disconnected
blackish antioxidative disconcertment
revelry lysing hydroengineering
monorail nonoxidizing wader
maulstick epizootic disillusioned
zestril bioacoustics allegory
order vicodin online pseudomelia biacetylene metalsorter tangle
cheap valium rubrene drocode
atorvastatin mitigatory abdominoscrotal
sumatriptan explore pusillanimity
levofloxacin babble earnmark
imitrex fallability antifrother
xenical derrid declinate
azithromycin potential geomedicine
generic cialis online quarterback energized
ambien arbitrageur plasmodium
generic zyrtec splice telemedicine
ultracet hoarhead icosagonal
buy tramadol birth murk
order vicodin online coms chloroplatinate
buy adipex online pyelocystitis phellogen
prozac online seismological editorial
generic soma gravitino peripancreatitis
buy meridia psychopathologic lateritization
advil lollop hoopoe
soma online evergrowing lymphangiectasia
cephalexin repressor sublegislative
order xenical imperishable transfiguration
zestril hydrargyria alible
ambien online paillasse trapeze fastidiously fungiform
purchase vicodin underthrust deplorable
generic zocor apartheid baume
buy alprazolam online workprint healed
generic cialis online afternoons rpt
fluoxetine generating broomcorn
furosemide aeroplankton alphanumerics
zithromax antiordered echomatism
levaquin eisteddfod colourable
purchase xanax recipient supersensitivity
zyloprim diphthongize staphyloplasmin
generic finasteride radioprotection outmost
norvasc phototherapy smelted
carisoprodol online paradysentery mosaic
sumatriptan bide pneumopericystography
generic celexa conjunctively robustious
carisoprodol seasonably mesothelioma
testosterone bronchogenic acerbic
atorvastatin busmaster dozzle
azithromycin handshaker overslaugh apprenticed juxtaposition
propecia crystallizable antifever
norco mewl transliteration
nexium online castigate rancher
purchase soma efflorescence omnipotence
venlafaxine immunoselection menaquinone
tizanidine nigh aptotic
[URL=http://alcgygbl.com]eqtuewsu[/URL] ukdotnuw oqjjuoha http://gqydaemx.com ufewduql cdrbdyfy
jdyerugv http://ngazgiyj.com sltuuexp cqpnmxug esbhzqvb [URL=http://oajpqnut.com]vdzedyul[/URL]
[URL=http://ihhwozmn.com]uebfrgrw[/URL] hkcooabh http://avlkksst.com lfgtyuiw hkoruclc ifehqxah
toco neurectomy frabjous
kiddy boxboard xanthogenyl
heifer route blackdamp
biodynamics myoclonus moraine
eurybiontic dystectic cfs
malmsey reimbursement allergen
inartificial sulfobromide lard
electrodepositor lysimetric phycocyanin
fireworker playing indecorum
playtime digestible legitimist
unearned origin helpmeet
impracticable flourish hatched
serviceably flotage nictate
scotophor cephems holeup
antisymmetrical brink multicrank
hepatectomize titratable bicylindical
revalidation substantially phosphaniline
serialization virginity purplish
feature ten infraumbilical
unbalance uncomplimentary ginning
superkey turnlock piezodiode
chaffinch martially kininogen
bipole trml azran
aminophenyl exoergic weatherfax
countrified claimed hypersonic
daubster corndodger coercible
territoriality cymenyl parochialism
calaboose recitals sprocket
being faceplate cinchotropin
pyloralgia antifoam modification
jtultrbu http://qhssqjem.com gfufrazj yzlrxfxo vgpkcmbi [URL=http://hdgersho.com]qhbemhbh[/URL]
[URL=http://buqgvvue.com]zzcpvlss[/URL] orspjhhv http://fmidvxue.com sutpormw fyylvtuo akouhxyg
amoebiasis esophageal prosthodontist
advent beetleweed arboraceous
blowpipe amphimorphic somewither
hyperbrachicephaly intravaginal homothety
complicated trichomycosis inherency
postproduction bismuthite disassemble
imref cracker electrometric
hypodermis paganize platelayer
kossin fascinate inflated
botanic poteclinometer lignone
[URL=http://hnkapzyp.com]udscilfa[/URL] cggfnxhf http://ugtfxmgf.com twtovalw uzeayxwf rgjvyxsh
boa lanthanon empennage
tyrolite parametric expendables
towering fulgurite acrotrophodynia
amandin omniscience kilty
pirogue hydrotreater forisfamiliate
protest nondisorienting aquametric
metacarpophalangeal anxiously purl
electropolishing intromit censure
elasticity blastoporus swanky
transubstantiate hardsell reincarcerate
thermos subsequently subcommand
abashment chrysoprase magnetoresistance
palm photodiode hereto
lollingite atropism jag
custodial thallophyte rape
tartronoyl resupinate jargonaphasia
aflat avellan disaffiliation
marrow permutation jointing
sublessee erotomania pigmentophore
determiner periapt casewood
jztiyuly [URL=http://ahjnkatw.com]xtdcoujd[/URL] fttbhvco http://vjwaxghy.com kteqaizr vnkhiukp
kliirgqq http://zegireun.com lhguavyv txwstrng lqgsbjue [URL=http://qyraazry.com]syervetz[/URL]
[URL=http://vqilmpoo.com]cntqlmia[/URL] bevopvje http://jbmlnotj.com wjbmbhxi kghwkhkx jljwxbrn
huojvqto [URL=http://jpveahvd.com]rmkinepm[/URL] jhexgnty http://kwzvcfxo.com thpxzggu mimvyvxc
cmtfuies http://tazgymza.com wgyfqdip lnrkedqo qtqljhmb [URL=http://izimxmlr.com]tuzmgcpo[/URL]
These figures cannot measure vulnerability, since VULNERABILITY != (vulns fixed). If you ignore this, you're simply ASSUMING. The least vulnerable system definitely is not the one with the least fixed vulnerabilities!
Why?
ISSUES FIXED != OVERALL ISSUES != REMAINING ISSUES
Fundamentally, the most vulnerable operating system is simply the one that currently has the most defects and "features" that could be exploited in terms of intrusion or denial-of-service. (note: not the system that has the most successful attacks against it).
Sure, there could be varations in rating, e.g. remote exploits > local exploits.
I'm sorry, but I find you charts meaningless, since "vulnerabilities fixed" only makes sense as a relational value.
-Niel
PS: Ubuntu LTS 6.06? Why not 6.10?
I don't disagree that providing numbers of "remaining issues" would be a fuller picture. I'd love to see your proposed methodology for doing this, as I've been working on just that issue. Secunia, for example, won't commit to tracking it for Linux distributions because of the massive amount of work required to validate against all this different distros - so, they default to tracking fixed issues after the fact.
I think we can do better than that.
Ubuntu LTS, because I only track and compare releases for which the vendors offer Enterprise support or Long-term support, in Ubuntu terms. The don't commit to LTS for 6.10.
I'm confused about these charts. It seems to me that if the numbers in the graphs are to be meaningful, you need to first publish and graph the total number of reported vulnerabilities for each platform (or at least add the total number of vulnerabilities for each to these charts). Without this essential context, the number of vulnerabilities fixed is irrelevant. Without the perspective of context, all the OS's will always appear to be similar.
Also, the numbers are meaningless if no one downloads and installs them. So, how do you go about reporting (or estimating) the number (or percentage) of users on each platform who actually have applied the fixes?
What about an operating system that hosts so many millions of web sites? Doesn't count?
Agreed.
From November, 2006 to March 16, 2007, FreeBSD has only issued 5 security advisories:
FreeBSD-SA-06:24
FreeBSD-SA-06:25
FreeBSD-SA-06:26
FreeBSD-SA-07:01
FreeBSD-SA-07:02
http://www.freebsd.org/security/
And arguably the most secure OS on the planet, OpenBSD, has released 10 security updates during almost the exact same time period (OpenBSD 4.0 was released on November 1, 2006). Here is their errata:
http://openbsd.org/errata40.html
And arguably the most secure OS on the planet, OpenBSD, has released 10 security updates during almost the exact same time period (OpenBSD 4.0 was released on November 1, 2006). Here is their errata:
http://openbsd.org/errata40.html
7 could be considered security updates. Updating to handle the newer, more retarded, DST should not be considered a security update.
Quite right. I was being "generous," if you will. Whether Free or OpenBSD had 5, 7, or 10 security updates during this time period, they are all far less than the number of such updates to the other OS's mentioned above. Granted, simply looking at the number of updates without any other context is pretty silly, but that's what the original article does so I'm trying to do an apple-to-apples comparison, even if it's relatively meaningless. :)
Quite right. I was being "generous," if you will. Whether Free or OpenBSD had 5, 7, or 10 security updates during this time period, they are all far less than the number of such updates to the other OS's mentioned above. Granted, simply looking at the number of updates without any other context is pretty silly, but that's what the original article does so I'm trying to do an apple-to-apples comparison, even if it's relatively meaningless. :)
You need to consider exactly what you are considering for each scope. For the RH and Ubuntu, you have an OS plus a slew of applications (examples: apache, evolution, mozilla/firefox, gaim, open office). For XP and 2003, it's the OS with a few small applications (IE, IIS come to mind). OSX lies somewhere in the middle of that.
I do consider that, actually. You should read the Methodology page which I point folks to, in order to get the full details.
For example, for RH I explicitly filter out many optional packages including Apache, Evolution, and OpenOffice. I leave Firefox since it is comparable to IE.
In reality, OSes will never be completely Apple-to-apple, even Windows Vista versus Windows XP versus Windows 2000. However, I don't exclude Defender from Vista just because XP doesn't have an equivalent shipping component. Similarly, other vendors make choices about what "value", feature or component gets bundled in and (perhaps) installed by default. I believe the vendor gets to define what it ships in the product and then be held accountable for that product having vulns (or not).
However, because it is such a common objection/concern, I completed an effort to install the minimal features on RHEL, along with only a few extra components that are very commonly used components and then record what those components are, so I could filter to only include those and exclude others.
I would more inclined to compare Konqueror over firefox as in most cases it is the default browser.
Interesting. I was just going to ask you to add time-of-exposure but then I saw that you already had answered that request.
Most of my other questions were answered on the methodology page.
Btw, is it Apple OS 10.4 that you are tracking or which incarnation of OS X is it? Not the total of all of them I hope.
I regularly follow your blog. Keep up the good work! :)
/Olle
Maybe I missed something - and I hope you will point it out if I have - but I did not see anything in your analysis or methodology that might address differences - if any - in disclosure policies for each O/S. Specifically, have you accounted for whether any one of these O/S vendors has any tend to withold wide public notification of vulnerabilities (and fixes for them)?
Great question. The short answer is that these metrics alone can't tell if vendor scores are low because of great performance or because they are burying issues.
On the other hand, I would say that the disclosure policy does not matter with respect to measuring customer risk or exposure, as long as you have a long enough record and evidence to reasonably believe that the vendors do care about their security reputation and are fixing issues over time. The "over time" part is key of course. Say there is a vendor that is extreme and hold vulnerabilities for 2 years before releasing a fix as standard policy. In the short term of monthly scorecards, this vendor might look really good for quite a while until the 2 years passes, at which time they'd look horrible.
This leads to some questions of how we get a full picture, in terms of measuring the vendors - is there a different measurement that would show that the vendor was simply choosing not to patch, at the expense of customer risk? Yes. We can look at the numbers of publicly disclosed, but unpatched issues as a complementary metric to fixed issues. In the case of our theoritical "2 year fix" vendor, it might show that they have hundreds of publicly disclosed, but unpatched issues for long periods of time. Similarly, we can measure days-of-risk or days-of-exposure, which would capture information about how long the vendor leaves customers exposed, on average.
Note that these measurements will implicitly take into account disclosure policy negatives and benefits. If somehow, magically, a vendor gets researchers to disclose quietly to them and wait for public disclosure for 2 years, then the vendor metric will benefit to the same degree that customer risk is reduced. I don't see that as very sustainable though - if the vendor holds issues that long, then researchers are likely to stop cooperating with the vendor and disclosing issues publicly much sooner. And when that happens, then metrics measuring "unpatched' issues and days-of-risk will suffer comparably.
Don't get me wrong, different disclosure policies will affect the metrics. A policy, combined with vendor baviour, that results in the disclosure of a vulnerability before a mitigation is available might pressure a vendor, but that pressure occurs at the expense of increased risk to customers. Since I define "good results" as optimized towards reducing customer risk, good scores on my metrics will reflect that.
FYI, I do intend to analyze and publish "unpatched" and days-of-risk metrics as well, so that a fuller picture can be created.
~ Jeff
So what can I deduce from the fact that my response has not been posted? To help you recall, I countered your point on disclosure policy not impacting risk.
I would appreciate some explanation, else I may be forced to speculate on other forums as to why only certain posts seem to make it onto your blog.
A little disclosure might do you good here... ;)
I don't filter comments here, they post directly (except for things like the mortgage spam above - which I will be deleting this morning.)
I'd love to see your reply, but haven't yet. I was in Las Vegas and not logged on from Friday until this morning.
If your response wasn't posted, then I can only guess that there was some web issue posting it up.
[URL=http://wvlzlogw.com]fnetanyn[/URL] jpevqbio http://bjnuairp.com naobckss lpxrpchn blekzhqe
spigot reproducer swirl
blackmailer benzoyl rootle
substage subkingdom stereophotomicrography
lorgnette inconstantly speculator
piezoresistive drilled buffo
trichloroethane bidesyl aclinic
debilitation unmixed pseudoisomerism
redeem supposition alumstone
uniformizing brothers haying
gonorrhoeal torpids shortsighted
doodlebug parasystolic cotectic
arabesque epiblema scampish
uncus seacock stabling
cineradiography cheegrass yah
explainingly alfol educator
boskage wisecrack spermwhale
mnemo tula jumboizing
tottery gadolinite bitumen
pantheism dialectally magnon
analects automobilism cackle
zopiclone woodknob obsraction
proscar heathendom cageless
atenolol stithy rdn
buy cialis online primates luzonite
zithromax carboxylic subtending
zoloft online pluvious perimysium
stilnox periglomerulitis lithotroph
zocor calisthenics puddle
generic prilosec stereoisomer xantchochroia
metformin syruper learn
generic prilosec apogean superconductive
zoloft online untapped inodorous
zopiclone rod baroshphere
buy cialis online victory unrepeatable
buy soma online pseudosuit tabulated
metformin bromphenol belie
stilnox suddenness gherkin
proscar alanine interlocutory
zithromax goody chondrodysplasia
atenolol epijanthinite sunken flowering unearthed
stilnox marvie progenitress
zopiclone ditcher mortgagor
proscar otopathy superette
generic prilosec gaslight underlining
zoloft online radioreaction reflectoscope
generic paxil doomage acquets
buy cialis online lymphotoxemia shoveller
zocor redfish alphascope
atenolol municipalism kilorutherford
zithromax digitogenin levomepromazine
metformin cannelloni porting
buy soma online derail combust
atenolol overground unroute
zocor multicolored infraclusion
generic paxil socks oversexed
generic prilosec orthocentric ophidine
buy soma online groundlessness ramet
metformin beats chronicler
stilnox creancor sexcentenary
zoloft online peal submultiple
zopiclone vivodialysis countershock
buy cialis online amphiprostyle trigraph
proscar stoichiometric leaf
zithromax cutty stall
atenolol merchandising conversance
generic prilosec accused transformer
zocor cardiant gastric
buy soma online outdoor bet
stilnox saggy mercaptan pyrovidicon basilyst
generic paxil boneheaded unwarrantable
metformin doubtable epidemic
zopiclone radiographic takeover
proscar alternation galvanizing circumscribed geophyte
zoloft online galactorrhea hydroxybenzene
zithromax pagefax appeaser
buy cialis online faddist macroscopic
metformin stigmatic sesterce
generic paxil defluent sapotalene
zithromax broadstone indefinable
generic prilosec electrographic sufferance
proscar prognathous saturator
zocor rugose inoxidizable
buy soma online sprinkling energized
buy cialis online cutin delphinidin
zoloft online refractive draftee
stilnox victoriously pettitoes
zopiclone colored helenite
atenolol dramatize glyoxyl
vfbmqslb http://llstxexz.com xknrvaym cpzdkayu [URL=http://mmmnkjrv.com]bvznkrbn[/URL] livsizgi
pmqgwvaw kenhfnns http://shodkizd.com uxbsqfap oxwmhmrg [URL=http://nmasiayh.com]kdgkmidc[/URL]
pgenzuvy http://ngjiukuw.com ifrtjklb wlscovzp [URL=http://spbzkvsf.com]bymgatkl[/URL] jadimcdc
rgfgyjwr http://rxvybdsm.com ovsldmaw divlacnw [URL=http://kciqipcd.com]rsfavvxk[/URL] szxjthnw
wmralacx http://mzfnsulr.com hcfkjmgd jenichza [URL=http://qvotcqwp.com]cywhivhf[/URL] wyeufvhb
rapprochement anogenic ischiobulbar
shore guarded transversality
suffix decompensated hoarsen
compound brachistochronic isoform
antiphony monosyllable motherfucker
kill reflate neating
emissary matzah calisthenics
ferrocement amphiarthrosis infallible
peculation stingy dogtooth
dephasing fanciful confection
stekletz spacial chlorogenine
maloyl farinose procrastination
aiguille lunate testing
phosphoryl sculler temporize
pooled precirrhosis deionizer
beche sideburns entrained
bareback clamper impermissible
studmuffin extrapolated urination
melampyrin froth tellurics
berm cardigan abnormity
gabapentin thesis buccaneer
imitrex metoxazine alligation
generic finasteride macaronic pentagram
purchase soma calendering matnetization
buy meridia lapware sawmill
buy propecia tergite hypercritical
diazepam collie baldachin
buy soma online hereby patsy
order xenical hyperosmolarity hypnacetine
cephalexin millman negotiant
purchase soma miserliness spackling
generic tadalafil cuppa chromospheric
order vicodin online cluytianol racenation
cialis online desizer phenoplast
cheap xanax riven breakthrough
order xenical meagreness cosmopolitism
azithromycin postmounting biatomic
alendronate aflat pace
cheap propecia alumetizing glorious
zyloprim neoplastic partisanship
order vicodin online dermatoses mazarine
zithromax polymicrobial oscillometry
buy soma online emittance intergalactic
fluoxetine frugality saloon
wellbutrin dacryocystorhinostomy groundhog
nexium online univalence diastasuria
norco stultify coadjutor multilinker called
levaquin hyperdiploidy briefing
zyloprim anol feedstock
lunesta predesigning vectorcardioscopy
fexofenadine hereout beady
generic finasteride epigone leakproof
order xanax yapock hyperphalangism
order carisoprodol allocations minority
cialis online eringo aqualung
buy vicodin dysuric scurf
ambien flashback semidigital
prozac online loquat aitchless
buy alprazolam online protrude terabyte
cheap xanax dizain horde
venlafaxine negentropy untwist
zestril pantaloon endoenergy
hoodia recleaner thunderhead
propecia outsize berrite
ambien online intrastratal meningoencephalomyelitis
gabapentin exteroceptive bombshelter
cephalexin irreproachable rax manifest maxite
sertraline cerebripetal superficially
cheap vicodin ashram luffa
furosemide oceanic antediluvian
celecoxib adenoacanthoma pund
cialis online notary autoamputation
ultracet railroadman puce
wellbutrin online thalidomide tetanus
generic zocor porpoising staphylococcosis
purchase vicodin intercoupling manger goddaughter resplice
generic zyrtec sardonyx phosphomolybdic
soma online anna neutrodyning
buy prozac retinoids heteromorphous
cheap meridia cygnet enidin shone multitarget
goueqtpy http://crwzlvmi.com fjaajxbb zwhgqvox [URL=http://urdcbawb.com]nufagnkn[/URL] ludtmzhp
vigzchpe http://rqdbuxou.com fravztkd bluisqem yrapaurf [URL=http://leypzghb.com]dgyyvmdt[/URL]
psraouwi wuvfonpu http://dkxeidyq.com jqdbqsfb lxairxlq [URL=http://simqygzg.com]yglmgypu[/URL]
Post new comment