Re: I am so glad ..
@Miek : I'm all for promoting Open Source, but your argument is invalid. You are changing an apples to apples comparison to an apples to oranges comparison. Comparisons need to be fair and based on what we know, are you suggesting we should compare MySQL SQL Server's known vulnerabilities againt a hypothesised figure for SQL Server because you don't like the Microsoft way? Or perhaps we level the playing field and guess how many vulnerabilities we don't know about for both? It would be fantastical to suggest we already know all MySQL vulnerabilities, how are we to determine the figure of that which do not know? Either way, it is not going to produce an unbiased and skewed result. Just like anything else, we have to work with the knowns, not the unknowns.