http://www.informationweek.com/news/showArticle.jhtml?articleID=175801215


Tallies kept by the U.S. government's computer security group show that Linux and Unix operating systems faced nearly three times the number of vulnerabilities in 2005 than did Microsoft's often-maligned Windows.

In the US-CERT (United Stated Computer Emergency Readiness Team) year-end vulnerability summary, Linux/Unix accounted for a whopping 2,328 vulnerabilities, about 45 percent of the 5,198 total.

Windows, on the other hand, sported just 812 vulnerabilities during the year, said US-CERT, or 16 percent of the total.

;)

In the end though, it really is just being knowledgeable about current threats and knowing how to keep your own system/network secure that will provide the most protection, whether using Microsoft, Apple, or open source products.

U.S. government's computer security group

I don't trust the government.

I don't trust the government.I have to agree with the above. Bush supports large companies, such as Microsoft. Linux, on the other hand, is mainly open source and thus doesn't have Bush's support. I for one rekon it's all nothing more than propaganda.

Woah now, that much ignorance in one small post is enough to overload anyone.

Its an interesting article but like most "news" articles posted at sites like InformationWeek , it doesn't have much to back it up. I wish the text contained more useful information. Particularly, I don't think its possible to assertain "Windows is a more secure operation system" from the data in the article without knowing more about the way in which the data was collected. For instance, there are hundreds of varieties of linux, and only a few versions of Windows. Does each distribution and feature of Linux contibute to the "vulnerability count"? Some background information on the research would go a long way to making this article worth my time.

I am getting awfully tired of the 10-15 line "snipets" I see every day on the internet that do very little to educate people. I usually skip over articles without, at the very least, one or two valid sources, and i encourage everyone else to do the same. :shrug:

Security comes from users knowing what to do and what not to do, i.e. double-clicking an "you must see this!!!" attachment in an email from an unknown person is something not to do, keeping your system updated is something you should do.

The fact that most home computers run windows means that most (well, practically all) viruses and adware are written for windows. Linux users are still a minority - and a minority with a certain amount of computer skills at that. That could change in the future as Linux spreads.

The number of problems Microsoft has had so far has led to them taking the threat seriously and trying to make a secure OS, no-one can deny that. Gone are the days of DOS where everyone had full rights to change all files and Windows 3.1 where a "feature" was added to the WMF file code that now is a serious vulnerability. Perhaps in the next version of Windows the UPNP server and Windows messaging subsysten won't be running in the background by default.
Linux developers certainly shouold take a similar attitude to security.

In the end, I use Linux whenever I can because I prefer its functionality - there are just worlds between a BASH and a WinXP "CMD.EXE".

...Windows messaging subsysten won't be running in the background by default.

This, at least, is already the case in Service Pack 2.

http://www.informationweek.com/news/showArticle.jhtml?articleID=175801215

;)

In the end though, it really is just being knowledgeable about current threats and knowing how to keep your own system/network secure that will provide the most protection, whether using Microsoft, Apple, or open source products.

Let's actually check the list shall we?

First of all, the list lists each exploit and lists each time the exploit was updated as well, counting the updates as 'exploits'.

Second of all, this list counts multiple operating systems as one. For example, while Windows 9x and Windows NT gets covered under Windows, Unix/Linux seems to incorperate pretty much every major distribution of Linux, BSD and throwing Mac OS X into the mix as well. Not exactly a fair comparison.

Third, this list seems to include programs running on the operating system itself as well.

Fourth, how many of these exploits actually caused any damage? A vulnerabilty does not mean anything if it was found, reported, and subsquently fixed the same day. The consiquences? Let's play by the rules of the article and have Linux, Unix and Mac OS X pigeonholed into one. Why don't we hear about them being explited more often, say, in the news? The only one that I can think of off the top of my head was the the "Great Worm" (http://en.wikipedia.org/wiki/Internet_Worm) back in '88. Yet every six months you get a new Sasser or WMF exploit with Windows that spreads rampantly and infects millions of computers. "Oh, well the installed userbase of Unix/Linux is much smaller than Windows." you say. I agree with you. Why were they grouped together in the article?

All software has bugs, but your assertion is wrong, underlying system architecture DOES matter. UNIX assumes that all software is out to murder your computer and you have to explicitly allow things. Historicly, Windows assumes that all software plays nice, and only in recent years has Microsoft focused on things like multiple user accounts, limited access, and locking down certain parts of the system you shouldn't be touching, something UNIX has been doing for YEARS.

What troubles me is that Microsoft seems to want to include things such as Antispyware and Antivirus in their next operating system, instead of going after the source of the problem. Why should the programs have the privilages to embed themselves in the operating system so deeply in the first place?

Therefore, the assertion that "Linux/Unix had three times the number of vulnerabilities", while accurate, is very misleading. It's spin.

Ah, there he is, the Linux fanboy himself!


What troubles me is that Microsoft seems to want to include things such as Antispyware and Antivirus in their next operating system, instead of going after the source of the problem. Why should the programs have the privilages to embed themselves in the operating system so deeply in the first place?

Apparently you haven't been keeping track of the development of Windows Vista. This is exactly what they are doing. Many applications and drivers are being moved from kernel mode to user mode, including Internet Explorer itself. Adding spyware and virus protections only increases security.

Arguing about how secure Windows Vista will be is pretty fruitless at this point. I hope Microsoft follows through with their claims but I won't start singing of the Vista revolution until its fully functional. Both of you are "fanboys" in that regard/ :shrug:

Aside from that, I agreed with most of Alexmax's points. Its not hard to tear apart an article that takes a single point out of any context whatsoever.

In all honesty, I don't think this thread would have gotten where it was if this topic was flipped the other way around. I bet alot would be said differently here is the Linux catagory outshined Windows. I could be wrong, but it seems like alot of the Linux fanboys wear their love for the OS right on there sleeve when it gets attacked, but could give a shit less when the integrity of Windows is. Its all based on preference really.

I like windows because its time tested, and I have a Multi-billion dollar corporation fixing seciurity exploits, while Linux has had how many companies doing their own distros of it now? This doesn't really reflect this crowd, but most of the people who bitch about the "big evil M$" are the same ones who were just pissed because their cracked version of windows wouldn't let them have updates. Mac is nice, but at least I can fix my PC myself if it breaks. No system is 100% secure, and this retarded ass ideological battle over which OS is better has no point.

People are going to keep using what they want until something changes that. Most hardcore computer guys are very stuck in their ways no matter what anyone says. As for letting software deeply embed itself into the system, first M$ is strict and lets nothing besides its own proprietary stuff run on its sytem(anyone remember the RealPlayer lawsuit?), then they let everyone in and people bitch anyway. Pardon them for allowing a nice flexible system.

Ah, there he is, the Linux fanboy himself!

Apparently you haven't been keeping track of the development of Windows Vista. This is exactly what they are doing. Many applications and drivers are being moved from kernel mode to user mode, including Internet Explorer itself. Adding spyware and virus protections only increases security.

I'm glad to see you agreed with the rest of my post, since you didn't bother responding to most of it.

My tiff with Antivirus and Antispyware is a disagreement with that kind of software in general, rather than a beef with Vista itself. They're a necissary evil, but they shouldn't HAVE to exist in the first place. It's essentially bailing water out of a leaky boat taking a week to fix the holes that shouldn't have been there in the first palce. I hate antivirus software, and I use AVG because it's the one that is lightest on resources, not necissarily because it catches the most.

As for Vista, they are of course making changes to the underlying system, and once I get a general concensus about what it ACTUALLY accomplishes in practice, I'll stick with XP. I don't really see a good reason to upgrade immediatly, seeing as major things like WinFS will be backported to Windows XP anyway.

As for Internet Explorer, any security enhancements to it are great for the underlying MSHTML.DLL that gets called by other programs, and that's always good, but I'm stil using Opera, not because it's more secure, but it has so many features that I can't live without.

And as for the Linux fanboy, it's really "former linux fanboy". I appriciate Linux for being an easily accessable UNIX-like system, but it has its own share of problems and set of inconsistancies that pisses me the hell off. Each operating system has it's own merits.