Slashdot Mirror
Linux Sux Redux: A Rebuttal
SmooC writes "This is SecurityFocus's reaction to Fred Moody's article, claiming that NT is more secure than Linux. Ran on slashdot last wednesday.
Ben Greenbaum who manages the Microsoft Focus Area, sees it from a different perspective."
I'm sure somebody here will brood over this, make Fred Moody dart boards, and send the guy hate mail till he dies. Actually, that's one of the things I love about slashdot... there's always some bitter old fellow waiting to remind you of stuff like this. You know the sort of post:
IBM!?! I was working tech support for an accounting company when they took over Electronic Typewriters... bastards changed the mountings on the platen knobs, wouldn't return our letters, and we wound up having to hire a guy to carve new ones! Cost us nearly $15, and then the guy got drafted... I'm telling you, never buy IBM!
"The best we can hope for concerning the people at large is that they be properly armed." - Alexander Hamilton
As a matter of fact, if you read the footer notes for the article Mr. Moody wrote, you'll see the reasons of his statements.
It matter of factly says that he wrote the book:
"I Sing the Body Electronic: A Year with Microsoft on the Multimedia Frontier".
Now if that doesn't show bias i don't know what could.
--Justin
I'm working on it.
I sent an email to ABCNEWS asking them to ban him, but I doubt that will happen. I did point out the flaws in his arguements though. I haven't received a respounce as of the writing of this.
I wish you had considered your words more carefully. The word "ban" is loaded (and not what you are really trying to say) and using it effectively pushes everyone's buttons, especially in the media. It smacks of censorship.
What Mr. Moody has done is act in an unprofessional manner (by deliberately spreading misinformation). His lack of 2nd grade mathematical skills has demonstrated his lack of qualification to write about any technical subject. Not that it is necessary, as the arguments he uses and the conclusions he draws do this stunningly well also.
He should be fired for incompetence, or at least reassigned to a job more worthy of his skills, perhaps as a movie critic or janatorial assistant.
One thing is certain, by employing him as a technical writer (or pundit) ABC's reputation with respect to technical matters suffers tremendously.
He shouldn't be banned for writing whatever he wants, however, his employment should reflect the quality of his work, i.e. none.
The Future of Human Evolution: Autonomy
You might want to check out ABC New's very own Linux FAQ - some of the innacuracies are quite amusing and suggest a general cluelessness at ABC as a whole. The URL is http://abcnews.go.co m/sections/tech/DailyNews/linux000403.html.
... Eazel - that'll be the people making one key application that will be the new file manager shell in Gnome 2.0. Not that Gnome isn't already a viable easy-to-use interface.
...
Some notable cock-ups are:
Linus isn't in charge of Linux any more, but his opinions are taken very seriously by Linux developers
Hmmm, arguably he never was `in charge' of Linux as it's licensed under the GPL. However ABC seem to be implying he's taken a back seat, which will come as a surprise to readers of Kernel Traffic.
The core of Linux is a text-based operating system, like DOS. But several different competing graphical interfaces have sprung up to make it friendlier. They look like a streamlined version of Windows or the Mac, generally with bigger icons and fewer shadows
I can see a DOS / Unix shell comparison being valid given the likely cluelessness of ABC's regular readership, but they clearly haven't got much idea about the X Window system and its relationship to desktop environments, etc.
It may soon become easier to use with a product called Eazel, being developed by several of the original programmers for the Macintosh. They claim that they'll be able to put an easy-to-use face on Linux
Hmmm
Critics of Linux say that the software is a "perpetual beta" - always under development, always mutating, always buggy, and never quite ready for prime time
Critics (like good old Fred Moody) might say that, but most people writing crass editorials aren't experts in any field, let alone Linux. And if it's so buggy, why have I spent the last four years working for big companies where Linux is increasingly the server OS of choice thanks to its stability and flexiblility? My current employer doesn't have anything but Linux on the servers - including file, print and database servers, not just our firewall or web servers.
What applications are available? Lots of server and Internet software, but little else
They might want to check out freshmeat.net - not all that stuff can be vaporware
The three biggest Linux companies are Red Hat (partially owned by Intel), Slackware, and VA/Linux
Now I stand to be corrected on this one, but Slackware - a company? And waht about SuSE or the makers of TurboLinux? Do I detect classic signs of Yankocentricism in this great American institution?
Linux is a complex system, and tech support is usually a must
For a newbie, yup. But I've yet to come across a company or cluefull user that needed tech support.
Chris
Windows has update features..
According to Microsoft, this update will let you update drivers, security holes and other updates needed..
I got a windows 2k machine and guess what? from all the fixes that appears on SP1, only 1 appeared here (which wasn't even related to my configuration!)
Give me a break!
Hetz (Heunique)
90% of it is not
...dave
(moderators : correct: Funny, incorrect: Offtopic)
Think different? I'd be happy if most people would just think...
using the numbers to say that linux is not less secure than, and therefore more secure than nt.
No, that's not actually what he's saying. He is simply saying, "These numbers don't provide enough foundation for you to conclude that NT is any more secure than Linux is." He isn't implying that Linux is more secure than NT is - he is simply saying that you can't argue NT is more secure than Linux based on the numbers Moody used. That isn't to say you can't make arguments that NT is more secure than Linux, only that misusing a set of BugTraq statistics isn't good proof to back up your claims with.
It's sort of like a court trial - being found "not guilty" is NOT the same as being found "innocent." Being found "not guilty" simply means the evidence didn't meet the burden of proof. Being found "innocent" means you are completely exonerated and that the evidence shows that there is unequivocably no way you could have committed the crime (you were out of the country, in jail, physically incapable of committing the crime, etc.).
I'm not criticizing the article; I'm criticizing Slashdot for their editorial choices. Would you ever see such an article linked to a debunking of a 'Linux rulz!!' article? As a matter of fact, I bet that if it ever came across Slashdot's editorial 'desk', it was promptly ignored.
Eighty-four bugs max.
This also includes RedHat:
Moody cannot count!
The Slashdot traffic sometimes temporarily pushes us past the amount of traffic we can handle and still have a reasonable response time. I'm working on some upgrades to address the issue.
Hah, it soudns good on paper..er a web forum, however try making it a reality. It's scraping that line in between impossible and never happening. The "major" news sites aren't going to care what a bunch of intelligent, insightful consumers. They're only going to care about the big majority of the public, all of which doens't seem to concern Linux much (YET). I'd be great if someone big replied with a counter article to one of those news sites. (Hell, wake Katz up. The rest of the world loves him... and so did Slashdot a year or so ago when he was introduced here... Just read back a long, long time ago when Taco posted Katz's welcome. It's quite funny to compare it to how everyone treats him today). But anyways, I'd love to see ABC rebuttle the article and post changes and additions, but I doubt it's going to happen. ;(
I'd be great of Securityfocus would contact ABC or one of the other news sites and proved he had no integrity, and that he was wrong in using those statistics completely :-)
oh welp. Cheers.
Who's the black private dick, who's a sex machine for all the chicks?
This AC comment looks like a cut & paste from a kernel traffic article where someone was bemoaning the lack of zero copy trnsmit in Linux' TCP/IP stack. The fact it's posted anonymously smells a bit fishy as well, 'cos if I remember rightly the KT article went on to discuss why the complaints were not really valid.
I'll try and find the relevant Kernel Traffic issue when I've got a spare five minutes.
Chris
Moody wrote the flamebait:
and now Greenbaum has taken the bait. Here is the (justified) flame: It's an open and shut case.---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
> He never substantiated this informant, of course.
I have a secret informant who tells me that Moody's secret informant was a hand named 50ck Pupp37.
--
Sheesh, evil *and* a jerk. -- Jade
So is my toaster according to his point of view.
Where can I get what Moody's smoking? Nice name Moody. Does he switch his position to favor Linux security when his Aunt FLOW comes to visit?
You are a unique individual...just like everyone else
Sig it.
How can a product so inflexible be more secure...When a security hole is found in NT, it is not an easy task to remedy, while with Linux, it takes little effort...
How Jaded Are You?
--
Time is Nature's way of keeping everything from happening at once... the bitch.
I suspect you didn't read the article. This response wasn't taking issue with Moody's conclusion. Instead, it demonstrated that Moody made a naive mistake by adding up all of the stats for all of the Linux distributions. Meaning that bugs shared between Debian and Redhat counted twice. The aggregate Linux total (which is what Moody should have used, since it counts Linux bugs once, even if they appear in more than one distro). The Linux aggregate score shows Linux has *less* security bugs than NT.
Amen to that my brother. It's all about the clicks baby... it's all about the clicks. Hype, incite, troll and create buzz for the clicks. The Net is now being run by the suits... the mainsream media, who has never really been too concerned with the facts, rather the viewing audience. It's all about the clicks.
I think it's actually a shame that we even have to respond to this, it's almost like trying to reply to a slashdot troll, you are basically doing excatly what he wants...generating even more buzz...buzz buzz..click click....welcome to the Internet year 2000.
Nice, polite commentary on basic bugtraq definitions. One small sideswipe at an author conclusively demonstrating he didn't read his homework assignment at all carefully.
Ed Craig "Who cares what you think?" George W. Bush, 4th of July 2001
Rejoice in the fact that Moody has once again shown himself in the truest light: Bill Gates' lapdog.
This is the first anti-Linux article I've read from him which can be so easily rebutted and turned around to debase Windows using his own argument.
The sadest part is that new stories like this don't last in peoples mind longer. For a brief period anyone that cares will know Moody for what he is: a crappy journalist with low integrity. But four or five articles from now, all will be forgoten and we'll just start it all over again.
http://windows.scares.us
This has little to do with inherent "bugs" or vulnerabilities in the operating system and everything to do with a lack of knowledge and proper system configuration.
It's also far easier to utilize a newly hacked Linux system for evil than it is to do the same with NT, so Linux tends to be more of a target. And if you stupidly set up an insecure system and advertise its presence to the world, it will be a much more tantalizing target.
Another nice feature of this site is a complete lack of a forum system to give feedback on articles or discuss with peers... Is this intentional? msnbc.com and cnn.com both have had these features pretty much from their inception. Perchance ABCnews.com should rethink their user participation.
fslg503-985-8686503-985-8686503-985-8686503-985-8
> I think it was a troll, because he didn't even come close to scratching the surface on all the reasons why Linux sucks.
Damb straight. But it sucks less than most of the competition in my price range, so I'm sticking with it for now.
> All the ditributions are too fat or too skinny.
Well, if you think the Papa Bear and Baby Bear distros have it all wrong, you might be able to get rich by starting a Mother Bear distro.
--
Sheesh, evil *and* a jerk. -- Jade
Who are you going to trust more:
- An ABCNEWS columnist
- The Manager of Microsoft Focus Area for Security Focus?
I don't know, but I'm thinking that them ABCNEWS dudes are pretty savy. Security Focus has nothing on them, man. Especially the ABCNEWS columnists. Whoa, like, dude: The are like, so totally computer smart. I mean, like, who's ever even heard of Security Focus before today?
Dude out, dude, man.
on the contrary, a person who is a spokes person for a large news organization is given a huge ammount of trust... most readers will take his conclusions as truth (incorrectly) but the fact is that he's being irrisponcible. He has just the same right to say something false or unfounded as I do, but what I say isnt automatically assumed to be true by most people who read it. The news organization needs to watch for integrety of it's articles, or else they risk turning into the Weekly World News.
Unlike present-day mass media, slashdot discourages the posting of stirred dung (well, mostly).
I sincerely hope this model will be developed into something that can be used by the masses. It would probably not work the same way (imagine all the penis birds...), but were going the right way.
Kiwaiti
Member of the Legion Of Microsoft Haters
dunno about guidescope, but IIRC, junkbuster doesn't even forward requests to the adfarms and so denies them the hits.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
Moody must have seen that he screwed up. As of today in the middle of the article where the supposed "122 exploits" were mentioned, it is now corrected to 84, and there is this note on the page: . [Please note: Upon further research, I realized that my original numbers were a bit off. The numbers above are new and revised. Fred Moody, 8/4/00.]
They told me to install win95 or better, so I installed linux
I wish I could troll like Katz & Co.
Yes, we've been experiencing degraded performance today due to the Slashdot traffic. I'm working on some upgrades that should help with that.
Further research?
Oh well...
Atlas stands on the earth and carries the celestial sphere on his shoulders.
Moody, we are good at mathematics, so you can't cheat us! Let's see - you're not using the same definition of the + operation on all the operating systems!
If the total number of Linux bugs is that of RedHat + "other Linux flavors", then the total number of NT bugs should be the total of:
NT 3.51 gold + Sum(j=1 to 18) NT 3.51 SPj + NT 4.0 gold + Sum(i=1 to 6) NT 4 SPi + Win2000
which rounds down to roughly 100,000...let's put it to bugtraq!
The bad thing is, even though we /.-ers know that his article is totally baseless, the general public who read the article may not. We have to force ABCNews to post some corrections (plus maybe the link to Greenbaum's response), because the article is obviously violating journalistic integrity. In addition, it will be better to have the major news sites like CNet or ZDNN to cover this. The more publicity we get about this, the better so that more of the general public know that Moody's argument is wrong.
"Here's an article saying Linux sucks. It may not be cool hearing that, but the numbers pretty much hold up... Oh, and that other article about how sucks big donkey balls was actually bogus. Score one for Microsoft."
Before someone says, 'It's because these articles don't exist', know that I don't subscribe to your narrow-minded view of the world.
If you look this list over, and measure each system's number of vulnerabilities against the number of its customers, Linux is arguably the worst operating-system product in history, and Microsoft's the best.
Not even. If you go by just the figures he quoted, NetBSD is the best not Microsoft.
Retarted writers
Hey guys and gals, I thought I should share my thoughts after reading Mr. Moody's column on Linux. Go take another look at his column; when you do, take a look around the site, you can send feedback.
Don't know who at ABC, if anyone, will read it, or what the reaction will be. But voice your opinions! Be concise, clean, amusing, factual and well-formatted, otherwise the editor won't even bother reading it.
Without further ado, here's what I sent to ABC:
Mr. Moody clearly owns Microsoft shares. Or he enjoys products that perform only with mediocrity. I wonder if Mr. Moody drives a Hyundai and praises its virtues similarily to those of Windows.
I'm new to Linux, but I'm not new to UNIX or to computers. In fact, I signed up for my first Internet access in 1988, at the tender age of 14. Back then, it wasn't called the Internet, it was called ARPANET. I've seen a lot of changes, since I've been online longer than Yahoo.
Now, while I don't think I'm ready to praise the virtues of Linux as a desktop environment - I still run Windows 95B OSR2 for that - but I'm pleased to say that I've formatted my server's hard drive and have replaced Windows NT 4.0 with RedHat Linux 6.2.
Sure, the learning curve has been steep. Sure, I've had frustrations. And sure, the operating system completely lacks the polish and refinement of Windows NT. This is primarily why I don't feel it's ready for mass desktop deployment. But, on the other hand, in a server-duty machine, it really shines.
Linux is an operating system by computer geeks and for computer geeks. It is therefore full of technical tools and features that would cost thousands of dollars to buy from Microsoft. It's far more configurable than Windows. It's a UNIX derivative, meaning it's closely related to the most core architecture of the Internet. Being a UNIX family member, it's also a multi-user operating system, with all the related user sercurity features and sophistication that are inherent to a multi-user platform. Compare that to Windows, which is merely a multi-tasking operating system.
And, I'm sorry, but by nature of the fact that it's an open-source operating system, every bug gets detailed, documented and fixed. While a Microsoft user might have to manage a complex set of variables in order to find a given "undocumented feature" of Windows, a fresh pair of eyes looking over a chunk of source code can in minutes reveal errors that might never be spotted in Windows.
None of today's software can or will ever be perfect. Implementation of libraries, millions of lines of source code, dozens of different platforms and operating system variables all can contribute to creating weird behavior. If there are 10,000,000 lines of code and they're 99.995% right, there will still be 50,000 bugs.
Better to have those bugs discovered in advance of exploits and/or lost data. Better to have those bugs addressed by thousands of developers working together in a collaborative manner, bringing together the best of talents in a relaxed setting. Better to be able to have the source code and not rely on Microsoft's small (in comparison) team of developers.
I'm sorry that Mr. Moody feels the way that he does. I'm sorry he couldn't research his article more objectively. And I'm sorry that ABC's editorial staff apparently don't live up to the image of impartial professionalism that I had expected.
I would have expected to see an article like that coming from the people at MSNBC, who brought us mainstream tabloid journalism like Dateline NBC; not from the fine news agency that brings me Peter Jennings and Ted Koppel every night.
Fire and Meat. Yummy.
If you want to hit ABC where it hurts, you would have to convince the advertisers that you won't buy their products because they advertise on ABC. -- I'm not saying that will be effective, but it would get their attention...
Here is the paragraph with the bug numbers:
BugTraq keeps these statistics on 22 different operating systems, from the mainstream Windows NT to various exotic flavors of Unix. Given that Microsoft's product is the runaway market leader, it is not surprising that it leads in vulnerabilities: In 1999, the year it took over the server market in earnest, Windows NT totaled 99 new vulnerabilities on the BugTraq list. (So far in 2000, the count stands at 37.) This looks like an alarmingly high number in comparison with Solaris' 34 or NetBSD's 10, but it is scarcely more than the 84 racked up by Red Hat and the other Linuxes (their 2000 count stands at 30). And the NT number is inflated by BugTraq's inclusion of IE vulnerabilities, since it considers IE part of the operating system. [Please note: Upon further research, I realized that my original numbers were a bit off. The numbers above are new and revised. Fred Moody, 8/4/00.]
My guess as to what prompted this knee-jerk reaction: the IDC server software revenue figures. I don't have a URL but in a nutshell, units have soared but revenue is flat - thanks to the frightening growth in Linux servers. Microsoft are not at all happy about this and are desperately looking around for a reason to gain the upper hand in mindshare.
No doubt our Ed got a call and agreed (or decided) the best way to spearhead this quick FUD campaign was to put out the message that Linux is buggy. Anyone considering getting a Linux-based server would then think "uh-oh" and go back to safe, reliable old NT.
Of course, Microsoft have shot themselves in both feet by rushing this one. First, Moody's credibility has been given a serious dent - not the least of which because he can't (or won't) add properly. Secondly, the author - who's neutral - says he's impressed that the Linux community has "done an admirable job" in making a better product. So exactly the reverse effect has been achieved - Moody is seen as a Microsoft zealot and the Linux community is seen as full of reasonable, honest adherents.
Go Fred go! I look forward to your next piece on why Microsoft license agreements are so easy to understand...
--- Hot Shot City is particularly good.
I don't see security as being an operating system issue. It's really more of a human issue.
Most of the exploitable holes could be avoided by careful planning, firewalling etc...
Choice of operating system is but a small factor in assesing the secureness of a system.
Linux Sux Redux: A Rebuttald y.html, in which he claims that
by Ben Greenbaum
Thu Aug 03 2000
This is in response to an article posted at abcnews.com by Fred Moody, available at:
http://abcnews.go.com/sections/tech/FredMoody/moo
Linux is a far less secure operating system than NT, based on his interpretation of the
Bugtraq vulnerability statistics.
From the very start, I would like to proclaim that I am not a Linux zealot, or for that matter
an ardent defender of any OS. I manage the Microsoft Focus Area here at SecurityFocus. My
personal machines at home run on various flavors of both MS and Unix operating systems.
Different OS'es have different strengths, and I freely and gladly use whatever is best in my
experience for the purpose at hand.
The problem I have with Mr. Moody's article is not the conclusion he comes to, although I do
disagree with it. It is instead a problem with the methods used to reach that conclusion.
The author is writing about the results of the Bugtraq vulnerability statistics page at:
http://www.securityfocus.com/vdb/stats.html
These statistics are meant for general interest purposes. The text on the statistics page
clearly states:
"The statistics should not be taken to imply that some particular operating system or
application is more or less secure than another one."
However, these stats are for public use, to be interpreted as the user sees fit. As with any
statistics, they can fairly easily be twisted and misrepresented to support whatever goals the
author may personally have. This is to be expected to some extent any time statistics,
especially unscientific statistics, are used to prove a controversial or questionable point.
The worst situation by far is when the statistics are not only "massaged" to serve personal or
corporate goals, but interpreted incorrectly in the first place. The Bugtraq stats have been
used and referenced in various articles and endeavors, with varying degrees of accuracy. The
most egregious example of misuse and misinterpretation by far to this point is in the article
referenced above, where Mr. Moody states that Linux is the most insecure OS available. This
is based on a gross misreading of the available data.
To wit: (regarding statistics for 1999)
"122 racked up by Red Hat and the other Linuxes "
Whereas the actual statistics are:
[image table here]
All Linuxes combined: 84
RedHat only: 38
Which, as you can see, add up quite neatly to 122, the number of vulnerabilities claimed by
Mr. Moody for "RedHat and the other Linuxes". So now, we pause for a brief explanation of
the word "Aggregate". First, from the text of the page itself:
"Where we display aggregate number of vulnerabilities (Linux and BSD) the number is the
size of the set that results from the union of all vulnerabilities for the components without
duplication. Vulnerabilities are not counted twice."
The numbers for "Linux (aggr.)" reflect the total number of reported vulnerabilities across all
distributions of Linux; if it's a Linux, it's in there, RedHat included. Also, if the same
vulnerability is present in more than one distribution, it counts once. Therefore, for a
representative number of all known Linux security bugs, one would only look at the Linux
(aggr.) statistic.
Therefore, since 84 (for Linux) is demonstrably less than 99 (for NT) I submit that these
statistics can certainly not be used to prove that Linux has more vulnerabilities than NT.
Mr. Moody ends his article with the sentence:
"As Linux zealots are beginning to find out, it's a lot easier to masquerade as a better product
than it is to go out and be one."
I agree with that statement, and I believe that the Linux community has done an admirable
job in many ways on both counts. In closing, I propose to the security community and to Mr.
Moody that what is true for products is sometimes true for journalists as well.
Ben Greenbaum
Director of Site Content
SecurityFocus
bgreenbaum@securityfocus.com
Some posters are not remembering why the phrase "Linux sux" was mentioned. Moody wrote a previous flamebait article with this line back in 1998 and got roasted on slashdot. Moody had claimed to have a secret informant who had to use Linux but was afraid to speak out the "truth", that "Linux sux". He never substantiated this informant, of course.
Mindcraft/Netcraft, the huge thing about SAMBA being better on NT than Linux. Due to the hue-and-cry generated about it (they apparently called the wrong number for Linux tuning advice, so Linux wasn't tuned at all, MS send system engineers, etc, etc), they re-ran the tests, and MS won. And /. posted it.
"Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
Anyone remember the "report" from 5 years ago that said 90% of the Internet was pr0n? Time did a big 'ol article on it, the report wound up on the Senate floor, etc.
Too bad the data used for the report was completely wrong.
Too bad that report is still probably being used to decry the evils of the Internet.
No matter how many rebuttals there are, it won't stop the fact that Moody's article is out there. We must demand a correction from Moody or abcnews.com that also gets linked to the original article. Otherwise, 3 years from now, this will come back and bite us again.
-- Ever notice that fast-burning fuse looks exactly the same as slow-burning fuse? I didn't... (Edgar Montrose)
Tell us, oh omnipotent one, who or what is the One True Source of unbiased OS reviews?
I'm waiting....
Still waiting...
Journalism when taken on a very large average can be considered to reflect community views which are also biased of course. And it reflects them mostly because if it does not noone will read it or listen to it or view it. But there is no such thing as unbiased mass media.
And to conclude IMHO, you are an idiotic fanatic. Grow up.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Instead of a rebuttal, which I don't think Moody's article really deserves since it would be considered flamebait to anyone that can add, I propose something different. When something that bad comes up, everyone on /. should follow the banner adds from the page Moody's article is on, find customer service on that site, and tell them exactly why you visited the site. Explain that their advertisement was on page spewing FUD, and that they have consequently been affected by this. Explain that their banner ad went to waste because you have no intention of spending your money with sombody that supports those idiotic views. Also explain that you don't care that they don't have editorial control over the content, they do have control over which editor's sites they spend ad money on.
t
Here is a mirror that will undoubtedly go down fast. Enjoy it while it is up ;0).
Greenbaum article
http://198.86.162.43/greenbaum.html
Which way now? Down.
Does anybody believe that Moody's "article" was intended to do anything other than generate page hits, rile up Linux users, and get them to send scathing flames that can later be used to show the "immaturity of the community?" Personally, I would have rather seen Slashdot ignore this story altogether. Anybody who knows anything about Moody's past associations and opinions knows that he has a clear agenda, and that agenda does not particularly care for the success of Linux.
IMHO, while it's good to write a rebuttal to an obvious nonsense article, it's also probably giving Moody's troll a bit more attention than it deserves.
We're going down, in a spiral to the ground
The guy clearly states that he does not care about the conclusion of Moody's report ("Linux Sux"). In fact, all he did was to criticize the statistical method of taking numbers which clearly overlap and add them together to produce a highly inflated number. That isd all he said. I think that is an extremely fair comment. You don't have to be a journalist with integrity to appreciate that.
How we feel about the conclusion that "Linux Sucks" does not matter at all!
Fred Moody logic:
Witches burn
Wood also burns
Witches must be made of wood
Wood floats
Ducks float
Ducks must be made of wood
If a person weighs the same as a duck they are a witch.
If you want to compare bugs between os's then tally the total number of apps/utils provided with each and then compare the bugs as a ratio of bugs to apps/utils. Most Linux distro's come with thousands of apps/utils. How many apps/utils come with NT?
-=-=-=-=- osjedi uses Debian GNU/Linux. -=-=-=-=-
Dear Mr. Parrot, I am writing to inform you that you are in violation of my client's copyright, and have published trade secrets of their proprietary product, "CobolOS 2000".
Please be advised that my client is prepared to take any legal action necessary to prevent this from occurring again.
Sue D'Helloutayou
Senior Partner
Dewey, Cheatham, and Howe, P.A.
---------------------------------------------
SERENITY NOW!!!!!!!!!!!!!!!!
Fred Moody is to Jesse Berst as a court jester is to a soulless accountant.
...so it doesn't even matter that his argument was flawed.
That is to say, exactly why do we care, again?
However, it is funny that Moody can't even get his statistics right.
I guess he was just being Moody about it...
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
The stats page Moody pulled his numbers from ALSO shows *IE* (one package!) having more reported bugs than all of RedHat 5.2. If he actually believes these numbers are accurate, why support a company that makes ONE PRODUCT with more reported bugs than an entire OS?
creation science book
Watch out for false prophets. They come to you in the media's clothing, but inwardly they are ferocious trolls. By their OS you will recognize them.
Ignorence is blis.
Yeah, at least that would mean no more articles by Eric Raymond .... oh, you mean a "hidden agenda" that you don't already agree with. Yeh, let's silence all dissenting opinion, that way we need never learn anything that disconcerts us.
-- the most controversial site on the Web
They are looking for banner clicks...
Most news websites pull traffic to get visits. Visits turn into banner clicks.
So what to do? Well don't click on the banner ads.
It's a little hard to stop the angry mob from visiting but it's a good idea to tell them not to click on the banners.
What you mean they'll lissen? No not really... they won't click on banners anyway.. but Moody et all will look at the pees and then check banner stats.. and sure enough... the additional traffic generated NO additional banner clicks.
They may even see a significant number of them didn't even load the banners at all (Banner filters are your friend)... and some didn't load ANY GRAPHICS WHAT SO EVER!!! (All hail Lynx)...
Just bandwith and load... increasing costs without generating additional revenue....
I don't actually exist.
"Many have said, that the government or the state, is theft. This is true. Even the best of states are a protection racket. These rackets are far more dishonest than unlicensed organized crime (the mafia, etc.). "
"The international style state is inefficient, to the maximum."
"However, a war against the Super State must be fought to the finish. Your ammunition is readily available. Cut economic support for the Beast. In short, starve the bureaucrats out. "
"The greatest help for the White race today, would be state and national legislators, that run on a platform of no new taxes, coupled with no new laws. To enact new laws, guarantees more taxes. Do you see how simple it would be?"
"Logic: Any program or method that circumvents taxes is a White revolutionary act."
"All tax avoidance, in any way, helps to bleed and weaken the Beast. Your sweat and hard earned wages are the source of power that is used against you. In short, the old adage applies. \"The power to tax is the power to destroy.\"" [Heinlein!!! "The Moon Is A Harsh Mistress"!!!]
"The underground economy is a fabulous mechanism, and well-suited to White survival."
"Remember that the underground economy is seditious to our enemies, but a great weapon for White racial advancement. Again, bleed the Beast. Spread these ideas among even your non-racial contacts, since all tax avoidance and underground economic activity, directly helps our cause. It is easy and it is fun! Use your imagination, and start your war today."
...resources online. For example: FOCUS on Linux: Intrusion Detection on Linux is equivalent to the Koran for system security administrators.
M$: "We're #2!"
Since the BSD license is even more open than GPL (i.e. "here's the code, do what you want with it, and now you don't even have to publish any credits"), why not just dump the whole Linux source tree and replace it with FreeBSD? Just get the Linux compatibility stuff working better and no one will ever know.
can we just mod moody's article as flamebait? his only evidence is that bugtraq lists more linux bugs than NT bugs. of course it does... that's because the linux community uses bugtraq and open review to fix bugs, and microsoft's "bugtraq" is a closed system that happens behind closed doors in redmond.
windows 2000 gold was shipped with over 10,000 known, documented bugs. and no, they're not listed at bugtraq.
i could go on and on (index the # of windows bugs in the knowledge base, closed source bugs vs open source bugs) but i've already given this flamebait more attention that it deserves.
whatever you do, when you read this article, don't click through the banner ads. then he's won.
--
What happens when you outlaw guns
I couldn't look at Katz's last article, because I now filter him out of the homepage entirely. User Preferences, check the box next to Jon Troll^H^H^H^H^HKatz's name, click save.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
According to you MS advocates can outright lie, because, hypothetically, if any of the open source leaders were to lie too then we would defend them.
This is not true for several reasons.
Open source leaders are too busy programming and leading the open source movement to actually even care that much about Microsoft. Do you really think that Linux or Alan even think about Microsoft that much?
But I bet you Billy G. was groups comprised of dozens of people that are devoted to monitoring Linux and producing weekly summaries and reports for Microsofts top executives. Linux is cutting into Microsofts server revenue, so it is getting a lot of attention from Redmond.
If our open source leaders ever did spout insane statistics like Mr. Moody then I would be the first to point out the inacurracies. These people are our leaders because they are smart, good with others, and don't lie. If they weren't they wouldn't have very many followers, now would they?
Since the basic primise of your argument is wrong, which you freely admit yourself, then the rest of your arguments are wrong as well.
Free speech doesn't mean that you are free to lie. And editors that allow their writers to continue lying, when the customer is compaining about those lies, don't remain editors for very long.
-- Never make a general statement.
One small point I wanted to have clarified. As I understand it the only bugs that are (and should) be reported are bugs in server system software or security software, not every 'bug'. If it was every bug the database for all OSes would be gargantuan.
Fsck cluebie moderators. I'll say what I want, offtopic or not. And fsck having to qualify every bloody statement just
Isn't this the whole damn reason everyone stopped using windows in the first place? Because their marketing is better than their product. I think Moody got it right, even though he thought he was saying the opposite.
There *is* a program I enjoy using on windows... It's called FDISK.
Well, you asked for it. Here is the full text of the article. Can you say copyright violation?
d y.html,
Linux Sux Redux: A Rebuttal
by Ben Greenbaum
Thu Aug 03 2000
This is in response to an article posted at abcnews.com by
Fred Moody, available at:
http://abcnews.go.com/sections/tech/FredMoody/moo
in which he claims that Linux is a far less secure operating
system than NT, based on his interpretation of the Bugtraq
vulnerability statistics.
From the very start, I would like to proclaim that I am not a Linux
zealot, or for that matter an ardent defender of any OS. I manage
the Microsoft Focus Area here at SecurityFocus. My personal
machines at home run on various flavors of both MS and Unix
operating systems. Different OS'es have different strengths, and I
freely and gladly use whatever is best in my experience for the
purpose at hand.
The problem I have with Mr. Moody's article is not the conclusion
he comes to, although I do disagree with it. It is instead a problem
with the methods used to reach that conclusion.
The author is writing about the results of the Bugtraq vulnerability
statistics page at:
http://www.securityfocus.com/vdb/stats.html
These statistics are meant for general interest purposes. The text
on the statistics page clearly states:
"The statistics should not be taken to imply that some particular
operating system or application is more or less secure than
another one."
However, these stats are for public use, to be interpreted as the
user sees fit. As with any statistics, they can fairly easily be
twisted and misrepresented to support whatever goals the author
may personally have. This is to be expected to some extent any
time statistics, especially unscientific statistics, are used to prove
a controversial or questionable point.
The worst situation by far is when the statistics are not only
"massaged" to serve personal or corporate goals, but interpreted
incorrectly in the first place. The Bugtraq stats have been used
and referenced in various articles and endeavors, with varying
degrees of accuracy. The most egregious example of misuse and
misinterpretation by far to this point is in the article referenced
above, where Mr. Moody states that Linux is the most insecure
OS available. This is based on a gross misreading of the available
data.
To wit: (regarding statistics for 1999)
"122 racked up by Red Hat and the other Linuxes "
Whereas the actual statistics are:
All Linuxes combined: 84
RedHat only: 38
Which, as you can see, add up quite neatly to 122, the number of
vulnerabilities claimed by Mr. Moody for "RedHat and the other
Linuxes". So now, we pause for a brief explanation of the word
"Aggregate". First, from the text of the page itself:
"Where we display aggregate number of vulnerabilities (Linux and
BSD) the number is the size of the set that results from the union
of all vulnerabilities for the components without duplication.
Vulnerabilities are not counted twice."
The numbers for "Linux (aggr.)" reflect the total number of
reported vulnerabilities across all distributions of Linux; if it's a
Linux, it's in there, RedHat included. Also, if the same
vulnerability is present in more than one distribution, it counts
once. Therefore, for a representative number of all known Linux
security bugs, one would only look at the Linux (aggr.) statistic.
Therefore, since 84 (for Linux) is demonstrably less than 99 (for
NT) I submit that these statistics can certainly not be used to
prove that Linux has more vulnerabilities than NT.
Mr. Moody ends his article with the sentence:
"As Linux zealots are beginning to find out, it's a lot easier to
masquerade as a better product than it is to go out and be one."
I agree with that statement, and I believe that the Linux
community has done an admirable job in many ways on both
counts. In closing, I propose to the security community and to Mr.
Moody that what is true for products is sometimes true for
journalists as well.
Ben Greenbaum
Director of Site Content
SecurityFocus
bgreenbaum@securityfocus.com