Slashdot Mirror
WinInformant Says Windows More Secure Than Linux
nihilist_1137 excerpts from this WinInformant article, which reads in part: "For at least the first 8 months of 2001, open-source poster child Linux was far less secure than Windows, according to the reputable NTBugTraq, which is hosted by SecurityFocus, the leading provider of security information about the Internet. ... A look at the previous 5 years--for which the data is more complete--also shows that each year, Win2K and Windows NT had far fewer security vulnerabilities than Linux, despite the fact that Windows is deployed on a far wider basis than any version of Linux." I wonder how many sysadmins (Windows or Linux) would agree with this conclusion. Update: 02/04 16:54 GMT by T : Looks like the WinInfo site has gone down since the story was submitted, so you may have to content yourself in the meantime with the Bugtraq numbers. Update: 02/04 19:30 GMT by T :Several readers have pointed out that the conclusions WinInformant makes based on the Bugtraq data are not those of SecurityFocus; the headline has been changed accordingly.
Of course now we're going to get tons of people who say "Linux is just the kernel." Or "It's the distros that are insecure, not Linux." Or "It's apache/lpd/sendmail/wuftpd/bind/etc that's insecure, not Linux." But let's get our ass on straight here. Nobody posting here is just running Linux-the-kernel. We're all running Linux-the-kernel plus apache, plus userland tools, plus bind, plus sendmail, plus proftpd, plus etc. And we all tell people we are running Linux on our servers, and perhaps sometimes we'll say "with apache as our webserver." But ultimately it's "Linux" that is our OS. And all the mainstream apps that we include are part of that "Linux" that we tell people we use. And, yes, it is appropriate that we take our lumps on issues like this. This isn't a dick measuring contest, it's about running a quality IT enviroment and providing a quality service to our customers. Denial won't provide that.
And for those who really really want to argue that it's not Linux at fault, then make sure that you point the finger squarely where it belongs: at yourself! Right? I mean, Linux-the-kernel doesn't have any remote buffer overflows in it's webserver. It doesn't provide for local root escalation. It's the tools that you, the admin, are responsible for having in place there that are the problem. And since you obviously chose to put them there (via installing them with the standard RedHat installer, or dl-ing, compiling and installing by hand) you are the one who is responsible. So there.
"Paul Thurrott .NET Magazine. He writes a weekly editorial for Windows & .NET Magazine UPDATE (http://www.win2000mag.net/email) and writes a daily Windows news and information newsletter called WinInfo Daily UPDATE "
Paul Thurrott is the news editor for Windows &
nice timing with the windows security initiative
perl -MIO::Socket -e 'IO::Socket::INET-new(PeerAddr="some.windoze.box:1
No, dumbass, your grammar is poor; mathematics is a singular concept, not plural, thus requiring "is" as opposed to "are".
If you were a regular reader of that site you'd notice that he does a fair amount of MS bashing when they deserve it. And he priases them when they deserve it. He does the same for Apple and Linux too! Unlike Slag-dot here where a middle of the road, honest observation is always treated with a -1 moderation.
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
Update: 02/04 16:54 GMT by T: Looks like the WinInfo site has gone down since the story was submitted
.. sweet revenge ;)
D.
Do the names "Nimda", "Code Red" and "I Love You" ring a bell?
Thoes were FEATURES not security flaws!
Sheesh I wish people would get it right. That's why MS has less bugs. They count half of them as hidden features!
Vote early. Vote often. Vote CowboyNeal.
BIND is a horrible project. It is such a piece of dewdew, I can't believe it hasn't been replaced yet. There are alternatives to BIND on Unix, (DJDNS for one) but they are new and as yet not as flexible.