Slashdot Mirror

← Back to Stories (view on slashdot.org)

WinInformant Says Windows More Secure Than Linux

Posted by timothy on from the ho-hum dept.

nihilist_1137 excerpts from this WinInformant article, which reads in part: "For at least the first 8 months of 2001, open-source poster child Linux was far less secure than Windows, according to the reputable NTBugTraq, which is hosted by SecurityFocus, the leading provider of security information about the Internet. ... A look at the previous 5 years--for which the data is more complete--also shows that each year, Win2K and Windows NT had far fewer security vulnerabilities than Linux, despite the fact that Windows is deployed on a far wider basis than any version of Linux." I wonder how many sysadmins (Windows or Linux) would agree with this conclusion. Update: 02/04 16:54 GMT by T : Looks like the WinInfo site has gone down since the story was submitted, so you may have to content yourself in the meantime with the Bugtraq numbers. Update: 02/04 19:30 GMT by T :Several readers have pointed out that the conclusions WinInformant makes based on the Bugtraq data are not those of SecurityFocus; the headline has been changed accordingly.

1 of 876 comments (clear)

  1. Much harder to compare "Linux" versus Windows by defile · · Score: 3, Troll

    Unlike Windows, there are many independent distributions of Linux that may or may not be vulnerable to a security hole. Also unlike Windows, each distribution has shorter release cycles. Futhermore, many Linux distributions come with lots of bundled software that not all sys admins install.

    This means that security holes discovered against Windows could be far more devastating because of the uniformity of the installed systems. Code Red/Nimda, etc. would've been much harder to pull off against all variants/distributions of Linux. There's much more paydirt in developing good Windows exploits, since they're likely to work against ALL Windows systems, which means the exploits are likely to be very refined and well tested. Compare to Linux exploits which are usually very hard to get working the first time.

    It's also harder to find security holes in Windows since it's closed source (which doesn't make them any less severe). Many security analysts won't even bother since it mostly involves using a debugger to poke at a task for hours, rather than simply grepping source trees for unsafe functions.

    But yeah, it is pretty disgusting that Linux in general has this many security holes.