Slashdot Mirror


Good Samaritans Choose Linux

blowdart writes "According to this article on the BBC news site the charity Samaritans has chosen Linux to provide it with more secure and powerful computer systems. The installation was supplied by Trustix with IBM providing network security. 'One of the great challenges for computing in any charity is to provide more for less,' said Mike Hermon, Information Systems Manager at Samaritans. According to the Trustix press release the installation is limited to security hardware only, "Samaritans is installing a four zone Trustix Firewall on an IBM eServer x305 and a Trustix Proxy Server on an IBM eServer x300 server.'" Oddly enough, today's Word A Day is Good Samaritan.

3 of 148 comments (clear)

  1. But the Samaritans take their name from the Bible! by Adam+Rightmann · · Score: -1, Flamebait
    So every thing they do is colored by an illogical, irrational belief in God, and a desire to oppress and torture everyone who isn't of their particular Christian sect.

    Come on people, this is Slashdot, if it's even remotely associated with organized religion, it's bad!.

    --
    A. Rightmann
  2. Most Unsecure OS? Yep, It's Linux by Anonymous Coward · · Score: -1, Flamebait

    November 26, 2002 | Paul Thurrott

    According to a new Aberdeen Group report, open-source solution Linux has surpassed Windows as the most vulnerable OS, contrary to the high-profile press Microsoft's security woes receive. Furthermore, the Aberdeen Group reports that more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions. The report muddles the argument that proprietary software such as Windows is inherently less secure than open solutions. And here's another blow to the status quo: Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period. Could Windows be the most secure mainstream OS available today?

    "Open-source software, commonly used in many versions of Linux, UNIX, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers," the report reads. "Security advisories for open-source and Linux software accounted for 16 out of the 29 security advisories--about one of every two advisories--published for the first 10 months of 2002. During this same time, vulnerabilities affecting Microsoft products numbered seven, or about one in four of all advisories."

    The stunning report makes several claims that seem to fly in the face of widely accepted beliefs. First, the Aberdeen Group says that Windows-based Trojan horse attacks peaked in 2001, when CERT released six such advisories, then bottomed out this year, when CERT didn't issue any alerts. However, Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002. The Aberdeen Group says this information proves that Linux and UNIX are just as prone to Trojan horse attacks as any other OS, despite press reports to the contrary, and that Mac OS X, which is based on UNIX, is also vulnerable to such attacks. Even more troubling, perhaps, is the use of open-source software in routers, Web servers, firewalls, and other Internet-connected solutions. The Aberdeen Group says that this situation sets up these devices and software products to be "infectious carriers" that intruders can easily usurp.

    According to the Aberdeen Group, the open-source community's claim that it can fix security vulnerabilities more quickly than proprietary developers can means little. The group says that the open-source software and hardware solutions need more rigorous security testing before they're released to customers. This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain.

    We can rail against Microsoft and its security policies, but far more people and systems use Microsoft's software than the competition's software. I believe that we'll never know how secure Linux is, compared with Windows, until a comparable number of people and systems use Linux. But despite the fact that Linux isn't as prevalent as Windows, we're still seeing a dramatic increase in Linux security advisories today. I think the conclusion is obvious.

    1. Re:Most Unsecure OS? Yep, It's Linux by N3WBI3 · · Score: 1, Flamebait
      Where to start, hmmm ok here ya go

      "more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions.

      Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period.

      Ok now lets assume that by Proprietary they mean close source UNIX (like Solaris, AIX, HPUX, ...) if this is the case than Linux + Open source accounted for more than 50% of the CERTS, but Proprietary accounted for as many as linux that adds up to more than 100% without certs from any OS outside of UNIX.

      "Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002."

      This is what I find disturbing not only is it lumping Linux and Unix certs together to outnumber MS, is throws all open source projects (eg Apache, Samba, ...) into the same bin. It also give no numbers for **THIS** year (the one MS is supposedly more secure than Linux in), all it say is Linux went up from 1, and MS went down from 6.

      Finally there is the following "many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain"

      Many distros by % of linus market, or by joe blow put a distro out. Redhat, Mandrake, and Suse I know have this feature, and it can run on any Distro if you dl it.

      This article provides no numbers, groups together not only multiple operating systems but multiple applications in order to meet is goal (does it cout certs for Apache that hinder windows as being only an open source problem for linux, because that is what is sounds like). Basically its FUD with no substance. If this moron (the writer of the article not the /. poster) wants to make a point I suggest he actually use numbers and not vague referances, he should also learn to compare apples with apples.

      --