Slashdot Mirror
Microsoft Claims Linux Security a Myth
black hole sun writes "Microsoft bigwig Nick McGrath claims that Linux security is highly exaggerated, and that the open source development model is 'fundamentally flawed.' The gist of his argument appears to be his claim of lack of accountability among distributors, coupled with generic statements short on facts. 'Who is accountable for the security of the Linux kernel? Does Red Hat, for example, take responsibility? It cannot, as it does not produce the Linux kernel. It produces one distribution of Linux.' He goes on to say that 'Linux is not ready for mission-critical computing. There are fundamental things missing,' pointing out the lack of a development environment and no single 'sign-on system' giving reference to Microsoft's foundering .Net passport program." I guess Linux can only aspire to the greatness of Windows when it has such secure applications as Outlook and Internet Explorer. Historically those have been proven to be of a caliber all their own.
Ha, as last. I agree with Nick McGrath. Well done Nick. Linux is the crappiest OS ever!!, an OS that was built by PC nerds and potchers.
Linux CRAP!
Without getting into a flame war, he does have a point, although not a conclusive point its insightful. However it kinda breaks down when he brings in Windows: Even if Linux was very insecure, there are still plenty of OS's (generally *nix) that are far more secure than Windows will ever be, even if the kernel implementation itself has issues, the actual POSIX base is a far superior idea than the mess that is Windows, and that's talking about modern NT based Windows, 9x etc... that's just a joke pretending to be an OS.
This comment does not represent the views or opinions of the user.
The only question is, who is still using sendmail? Major distros have moved on to postfix and qmail is always an option.
Well, according to this January 2001 article by Moshe Bar, Sendmail handles around 76% of all Internet e-mail.
(Not all Internet MXes use Linux, fortunately ;-) - Mine runs Sendmail under FreeBSD...)
A better question is "Who is responsible for the security of Windows?"
Through its inaction, Microsoft has shown that no one at Microsoft is.
And worse, because Windows is closed-source, anyone who is a victim of Microsoft's reckless disregard for security can't do a thing about it.
At least with open source, you can either close the holes yourself or hire someone to do it.
With Microsoft, you're guaranteed to suffer forever because of limited resources: Developers at Microsoft are not hired to look out for clients, they are hired to do what marketing says and implement security models that make no sense because MS needs to sell product. Quality and security are not even a secondary considerations.
At Microsoft, it is more important to hobble a competitor's product (like they did to Novel and Wordperfect) and continue to dominate than it is to build quality or security.
Microsoft will never match the quality and security of hundreds of thousands of developers who review and contribute to open-source projects. their claims to the contrary are ridiculous
Microsoft is only conserned about their next financial quarter, not about anything intrisically important to any of their users.
Linux is only concerned about correctly implementing code and algorithms.
The sooner we realize this and stop giving MS money and instead start donating it to open-source projects, the faster open-source will gather strength.
I don't know the meaning of the word 'don't' - J
He is dead wrong there, in a big way. MS may not be solely to blame when their boxen die, but how many different [read: crappy] programs are out there. Anyone hate their office groupware suite? IBM, Novell, MS all release behemouths that have tons of holes and patches, plus all the other ditties on the platform.
Simply put, MS's encouragement of software as proprietary holding encourages vendors to not share code, thus losing the peer-review-fix concept. FOSS, OTOH, benefits from this, and reaches excellence much sooner. Actually, the big vendors will sometimes use just those sources for their products, when they want to start with the best in class. (Like historial discoveries of MS's hosting, hotmail, TCP/IP stack components coming from the FOSS world)
CORE
Their big problem with FOSS is that it turns algorithms into commodities. There is, for the given market-snapshot demands, an optimal solution. If Linux hits it early (say, MP3 music storage, or the PVR utilities), then you see others try to jump on the bandwagon touting "value added" versions. One of these additions is Support. "We can offer Support.", they say.
Well, unless you are part of a huge MS partnership, have certified several of your server/network/development personnel in their technology, and keep up close ties (read: pay big money), you are simply not getting the personal attention that a HUGE, and I mean, huge world of *nix experience can give you online.
Anyway, many Linux vendors offers the same thing, if you don't trust your own tech teams to keep the server alive - they can deploy gurus for money too. BFD. MS still doesn't have any true advantage over Linux, even in Support. It's done a different way, and they still "just don't get it".
mug
What did Microsoft have to do with this thread, which was about sendmail? Justifying any flaws in OSS software with "at least it's not Microsoft" isn't a valid response.