Slashdot Mirror

← Back to Stories (view on slashdot.org)

Admins say Linux Much More Secure than Windows

Posted by Zonk on from the not-a-lot-of-surprises-here dept.

Golygydd Max writes "Linux is more secure than Windows. It's something that we've all heard before; however, this is not the opinion of yet another consultant but the opinion of sysadmins themselves. A survey of 6,000 IT staff by BZ Research, reported by Techworld, has found that 74 percent considered Linux secure or very secure, as opposed to 58 percent who found Windows to be insecure."

32 comments

  1. The interesting part... by Otter · · Score: 4, Insightful
    Obviously anti-Microsoft spin needs to take top billing, but the interesting point in there is this:
    Linux developer preference for commercial distributions has declined steadily since 2003, when it was twice the rate for non-commercial, Evans Data's Spring 2005 Linux Development Survey found. Six months ago the preferences were roughly equal, and now 34 percent prefer non-commercial, compared with 28 percent who prefer a commercial version, the remainder having no preference.

    The change is a sign that non-commercial Linux is becoming increasingly easy to use and maintain, without the need for commercial technical support, said Evans chief operating officer John Andrews. Eighty-five percent of developers said the biggest advantage of noncommercial distributions was the ease and cost of upgrades and maintenance.

    "Increasingly easy to use" is probably true, but I'm thinking the real story buried in there is how much of their business userbase Red Hat has given up in the last couple of years...

    --
    What I'm listening to now on Pandora...
    1. Re:The interesting part... by Anonymous Coward · · Score: 0

      I admin unix, windows, and mac systems. They are all secure. It's the users who are insecure.

  2. News flash... by Anonymous Coward · · Score: 3, Funny

    News flash! Bagels and cream cheese popular together!

  3. On the other hand... by JamesTRexx · · Score: 2, Insightful

    I'm not using Linux, but FreeBSD, and I must say not only does it feel safer, but it feels more comfortable to work on. Just the ability to work from the commandline and the ability to really kill processes without getting messages that I have no access to them makes me life easier.
    And after reading the piece on the Longhorn demo I thought why they make such a fuss over things that's already here with KDE. (can't tell about the Apple, never used it)
    In my humble opinion, Microsoft has to catch up with at least FreeBSD, and most likely GNU/Linux as well.

    --
    home
    1. Re:On the other hand... by BoomerSooner · · Score: 2, Interesting

      I have to disagree. MS is a lot easier for me to keep up to date. I prefer linux but having both systems rooted in my younger days linux (depending on your distro and installed packages) is a bit more work to stay on top of.

      That being said Linux is significantly more secure in my opinion. Which is why I lock down my MS based servers behind Linux based firewalls.

    2. Re:On the other hand... by Codename_V · · Score: 1

      Myself, I go with a cron job to automatically update junk. I don't see what's so hard about that. And since security fixes and whatnot are usually backported, I haven't ever had a problem with updates breaking things. I doubt that's the same on Windows machines.

      If you are at the type of place that needs to test every single update to make sure it doesn't break things, then I don't see how it's going to be easy on either Windows or Linux.

      --
      Free will is just an illusion
    3. Re:On the other hand... by JamesTRexx · · Score: 1

      Then I say try FreeBSD as it's easy to keep up to date using sysinstall/cvsup/portupgrade. And not only for the OS itself, but for all applications you install through ports. This is the way I use 5-STABLE and it's never been more fun to maintain servers/workstations.

      --
      home
  4. In other news by EvilNutSack · · Score: 2, Funny

    The earth is round.

    --
    --
    1. Re:In other news by ReallyNiceGuy · · Score: 1

      I did't know that!!!
      The Evil Empire always told that it was flat!

      (wink)

    2. Re:In other news by superpulpsicle · · Score: 1

      OMG. I was eating and I spit everything out on my monitor. ROFLMAO.

  5. Low response rate? by maunleon · · Score: 2, Insightful

    Does the lack of response to this article means that we are all sick of "Linux R00lz!" propaganda?

    Please. a Commodore 64 is much more secure than Linux. Try breaking into it from the internet.

    I'll put a properly configured Windows 20003 server againt a properly configured Linux server. Neither will win. On the other hand, a Windows 2003 server with a good admin, will be significantly more secure than a linux one with a bad admin.

    1. Re:Low response rate? by Punboy · · Score: 1

      This is true, however overall Linux is patched faster than Windows, and typically doesn't require a huge-ass download to fix. And better yet, if you do HAVE a good admin, he can patch the security holes himself most of the time, submit the patch to the creators of the software, and now everyone can be patched. In my mind\ that makes Linux ALOT more secure than Windows, and probably in the minds of most of these other admins as well.

      --
      If you like what I've said here, and want to read more, go to http://www.krillrblog.com
    2. Re:Low response rate? by maunleon · · Score: 1

      How the heck is Linux patched faster than windows, considering that most of the time you have to _compile_ the patch, or use a different process on each distro? We are not even going to talk about kernel patches, unless you go with the standard kernel that your distro provides and you download a precompiled update. But, my success rate with suse's precompiled updates has been low, I've ended up with an unbootable system three times after letting yast update my kernel.

  6. Id aggree with that statement by KingBahamut · · Score: 1

    Who can argue....not I.

    --
    "God of Rock, thank you for this chance to kick ass. "
  7. not admins; managers. by 2*2*53*4127 · · Score: 1

    Linux is more secure than Windows. It's something that we've all heard before; however, this is not the opinion of yet another consultant but the opinion of sysadmins themselves

    from the article:

    The security survey, carried out by BZ Research, polled 6,344 software development managers about the security of different enterprise operating systems. Managers consistently ranked Linux as more secure than Windows...

    frankly as a frontpage story this lacks any real information, and anything to comment or discuss. Are there any more details, or do we have to spend $1200 dollars to find out more?

  8. I didn't see any error specs by Anonymous Coward · · Score: 0

    Can we assume this is another statistically invalid survey?

  9. In other news by jasonmicron · · Score: 1

    In other news, other admins declare that Microsoft's Windows XP is easier to use, and more secure.

    You'll always find stories to support both arguments.

  10. Concerning the windows-knowledge of many admins by fluor2 · · Score: 2, Informative

    I would like to include my opinion here.

    I know a LOT of admins (im an admin myself). And I must point out that 90% know VERY little about Windows security. E.g. "Have you ever configured a Group Policy before?" And most of them would say "Har har! Group Policy? Is that something new that creates a blue screen?".

    Well I've got news for you. Windows is VERY secure nowadays. BUT it require admins to lock-down the OS (e.g. do not give users admin-rights or similar). By looking at our own stats at my workplace, the largest security problem nowadays is NFS and mis-configured Linux computers. BTW did I also mention that most of the Windows boxes have a far better on-line time than Linux? I know they have to reboot quite often, but that's about it. The reboots are at night-time anyways.

    1. Re:Concerning the windows-knowledge of many admins by Noksagt · · Score: 1
      E.g. "Have you ever configured a Group Policy before?"
      Yes I have, though I would also say that I don't know everything about Windows security.

      Security ignorance isn't platform specific. Most modern Linux and *BSD are more "secure by default" than the current versions of windows. I do acknowledge that Windows is getting much better in this department these days & that I actually do believe Redmond is capable of making something every-bit as secure as *nix offernings (though that doesn't mean it'll be something I enjoy using).
      By looking at our own stats at my workplace, the largest security problem nowadays is NFS and mis-configured Linux computers. BTW did I also mention that most of the Windows boxes have a far better on-line time than Linux? I know they have to reboot quite often, but that's about it. The reboots are at night-time anyways.
      Really? My experience is that ANY desktop sucks--email worms and trojans and spyware is the source of most cruft. A majority of this happens on Windows. My *nix boxes have MUCH better uptimes, but it costs more when they do go down.
    2. Re:Concerning the windows-knowledge of many admins by Punboy · · Score: 3, Funny

      What do you mean a "far better online time"? You mean they dont get hacked as fast? Thats a laugh. You must be new to slashdot or something, cause in the last... year or so there have been AT LEAST 5 articles showing that a Windows machine gets hacked into in almost 1/0th the time as a Linux machine. Just for the record, my home network file/database server has been up and running for 682 days, 4 hours, 32 minutes, and 7 seconds. Running Debian. Which is a linux distro.

      --
      If you like what I've said here, and want to read more, go to http://www.krillrblog.com
    3. Re:Concerning the windows-knowledge of many admins by AhBeeDoi · · Score: 1

      Better on-line times while needing to be reboot quite often does not compute.

    4. Re:Concerning the windows-knowledge of many admins by ces · · Score: 1

      BTW did I also mention that most of the Windows boxes have a far better on-line time than Linux? I know they have to reboot quite often, but that's about it. The reboots are at night-time anyways.

      Funny our UNIX machines including our production Oracle servers stay up until they are taken down for a reason (scheduled reboot, moving hardware, OS upgrade). On the other hand our winddows servers seem to need a reboot almost every time MS comes out with a new hotfix. On top of that a couple of our windows servers need frequent reboots due to something going seriously screwy with the OS.

      Now I will say I'm not one of those people who gets into uptime wars. There are perfectly good reasons to reboot a system at regular intervals. For our HP-UX and Solaris systems this is about once every 6 months, for our Linux servers once every 3 months, and for our Windows servers once a month.

      --
      Happy Fun Ball is for external use only.
  11. Crickets by Anonymous Coward · · Score: 0

    As an aspiring admin the only security I care about is job security.

  12. My opinion by dimss · · Score: 1

    Noone has asked me... But here is my opinion. Insecure: Windows. Secure: Linux, FreeBSD. Very secure: NetBSD, OpenBSD. Nothing but my own statistics...

  13. Realistically though by KingBahamut · · Score: 1

    the more of us that choose to support windows users , the more secure our jobs are because of the insecurity of the product they use. The more windows f's up , the more money Ill make supporting the users that use such product. So in esence, having inferior product makes me more money.

    Alternately however, it makes me work more time, which probably means Ill burn out faster than a *nix admin , who doesnt have to to work as hard or as much.

    So really its a trade off.

    --
    "God of Rock, thank you for this chance to kick ass. "
  14. Package Management of Open Source RULES by Noksagt · · Score: 1

    The MS OS is now brain-dead to keep updated--it can be set to perform automatic updates. But updating commercial userland applications is quite a drag--MANY different vendors (some of which make you jump through hoops to prove you are entitled to updates) & almost as many packaging systems for updates & none of it is automated. There have been some apps to keep on top of the more popular packages for you & allow you to update all packages in their database.

    But updates on open source desktops are GREAT. The *nix/*BSD distro has already gathered all the packages for you & with a simple 'apt-get update/upgrade' or an 'emerge -u' or a 'make update && portupgrade -ra' (all of which can be cronned & either set to automatically update or email you which packages have been updated) is a good thing!

    Once a month or so, we update all apps on our Windows boxes. It requires FAR less interaction to do daily updates on our *nix machines.

    1. Re:Package Management of Open Source RULES by 4of12 · · Score: 1

      But updating commercial userland applications is quite a drag

      Absolutely.

      The same problem exists for Linux, too, if you ask any third party application developer what it takes to support and maintain their product on "Linux".

      "Which one? There are so many to choose from!

      Windows has more of problem in this area because of its longer history dominating the commercial landscape with so many different versions.

      The beginnings of the same problem afflict Linux, where I would like to run 2.6.11, etc. whizbang best support for latest hardware, etc., but commercial vendors lag in their testing and can only guarantee it works under RH7.3, RH9, etc.

      In the long run, though, application developers for Linux have it pretty good in terms of interface stability and the ability to just look at the code if there are any questions about the interface. Device driver writers, OTOH, have a much harder job. Their Windows woes won't end just by going to Linux.

      --
      "Provided by the management for your protection."
  15. we do you know by FidelCatsro · · Score: 1

    Linux Much More Secure than Windows .
    see .
    Its true as-well , my job is to keep my server secure and operational and i can achive this with far greater efficency with unix type OSs such as solaris or linux .
    I admit alot of this is my experiance ,which is mainly with solaris and linux , though i am fully qualified to run a windows server and have , i just honestly could not say i trusted the system as much.

    This may be a biased opinion and i wont argue if you acuse me of being slightly against using windows() , once bitten twice shy and the ammount of times ive had patches from MS software bite back i have good reason for distrust.
    Linux is by no means perfect (this is why i still have solaris ) and is lacking in a few areas( far fewer than even just this time last year , and improving daily)However the only thing that microsoft currently has over linux(in my opinion) is the quantity of official drivers and software releases from various companys.

    --
    The only things certain in war are Propaganda and Death. You can never be sure which is which though
  16. Let's compare a square peg and a round hole by jago25_98 · · Score: 2, Insightful

    Mu! damnit! http://c2.com/cgi/wiki?MuAnswer

    You know, I'd stick my neck out here and say NO! It depends! This is all about default settings.

    What IS Windows? What IS linux?

    Is Windows a machine ruinning an old copy of IE with a single auto-login user running as admin?, hundereds of services running from the likes of nvidia and ATi, - to most minds the assumption is yes.

    And I know for one my linux box isn't setup as tight as it could be because I know how much hassle that entails. The process running this browser has enough permissions to wipe out my data drive; I like to save pictures there after all. What am I to do - setup sudo to another user and script it's launch? - how many do that? Do you?

    Is linux a 2.6 kernel and Firefox?

    This is all very silly.
    One day something will pop up that will hijack Firefox or Konqueror (more likely as less frequently updated) just the same as IE. If it has less of an effect it'll be due to linux users keeping an eye on things.

    --
    A blog I run for the wealth
  17. Fud, oh wait its pro Linux by Anonymous Coward · · Score: 0

    I was going to shout FUD, but then I realised that this is a pro linux article, so it should be lauded and pointed to as proof of the one through way that I have been told to belive in.

    Oh, sorry this is also FUD - no data to back it up is publicly available. You can't criticise pro MS surveys and then refuse to apply the same critial eye to pro Linux ones (hold on this is slashdot, you can).

  18. admin opinion is not security by Anonymous Coward · · Score: 0

    Both Linux and Windows are large, complex systems with large amounts of badly written software (yes, believe it or not, the choice of license doesn't have anything to do with security.. the programmers for commercial and open-source software are drawn from the same pool of incompetence).

    I do agree that with free operating systems 1) it's easier to lock down and remove unneeded bloat and 2) you don't have to *pay money* for the security holes like you do with Windows, but make no mistake, any admin has to work *hard* to lock down their systems.

    So this survey is nice and fuzzy and all but it's just like saying "most doctors agree, cancer is easier to treat than AIDS".

    Sincerely,
    Grizzled Old Sysadmin

  19. C64 online by GQuon · · Score: 1

    Actually, there are Commodore 64s that are online, both client-side and server-side. Contiki gives you a text web browser, an irc client, a web server, and more.

    You could connect with a modem, or with an ethernet plug with the Retro Replay expansion.

    --
    Irene KHAAAAAAN!