An Open Letter from Darl McBride

canfirman writes "Well, it seems Darl is changing tactics as he's now published an open letter proclaiming the benefits of UNIX over any other operating system. However, most of his letter involves comparing SCO Unix to Linux from not only a business acceptance point of view, but from a technical point of view, too. Darl throws in a bunch of stats in there, too: 'In a study conducted only seven months ago they found that overall, the most vulnerable operating system for manual hacker attacks was Linux, accounting for 65.64% of all hacker breaches reported.' I'd love for somebody who has more technical knowledge than me to look at his points and see if what he says is true or not -- assuming anything coming out of Darl's mouth is true."

I can believe of the stats here...

[beh]

I can believe part of his claims in that more Linux systems get hacked, compared to commercial Unices. Though I don't think this is a general problem with security on Linux, but with the fact that most home installations of Unix based systems will be on Linux boxes - and therefore in the hands of people with less security expertise than large companies have at their disposal.

Also, companies have dedicated sysadmins or even IT security people which will (hopefully) constantly check for new vulnerabilities and immediately patch their systems.

Private "Home" Unix installations that aren't Linux based will in comparison be more likely to be in the hands of the more knowledgable folks, and hence also in the hands of people that will likely be more security aware than the average home Windows/Mac/Linux user.

How many private users with their linux box on broadband seriously do that (except for those that hold IT security / admin type positions)?

I'm a developer - and I'm not in the habit of daily (or even weekly) patching of systems. I'm occasionally checking the system and I do react (i.e. patch) when I hear about some (widely publicised) security hole... ...but outside of that most security fixes will probably come in when it's time to update the system as a whole...

Another factor in "less" security of systems in people's homes, is that most people just stay ignorant of the situation, because they think "my box doesn't contain anything important that would make it worth hacking"; but they're often with that ignoring the danger that someone might just break into their computer just to use the computer in further attacks on more "rewarding" targets.

Re:I can believe of the stats here...

[Darth+Daver]

"After all, I'd rather have my system owned by a script kiddie who's trying to shut down the internet than someone going after my identity and personal information. "

    I'd rather not have my system "owned". The Windows user attitude of, "I don't care if someone breaks into my system because it contains nothing important, and I already rebuild it every few months" is not encouraging.

    What do you think the statistical likelihood of an overt attack is compared to an automated worm? Those weasels at mi2g who came up with this "study" of dubious merit, are simply looking for some way to get a dig in on Linux. Would you rather be on an OS that gets 52% of .1% of all attacks or one that gets 99% of 99.9% of all attacks?

    Getting into a Linux box should require some overt effort. Breaking Windows boxes automatically using worms has been all too easy, as proven by numerous, catastrophic examples such as Code Red, Nimda, Sasser, Slammer, Loveletter, Melissa, etc. Please refresh my memory of all the high-profile, impactful, overt Linux attacks.

Re:Stop the lies, Linux is free.

[warpSpeed]

Linux is only free if your time has no value.

Nope, linux is still free, regardless of how you value your time.

My time is highly valuable to me, and I charge my clients for it. My clients love Linux because it "just works". Email server with uptimes of over a year or more, file servers that boot right up, no problem, after a power failure and the UPS is drained. Backups, networking, routing, firewalling, it all just works. No blue screens, no registraions, no licensing issues, no hassles, easy software patches, and best of all CHOICES of vendors.

Sure there are problems with various distos of linux. With any complex software there will be issues. But on the whole, Linux runs circles around windows in terms of the lack of headaches and reliability.

A rebuttal

[ZosX]

"But since SCO owns the UNIX operating system...."

Quoth the wikipedia:

The present owner of the UNIX trademark is The Open Group, while the present claimants on the rights to the UNIX source code are The SCO Group and Novell. Only systems fully compliant with and certified to the Single UNIX Specification qualify as "UNIX" (others are called "UNIX system-like" or Unix-like).

Novell also has source code rights. Also, Darl, you should be careful to use the UNIX trademark so freely as it is clearly a registered trademark of the Open Group. From their website.

"Customers can identify UNIX certified products by the Open Brand logo and the mandatory attribution declaring to which version of the specification the product complies:"

So no Darl, you do not own UNIX. Get a clue.

"The competitive battle between Pepsi and Coke is legendary, as is the battle between GM and Ford, Boeing and Airbus, and the Red Sox and Yankees."

Your analogy between Pepsi and Coke (where did you learn to write anyways? 4th grade?) is so inherently flawed that the term "apples to oranges" doesn't even begin to describe how distorted this viewpoint is, as both are still fruit. My guess is that you were trying to provide some humour. I certainly got a good laugh.

" 1. OpenServer 6 Costs Less - OpenServer 6 offers very aggressive pricing.
                The purchase price for SCO OpenServer 6 is priced from $599 to $1399
                which includes the license to the product, software fixes, and access
                to SCO's online knowledge base. Customers pay once for the product
                and run it for as long as they like."

I don't really know what kind of math you are using Darl, because in my world, $599 is a whole lot more than $0. Also, I don't really see how asking for a support contract is a "bait and switch" tactic as you claim. If you don't need support, there are more than enough FREE, as in beer and speech, alternatives out there in the Linux universe.

" "Free" is one of the most searched words on the Web today. When you
                type in "Free" in Yahoo search, it brings up more than 3 billion hits.
                "Free" is a very powerful marketing concept. We all love free. Linux
                lures you in with the promise of its being "free." But before you get
                out of the "store," you are surprised to find out that it was anything
                but free. Just remember the proverb, 'Free is the most expensive
                price.'"

Darl. All I gotta ask is, can I have some of what you are smoking. It has GOTTA be good!

"OpenServer 6's features form a very powerful server."

Yeah. Especially now that you included a bunch of, get this, FREE software. How much did apache cost you? How much did you spend on developing the open source tools that you now use? Are we, as a collective, supposed to just swallow this pill, that you attack free, open source software, and then include it in your own operating system. If that is not sheer hypocricy that I have no idea what is. Go to hell Darl. We all know what UNIX is and was and it surely is not SCO anymore, or probably ever was for what it matters. Personally I hope your lawyers bleed what little liquidity you have left, if they are smart that is. You are a joke. Nobody respects your company anymore. I hope that you go to bed everynight worrying that your illegal insider trading activities may one day land you in court. Crooks like you, and the ones that fund your pitiful crusade, deserve to sit in a 4'x4' cell with your new wife, Bubba.

Have a wonderful day!

Sincerely,

Zos/Xavius.23