Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graph of Linux Vs. Windows System Calls

Posted by kdawson on from the linguini-or-angel-hair dept.

cgrayson recommends Richard Stiennon's blog on ZDNet — a post titled Why Windows is less secure than Linux shows a compelling graphical comparison between system calls on the two operating systems. The blogger tips Sana Security for the images. Quoting: "In its long evolution, Windows has grown so complicated that it is harder to secure... [T]hese images... are a complete map of the system calls that occur when a web server serves up [the same] single page of [HTML] with a single picture."

3 of 302 comments (clear)

  1. Unavoidable. by Kadin2048 · · Score: 5, Interesting

    I think you'd have to resort to a lot of trickery, like stacking vertices on top of each other with zero-length edges, to make the Windows graph appear less complicated than the Linux one. Provided that you model them in the same way, it ought to be pretty apparent that one just has a lot more vertices and edges than the other, even if you did it in a multidimensional space.

    Really, the graphs are just a way of artfully showing a simple fact, which is that Windows requires more system calls than Linux, to complete a particular task. If you assume that each system call is a potential vulnerability, and that less calls are inherently better and more secure, than the result is a foregone conclusion. But those are pretty big "ifs," and it seems like someone who was pro-Windows would do better to attack those premises, rather than trying to dispute the graph, if it's indeed representative of the true number of system calls.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  2. More importantly these graphs show how Linux by Master+of+Transhuman · · Score: 3, Interesting

    - or at least a Web server - is more efficient than Windows.

    This explains why Linux server editions tested in the past tend to outperform Windows Server versions by a factor of two in number of users they can handle linearly.

    They obviously are calling a hell of a lot less than Windows is.

    And it's not clear that those Windows calls are really necessary. I suspect they are mostly redundant calls to multiple versions of the same code from multiple calling modules. This is a result of the size of the Microsoft development teams re-inventing each others code regularly with every new release of the OS. This is pretty clearly what is going on based on Jim Allchin's remarks two years ago about how Vista would "never" be done if they didn't change their development practices.

    And it's the only thing that explains the millions of new lines of code in each new release of the OS, without a concomitant increase in OS capability. Vista has what, twenty million new lines of code? For what capability over XP - DRM? I doubt it.

    --
    Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
  3. Re:FUD? by jgrahn · · Score: 3, Interesting

    I don't even blame them. Feature-richness and backwards compatibility are key aspects of what Microsoft provides, and it inevitably results in a mess. These are practically requirements if you have a big expensive software infrastructure built over a long period of time, as many businesses do.

    OK, but shouldn't that make a Unix syscall interface even more messy? After all, it was created thirty-five years ago.

    On the other hand, you might want to count each ioctl and each read(2) or write(2) of different character devices as separate system calls ...