Can anyone explain why this result doesn't contradict this one? http://www.npr.org/blogs/thetwo-way/2011/07/06/137634397/physicists-almost-certain-the-universe-is-not-a-hologram
Once more when we see any survey of any sort which questions Linux security, people trounce on it unthinkingly.
Sure, this report leaves out worms. But that is completely irrelevant. I'm willing to bet that most of the successful attacks on Linux could be automated in a worm.
The point about worms is that they are most successful when you have large numbers of vulnerable hosts to propogate. Windows wins simply by having sheer numbers of similarly installed machines, so worms are not an indication of how secure/insecure an OS is. Worms are mostly written for Windows, not because its less secure, but because there is a better chance of success.
A better way to criticise this survey is that it counts total numbers of attacks, not attacks as a percentage of deployed machines. I suspect that this is because this just makes Linux look even worse.
One poster even complained that they had to patch their Windows servers more often than their Linux servers. Don't people see that this is a _good_ thing. Despite what people think, Linux programmers are about equal to the same order of magnitude as Windows programmers. So bugs are likely to be at about the same rate. More patches simply means that more bugs are being discovered and fixed.
If you count vulnerabilities found, Linux and Windows have been consistently about the same order of magnitude (cf. CERT). This is about what you'd expect for similarly complex pieces of software. Being open source doesn't automatically mean that the software is more secure, you still have to have someone looking.
Instead of burying their heads in the sand and Windows bashing, Linux-o-philes should take a long hard look at how they can make Linux better.
In the US alone estimates range between 100 million and a billion birds are killed each year flying into plate glass windows.
To put that in perspective that is for the lower bound roughly 10 times the number of birds killed in the last 20 years by the power turbines in a single day
ASN.1 is the basis of a great many protocols, What is not mentioned in the article is that ASN.1 is a binary protocol and is therefore not human-readable.
This is one of thing that really annoys me about XML advocates. The simple response is "Who actually reads protocol messages?".
XML is a reasonable (although way too verbose) format for data files and things were you could reasonably expect that human might need to edit/read (although I got to say, beyond simple examples XML is not that human readable).
XML should be used where it is fit for purpose. It is not good for protocols where every byte counts, it is awkward to use for some data (e.g. rule based information with conditional expressions), and for god's sake it is completely insane to try and use it as a general purpose programming language (although a few people are trying).
ASN.1 is not a panacea either, and it has a lot of problems (mostly due to people using it stupidly, as they also do with XML). But in the places where it is fit for purpose it does a good job.
The argument is best illustrated by an example:
true = 23 bytes (and usually
namespaces add another 10 or so)
In ASN.1 PER this is encoded in one bit.
<message>
Here is a message intended to be read by a human
</message>
Would be represented in ASN.1 (BER) as:
13 30 48 65 72 65 20 69 73 20 61 20 6d 65 73 73 61 67 65 20 69 6e 74 65 6e 64 65 64 20 74 6f 20 62 65 20 72 65 61 64 20 62 79 20 61 20 68 75 6d 61 6e
Lastly, I have been hearing the argument that in the future we will have more bandwidth for a good decade now, and the truth is that a fundamental law of traffic is that it expands to fill the available bandwidth. Besides this, saying that we'll have more bandwidth in the future ignores the tendency towards enabling more and more devices to be network aware and at lower costs. Sure you might get 1Mb to your cell phone, but what happens when you have a pallette full of tomato cans who are sharing a limited RF channel are all trying to tell a stock/inventory control system where they are?
Slashdot Mirror
Can anyone explain why this result doesn't contradict this one?
http://www.npr.org/blogs/thetwo-way/2011/07/06/137634397/physicists-almost-certain-the-universe-is-not-a-hologram
Are we talking about different things here?
Once more when we see any survey of any sort which questions Linux security, people trounce on it unthinkingly.
:-)
Sure, this report leaves out worms. But that is completely irrelevant. I'm willing to bet that most of the successful attacks on Linux could be automated in a worm.
The point about worms is that they are most successful when you have large numbers of vulnerable hosts to propogate. Windows wins simply by having sheer numbers of similarly installed machines, so worms are not an indication of how secure/insecure an OS is. Worms are mostly written for Windows, not because its less secure, but because there is a better chance of success.
A better way to criticise this survey is that it counts total numbers of attacks, not attacks as a percentage of deployed machines. I suspect that this is because this just makes Linux look even worse.
One poster even complained that they had to patch their Windows servers more often than their Linux servers. Don't people see that this is a _good_ thing. Despite what people think, Linux programmers are about equal to the same order of magnitude as Windows programmers. So bugs are likely to be at about the same rate. More patches simply means that more bugs are being discovered and fixed.
If you count vulnerabilities found, Linux and Windows have been consistently about the same order of magnitude (cf. CERT). This is about what you'd expect for similarly complex pieces of software. Being open source doesn't automatically mean that the software is more secure, you still have to have someone looking.
Instead of burying their heads in the sand and Windows bashing, Linux-o-philes should take a long hard look at how they can make Linux better.
Oh and BTW: I run FreeBSD
In the US alone estimates range between 100 million and a billion birds are killed each year flying into plate glass windows. To put that in perspective that is for the lower bound roughly 10 times the number of birds killed in the last 20 years by the power turbines in a single day
Ahh that should be: true = 28 bytes Should have used Preview. Mea Culpa.
This is one of thing that really annoys me about XML advocates. The simple response is "Who actually reads protocol messages?".
XML is a reasonable (although way too verbose) format for data files and things were you could reasonably expect that human might need to edit/read (although I got to say, beyond simple examples XML is not that human readable).
XML should be used where it is fit for purpose. It is not good for protocols where every byte counts, it is awkward to use for some data (e.g. rule based information with conditional expressions), and for god's sake it is completely insane to try and use it as a general purpose programming language (although a few people are trying).
ASN.1 is not a panacea either, and it has a lot of problems (mostly due to people using it stupidly, as they also do with XML). But in the places where it is fit for purpose it does a good job.
The argument is best illustrated by an example:
true = 23 bytes (and usually namespaces add another 10 or so)
In ASN.1 PER this is encoded in one bit.
<message> Here is a message intended to be read by a human </message>
Would be represented in ASN.1 (BER) as:
13 30 48 65 72 65 20 69 73 20 61 20 6d 65 73 73 61 67 65 20 69 6e 74 65 6e 64 65 64 20 74 6f 20 62 65 20 72 65 61 64 20 62 79 20 61 20 68 75 6d 61 6e
Lastly, I have been hearing the argument that in the future we will have more bandwidth for a good decade now, and the truth is that a fundamental law of traffic is that it expands to fill the available bandwidth. Besides this, saying that we'll have more bandwidth in the future ignores the tendency towards enabling more and more devices to be network aware and at lower costs. Sure you might get 1Mb to your cell phone, but what happens when you have a pallette full of tomato cans who are sharing a limited RF channel are all trying to tell a stock/inventory control system where they are?