Study finds Windows more secure than Linux

The Seattle Time ^ | 2/17/05 | Brier Dudley

[usgator]

Nope, no bias there.

I'm confused, if they ALL chose Delphi ... where's the bias?

[dalight]

First, there is no way to really evaluate the claims made in this article. I have read the criteria used for declaring something "more" secure and it would seem to bias toward a system that reports vulnerabilities less frequently and only after the patch has been completed to deal with the vulnerability.

Duh.. thats the way Microsoft does business, letting the users run with the vulnerability for weeks or months without a clue they are being invaded.

In the Linux world they call this sort of piece a study in FUD.

As far as this thread is concerned, the pro and anti comments are just folks knee jerking to the headline.

[Ex-Dem]

I know exactly the type you're referring to. They are part of the reason that I began to distance myself from the Linux Users Group that I used to be a part of. Somehow, helping people with Linux issues degenerated into that must-convert-everyone-to-Linux and Bill-Gates-is-the-devil mentality that seems to be rampant among IT types.

[JustAnAmerican]

LOL, yes a Learned "Professor" has a much better understanding of OS's then someone who manages 87 server farms and has been in the business since the mid 70's. Care to take a guess as to what Federal and State Government agencies use as the predominant Server OS? And it "Ain't" Windows.

[KwasiOwusu]

"Two, it was about hypothetical systems, not real and tested (it was basically just counting exploits)."

Most tests are hypothetical.
Take any ZDNET benchmarks or the TPC benchmarks or most other tests, and they have to make certain assumptions to imitate real life.
You are clutching at straws.

Thiu just proves what the guy in post 3 above said, and I quote:

"This theory will NEVER be accepted by the already-hate-spewing
venemous Anti-Microsoft crowd. It just cannot be!"

He was right. :)

[KwasiOwusu]

"LOL, yes a Learned "Professor" has a much better understanding of OS's then someone who manages 87 server farms and has been in the business since the mid 70's. Care to take a guess as to what Federal and State Government agencies use as the predominant Server OS?"

In a word, YES.
That's why he is a professor of Computer Science, and you manage server farms.
Its his business to understand how operating systems work and how they are written, and he is much smarter than most IT guys that manage server farms.

[StJacques]

". . . The thing that amazes me is that I admit MS has faults ... they adamantly refuse to acccept that Linux may have any flaw at all, no matter how minor."

Yes, Microsoft does have faults. They have a poor history of getting new APIs right on the first try. I admit that outright.

What bothers me so much about the anti-Microsoft crowd is that they are completely deaf to the costs businesses incur when forced to operate within an environment of "limited data access." On some occasions, we are talking about hundreds of thousands of dollars for some relatively simple work that requires extensive repetition. This has enormous economic and social costs for America. Don't they get it? If it's less expensive to do software applications that run across the internet that more will get done and that as more are put in place that jobs, productivity, and economic efficiency are enhanced?

It is so obvious to me that I get a little pedantic when discussing it at times.

[usgator]

Care to guess what OS runs 93.8% of all desktops ... and it ain't LINUX.

[usgator]

Exactly. When you have 90+ percent of the population using your system and hundreds (thousands?) of hackers bombard it on a daily basis looking for security flaws ... your gonna find some. Why would I want (if I were a hacker) to attack Linux? Who am I gonna hit ... 3 people in a cubicle in Burbank?

[Rifleman]

Uhhhh...no. There were no real computers harmed in the making of this FUD.

They just counted the vulnerabilities that turned up times the days until a patch was released and added those up. Since MS tries hard to keep security holes secret until patches are available (and Open Source mostly doesn't) this is not a meaningful metric.

And since the Windows security holes tend to be "allows black hat to remotely own your pc, steal your passwords and identity and transfer all your money to liberia" and Linux holes tend to be, "promote local user to the permissions of the user that this application runs on" it is like saying that catching ebola twice is better than catching a cold five times.

If they had set up a Linux and a Windows 2003 server (patch 'em all you want, or even patch the Windows machine and not the Linux) then connected them to the net outside the firewall and tested for "time 'till security is breached" this might mean something.

[rit]

I think it is fair to say that Microsoft has never been the bearer of gifts when it comes to interoperability with anything other than Microsoft products. They do what their customers request, but ensure a tie-in to the MS product line, which is fair since they are a business concern.

Without getting to technical, it is interesting to note that a MS rep has stated Microsoft will not provide support for HTTP bindings as described in the Web Service Description Language (WSDL) specification. Instead, they will only support SOAP which provides for Remote Procedure Call.

For non-tech people, WSDL is a industry standard specification released by the self appointed World Wide Web consortium (w3c). Vendors follow W3C recommendations to ensure interoperability. However, vendors like Microsoft have extended the standards and broken interoperability in many cases.

[JustAnAmerican]

Did you check the headline? Or are you just posting to get a response. We are talking about "Servers" not "Desktops". Yes MS has the desktop market cornered, not because they have a good product but because of Gate's Father's wording of his first contract. Without said contract MS would have just been a blimp on the radar. And as an FYI, UNIX (Linux is a byproduct) was around while Gates was still wondering what puberty was going to be like.

[StJacques]

". . . Why would I want (if I were a hacker) to attack Linux? Who am I gonna hit ... 3 people in a cubicle in Burbank?"

Lol gator!

It's always the leader of the pack who is challenged. No one bothers with the beta males.

[KwasiOwusu]

"Uhhhh...no. There were no real computers harmed in the making of this FUD"

There were.
# 2,its FACTS not FUD.
# 3, Linux lost.
Get over it.

[CarryaBigStick]

A university professor knows more? That's funny.

[KwasiOwusu]

"We are talking about "Servers" not "Desktops". "

Microsoft also rules in servers with the highest market share.


"Yes MS has the desktop market cornered, not because they have a good product but because of Gate's Father's wording of his first contract"

Yeah.
And little green men from Mars voted to put President Bush back in power too.

[usgator]

And as an FYI, UNIX (Linux is a byproduct) was around while Gates was still wondering what puberty was going to be like.

And that has any relevance ... why?

So was the record player and where is it now? Something better came and now it's gone!

[KwasiOwusu]

"A university professor knows more? That's funny"

Yep.
A university professor in Computer Science does.
This is not Ward Churchill's "Ethnic Studies".
This is real science, and a real professor.

[JustAnAmerican]

I sure hope you are not doing the thing you got banned for last time. I.E. instead of debating the merits at hand you start doing the personal attack thing. Not necessarily in reference to my posts but to some of the others here. Also good to know that you think a "Professor" without real world experience would know more about something then someone with it.

[GoldCountryRedneck]

"...a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast...."

America - the land of free technical choice as well.

Operating systems programmer in another life long ago (anybody remember OS/360?), I appreciate that, today, a bit-twiddler worth his/her coding salt can find a way into *any* XP/Linux/Unix system kernel.

It's heartening that the passion of such debates (OS X vs OS Y) still rage as it's from such that creativity and innovation will emerge. It's an evolutionary development process afterall.

Thing is....My current install of XP Pro w/ SP2 has run for weeks on end with nary a hiccup. Pretty reliable albeit with Anti-Virus, Anti-Spyware, and Firewalls up front.

Linux? Tried it and just can't muster up the interest. Microsoft works for me. Period.

Guess I'm just set in my ways and would rather surf FR than tweek around with RedHat these days. Life is too short.