Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Linux, Open Source have 'more security problems than Windows'
The Register, NewsForge ^ | 11.15.2002 | Robin Miller

Posted on 11/15/2002 8:18:56 AM PST by AdA$tra

According to a report published November 12 by Aberdeen Group^, "Security advisories for open source and Linux software accounted for 16 out of the 29 security advisories - about one of every two advisories - published for the first 10 months of 2002 by Cert (www.cert.org^, Computer Emergency Response Team)."

Aberdeen says Microsoft products have had no new virus or trojan horse advisories in the first 10 months of 2002, while Unix, Linux, and Open Source software went from one in 2001 to two in the first 10 months of 2002, that in the same 2002 time period "networking equipment" (operating system unspecified) had six advisories, and Mac OSX had four.

In other words, all except Microsoft had increases in reported vulnerabilities this year.

"Contrary to popular misperception," the report says, "Microsoft does not have the worst track record when it comes to security vulnerabilities. Also contrary to popular wisdom, Unix- and Linux-based systems are just as vulnerable to viruses, Trojan horses, and worms. Furthermore, Apple's products are now just as vulnerable, now that it is fielding an operating system with embedded Internet protocols and Unix utilities. Lastly, the incorporation of open source software in routers, Web server software, firewalls, databases, Internet chat software, and security software is turning most Internet-aware computing devices and applications into possible infectious carriers."

The report lauds Microsoft for having overhauled its development process in an attempt to fix security problems, and says, "Perhaps it is time for some of the suppliers of open source and Linux software to take similar measures."

(You'll need to register with Aberdeen to read the rest of the report -- it's one of their free ones -- but I believe I've covered the Linux-relevant high points here.)

And yet, here I sit with my virus-free, trojan-free Linux box, receiving tons of viruses and trojans from Windows users (that don't affect me), watching news item after news item about sites run on Windows servers getting defaced and broken into.

According to what I've heard from my many sysadmin and network security specialist friends, no OS or network-connected software is secure unless it's administered properly and security patches are applied as soon as they are available.

And then, after I started writing this story, a ZDNet article with the headline Linux utility site hacked, infected^ came across my monitor, and I started wondering, "What if these Aberdeen people are right? What if this isn't just Microsoft-sponsored nonsense?"

A look at CERT's 2002 Advisories^ and Incident Notes^ pages was not overly reassuring. Yes, I saw some Microsoft vulnerabilities there that Aberdeen apparently missed, and one for Oracle.

I also think we have enough Microsoft viruses left over from last year that we don't need any new ones this year.

But the real issue is that we all need to be more security-conscious. The Aberdeen report points out that the system with the most reported vulnerabilities can change from year to year, but that the overall vulnerability and incident trend is up. Way up. In other words, whatever operating systems we use, we all need to watch out more for security flaws than we have in the past, and work harder to protect ourselves from them.


TOPICS: Business/Economy; Extended News; Technical
KEYWORDS: computersecurityin; hacking; linux; opensource; security; unix; windows
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-86 next last
To: Bush2000
[Sigh]

Once again, this are not the desktop. They are applications, many of which have an equal application in the Linux space. For example, I use StarOffice for any MS Office docs. Oh, I do run WINE and also run it with Lotus Smart Suite and have not had a problem.

As for your drivers - well I don't have them so it does not bother me.
41 posted on 11/15/2002 12:10:33 PM PST by taxcontrol
[ Post Reply | Private Reply | To 39 | View Replies]

Comment #42 Removed by Moderator

To: AdA$tra
Well, I find a great advantage in Linux multiple desktop capabilities. It allows me to multi task more applications than I can under Windows due to the ability to assemble the running application on different desktops. It also maintains a greater overall perceived responsiveness than when a like amount of applications are open under Windows.

Also, my experience is that Linux stays running without the breakdowns I experience under Windows. Case in point. I have had two WindowsME crashes (one requiring a rebuild) and on 2000 crash one my old laptop within the past year. Want to know how many times Linux has crashed? None.

When I travel I dont have the time waste fixing my laptop. I need it to run - period. That is a HUGE advantage at 2:00 am in some hotel when you are trying to update your latest proposal.

Granted, my situation is unique. But from my viewpoint the Windows desktop comes up short in comparison to Linux.
43 posted on 11/15/2002 12:27:04 PM PST by taxcontrol
[ Post Reply | Private Reply | To 40 | View Replies]

To: taxcontrol
Once again, this are not the desktop.

I don't speak Appalachian. Or Ebonics. Translation?

They are applications, many of which have an equal application in the Linux space. For example, I use StarOffice for any MS Office docs. Oh, I do run WINE and also run it with Lotus Smart Suite and have not had a problem.

Nobody who's used the apps I specified above is going to be happy using Linux crap. Maybe some Third World shmuck who doesn't know better (and even that's doubtful due to the prevelance of piracy).

As for your drivers - well I don't have them so it does not bother me.

Drivers for firewire, digital cameras, DVD drives, etc are a minimum bar. Can't meet it? Take a hike.
44 posted on 11/15/2002 12:29:38 PM PST by Bush2000
[ Post Reply | Private Reply | To 41 | View Replies]

To: Billy_bob_bob
Joe Linux. What's with the dopey smile on that penguin of his?

Penguin sex. It's a formal affair with Joe Linux and his "longtime companion," Tux.

45 posted on 11/15/2002 12:30:11 PM PST by Norman Conquest
[ Post Reply | Private Reply | To 29 | View Replies]

To: Norman Conquest
Penguin sex. Ouch.

I'm going to have to regroup after that one.....
46 posted on 11/15/2002 12:32:32 PM PST by Billy_bob_bob
[ Post Reply | Private Reply | To 45 | View Replies]

To: taxcontrol
Well, I find a great advantage in Linux multiple desktop capabilities. It allows me to multi task more applications than I can under Windows due to the ability to assemble the running application on different desktops

I'm currently running 3 desktops on two monitors using a dual-head matrox video card on Windows XP Pro. The capabilities exist.

47 posted on 11/15/2002 12:40:30 PM PST by msgt
[ Post Reply | Private Reply | To 43 | View Replies]

To: taxcontrol
I have had two WindowsME crashes

Windows ME was a debacle from hell.

I say what ever works for you is best for you. Go for it. I am going to look into using one of my Linux boxes to run a new Tivo emulator software I was reading about. It has all the features of Tivo, but runs on a Pentium 200. i have several of those available. Anyone need an old Dell?
48 posted on 11/15/2002 12:40:33 PM PST by AdA$tra
[ Post Reply | Private Reply | To 43 | View Replies]

To: Bush2000
Lightwave 3D is another that hasn't ported to Linux that I need every day. Not to mention the high end graphics needs that come along with it. If taxcontrol can do his "proposals" in Linux, more power to him. I have used those products and I cannot imagine relying on them in a production environment. Particularly where I need to share with multiple clients, all of whom use MS based products.
49 posted on 11/15/2002 12:45:58 PM PST by AdA$tra
[ Post Reply | Private Reply | To 39 | View Replies]

To: Bush2000
Once again, this are not the desktop. I don't speak Appalachian. Or Ebonics. Translation?

My fingers have suffered much during my time - so I like to blame them :-)

That should read - Once again, THESE (refering to the applications you mentioned) are not the desktop.

You state that no one is going to be happy using the above applications - well I don't use them so it does not bother me one bit. I could argue that there are like applications in the Linux world - GIMP instead of Photoshop.

I am not a user of either so I could not compare the two though I am told that GIMP has some database and scripting features not available in Photoshop.

As for drivers for Firewire (see http://www.linux1394.org/ for compatibility), DVDs, digital cameras, Linux has them - true a smaller set than Windows and perhaps not your particular drivers.

So the minimum bar is there, and still fail to see where Windows is any better. If fact, in my other post, I list a couple reasons why I find Linux to be better suited to my needs.

50 posted on 11/15/2002 12:46:23 PM PST by taxcontrol
[ Post Reply | Private Reply | To 44 | View Replies]

To: taxcontrol
Use whatever works for you, friend. If it's Linux, great. It's free. I can't because I depend upon too many Windows-based tools.
51 posted on 11/15/2002 12:50:26 PM PST by Bush2000
[ Post Reply | Private Reply | To 50 | View Replies]

To: AdA$tra
You might be interested in this:

San Antonio, Texas -- July 23, 2002 -- NewTek, Inc., manufacturer of industry-leading 3D animation and video products, today announced the forthcoming release of LightWave 3D®’s network rendering solution, ScreamerNet, for the Linux OS for i386 systems.

Link - http://www.newtek.com/news/releases/07-23-02-c.html

52 posted on 11/15/2002 12:50:59 PM PST by taxcontrol
[ Post Reply | Private Reply | To 49 | View Replies]

To: AdA$tra
Lightwave 3D is another that hasn't ported to Linux that I need every day. Not to mention the high end graphics needs that come along with it. If taxcontrol can do his "proposals" in Linux, more power to him. I have used those products and I cannot imagine relying on them in a production environment. Particularly where I need to share with multiple clients, all of whom use MS based products.

Yes, I've used (and like) Lightwave. Nice product. Maya is an alternative which has been ported to Linux; however, considering my investment in Windows tools, I'm not likely to switch.
53 posted on 11/15/2002 12:51:58 PM PST by Bush2000
[ Post Reply | Private Reply | To 49 | View Replies]

To: taxcontrol; AdA$tra
That's a renderer, primarily intended to be used in a render farm. What AdA$tra is referring to is the desktop Lightwave modeling and animation environment, I believe.
54 posted on 11/15/2002 12:53:19 PM PST by Bush2000
[ Post Reply | Private Reply | To 52 | View Replies]

To: AdA$tra
Windows ME was a debacle from hell

LOL - well I think we can agree on that! The second ME crash actually was so bad it corrupted the 2000 install. Had to rebuild both.

Most of the work I do is word processing, network diagrams and presentations. Most of the stuff comes in from the clients only to be consumed by me. Thus when I respond, I create from scratch or cut and paste from the client documents. I have had very little problem with StarOffice. Though there was on spreadsheet that gave me some trouble a year ago.

Tivo emulator software??? Sounds interesting. Can you provide a link?

55 posted on 11/15/2002 12:55:46 PM PST by taxcontrol
[ Post Reply | Private Reply | To 48 | View Replies]

To: AdA$tra
"As a desktop OS Linux is nothing but an poor knock-off of the Winodws paradigm. It is great for firewalls, routing, file serving, web serving and imbedded applications. As a desktop it is nothing but a toy."

It depends on what you use on the Linux desktop. The only applications I use are Phoenix web browser, XMMS (Winamp) and GVIM for application development. For those applications, Linux is just as good or better than windows. I can't comment on other apps such as OpenOffice since I do not use them.

One thing Windows is better at is video games. Linux has a long way to go to catch up in that category.

56 posted on 11/15/2002 1:04:29 PM PST by Crispy
[ Post Reply | Private Reply | To 27 | View Replies]

To: taxcontrol
My Sister-in-law works for Newtek. They used to be based right here in good ol' Topeka, Kansas until they became tax exiles and moved to San Antonio. I have been using Lightwave since it was just part of the Video Toaster on the Amiga platform. Very cool Product. I know there are several alternatives out there nowadays such as Maya and Rhino, but I am partial to Lightwave for the obvious reasons.
57 posted on 11/15/2002 1:08:02 PM PST by AdA$tra
[ Post Reply | Private Reply | To 52 | View Replies]

To: taxcontrol
Tivo emulator software??? Sounds interesting. Can you provide a link?

It is in a magazine I have at home. I will try and find it tonight and post a link.

I have played with the screamer net for Windows. It is VERY touchy. I could not use it for anything serious as it crashes constantly, but was fun to play with when the fastest PC on the planet was a P200. Now that I have P4 2.0Gz with a gig of RAM on a LAPTOP....I just render that way. I also do not do moving animations nearly as much as I used to. Mostly I use LW to render web graphics.
58 posted on 11/15/2002 1:14:06 PM PST by AdA$tra
[ Post Reply | Private Reply | To 55 | View Replies]

To: AdA$tra
I run Red Hat Linux 7.3 and WindowsXP both at home, and I have to tell you, I have received more security notices through Red Hat's auto-update notification service than I have WindowsXP in the last 6 months.

I'd have to go back through my email, but I probably get 2-4 RedHat Linux security fix notices a month, vs. the 2-3 that I've received from WinXP in the last .. 6 months?

Far as I'm concerned, it doesn't really matter which OS you run, they *all* have security holes & patches. some more than others, but they all do.

59 posted on 11/15/2002 1:23:01 PM PST by usconservative
[ Post Reply | Private Reply | To 1 | View Replies]

To: msgt
I run nine virtual (gnome) desktops on the machine I am typing this on (RedHat). Have an TV card sending HBO into the middle window, four different WWW sessions in the others, terminals, perfmeters, etc. All one 19" terminal.

At work, I have 12 virtual desktops on one monitor. Some lucky stiffs here at work have two monitors and one guy runs 20 virtual terminals for image processing!

Of course, if you want, you can also multiple X sessions, which many here do...so the truly insane could run, say 140 virual desktops.

60 posted on 11/15/2002 1:27:32 PM PST by chilepepper
[ Post Reply | Private Reply | To 47 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-86 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson