Study finds Windows more secure than Linux

The Seattle Time ^ | 2/17/05 | Brier Dudley

[rit]

SAN FRANCISCO — Believe it or not, a Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers.

The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, "Security Showdown: Windows vs. Linux." One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint.

"I actually was wrong. The results are very surprising, and there are going to be some people who are skeptical," said Richard Ford, a computer-science professor at the Florida Institute of Technology who favors Linux.

[thoughtomator]

Trying to find it... I saw a ton of comments about it and arguments about it, but no actual data. Did you find some?

[Knitebane]

Here's another novel suggestion.

Try reading up on where Dr. Richard Ford's grant money comes from.

Just another Microsoft shill posing as a Linux "expert."

Hey, do you two see each other at the MS Shill reunions?

[dalight]

Not to put new flame on this fire.. but You could listen to your tunes, do your excel and do heavy duty development in a Unix environment. OS X.

[StJacques]

70 types of datasources huh?

I could have told you that your platform was either .NET or that you were using an expensive server cluster alternative. And the .NET alternative is clearly cheaper.

[KwasiOwusu]

"I'd agree for desktops, but not for servers"

Even for servers.
We already know for exxample that Windows desktop and Windows server are the # 1 desktop and server in both India and China.
Yet Microsoft makes very little money from China or India, because practically everyone simply goes and buys the complete Windows server pr desktop CD at the street corner for mere peanuts.

[Knitebane]

Dr. Richard Ford (the Linux "expert" in the "study") takes large amounts of grant money from a certain software company that is located in Redmond, WA.

And no, it's not Nintendo.

Try googling on him.

[Knitebane]

We already know for exxample that Windows desktop and Windows server are the # 1 desktop and server in both India and China.

Well, I don't know it, and I doubt you do either.

Want to provide some evidence for your assertion?

[KwasiOwusu]

"Who keeps the statistics on how many Linux servers are sold?"


Dell, HP, IBM Hitachi and the rest of the guys who sell servers are only too eager to boast about the % of Linux servers they have been selling.
You can't even keep them from shouting about it.
And IDC and Gartner are of course only too eager to write down those figures and add them up.

[KwasiOwusu]

"Microsoft might have done a better initial setup, what server administrator would run a Linux server without doing some setup efforts !!!!!"

Lots of them actually, as the open source fanatics keep screaming to us about how this or that Linux admin didn't really know what he was doing, anytime there is a security breach in Linux.
This test just used what averagely pertains in the market.

[KwasiOwusu]

"Those who can, do.
Those who cant, teach. "

Yeah?
How many Nobel Prizes have system admins won for any cutting edge work in anything again?
And how many computer languages have they written?

[KwasiOwusu]

"University professors are experts at everything, huh?"

Umm.. I don't think anyone here said that.
I specifically kept referring to that creep Ward Churchill, pointing out that I thought very little of that vermin.

[JamminJAY]

Windows Web server is more secure than a similarly set-up Linux server

Oh my, why would you install the MS "welcome abord" security patch on a Linux Box?

Jammer

[Bush2000]

Here's another novel suggestion. Try reading up on where Dr. Richard Ford's grant money comes from.

No need. He's a Linux supporter.

[Knitebane]

No need. He's a Linux supporter.

He's a self-styled "Linux supporter" that takes tons of grant money from Microsoft.

More Microsoft astroturfing.

[Knitebane]

Lots of them actually, as the open source fanatics keep screaming to us about how this or that Linux admin didn't really know what he was doing, anytime there is a security breach in Linux.

Of course, this "Linux admin" probably knew exactly what he was doing.

He was doing what was necessary to keep that grant money coming in from Microsoft.

[Bush2000]

Dr. Richard Ford (the Linux "expert" in the "study") takes large amounts of grant money from a certain software company that is located in Redmond, WA.

Whoa, troll. Hold it right there. Where's your proof that Dr. Richard Ford takes grant money specifically from Microsoft?

[Bush2000]

He's a self-styled "Linux supporter" that takes tons of grant money from Microsoft. More Microsoft astroturfing.

Shut yer trap and prove it, Medieval Wedding Boy...

[Bush2000]

He was doing what was necessary to keep that grant money coming in from Microsoft.

Keep beating the same old tired drum, I'll keep demanding proof.

[HolgerDansk]

There are some real Sys Admins posting on FR. They have interesting things to say if you listen. Just the same, there are lots or really interesting folks of all stripes around here.

As one of the few (and proud) folks out there with more than 17 years of network security experience, I find the notion of "Windows Security" to be oxymoronic, and laughable at best. A few years back, I was asked to build a "hardware security device" for our first (management mandated) Windows server, when placed on the same "red zone" as our mainline Unix boxes. The "device" was little more than a coaxial cable relay, controlled by a more trusted piece of software. Of course, Linux is only slightly better, but then Linux isn't the only (or even best) open source Unix out there.

As for Microsoft's "innovation" and "support" of open standards, most research-grade CS folks have quite the opposite opinion -- that Microsoft stifles innovation through it's copy-and-sue-us practices (which kills most VC funding for software startups) as well as the "embrace-extend-kill" strategy which has worked well for them in the Browser Wars as well as OS/2 and the killing of Java thin clients.

It pains me that, in spite of this, they are more or less a US company, and the US economy does get some short-term benefit from their dominance of the software industry. But already, Microsoft is moving their "research" and development jobs from the West Coast to India, and with Bill going gaga over China, you can bet they'll be employing more people there soon.

[KwasiOwusu]

"I was getting at all of those illegal copies are soon to be frozen out of updates thus making the security situation worse.
Microsoft knows this.. and have thus avoided really cracking down on this practice except to push a point."

Its fun to watch your convoluted logic, and even greater fun to watch you tie yourself up in knots.

Microsoft is not freezing anyone out of security updates.

Read this :

"Microsoft will continue to allow all people to get Windows updates by turning on the Automatic Update feature within Windows. By doing so, Microsoft hopes it has struck a balance between promoting security and ensuring that people buy genuine versions of Windows. "

http://news.com.com/Microsoft+Legit+Windows+or+no+updates/2100-1016_3-5550205.html

All you gotta do is turn on the Automatic Update feature within Windows, something that is very easy to do.