Study finds Windows more secure than Linux

The Seattle Time ^ | 2/17/05 | Brier Dudley

[rit]

SAN FRANCISCO — Believe it or not, a Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers.

The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, "Security Showdown: Windows vs. Linux." One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint.

"I actually was wrong. The results are very surprising, and there are going to be some people who are skeptical," said Richard Ford, a computer-science professor at the Florida Institute of Technology who favors Linux.

[Knitebane]

Well, Microsoft loses so many of them that they have to go out and buy a good word now and then. LOL.

Yeah. Too bad they usually buy the good words instead of earning them.

[KwasiOwusu]

"And exactly what does writing a language or winning a Nobel prize have to do with locking down a system from intruders? Except for avoiding C++ that is.. Mmmmm????"

Ummm... ummm that was in response to your crack saying:

"Those who can, do.
Those who cant, teach. "

The point being, since nearly ALL Nobel pPrizes in science have been won by university processeors, for most of the breakthroughs that have powered the scientific progress of mankind, university professors sure DO.

[KwasiOwusu]

"Jimmy Carter got a Nobel prize, so did Yassir Arafat."

They got Nobel Prizes in the sciences huh?
Tell me, which since was that?

[Havoc]

Yeah. Too bad they usually buy the good words instead of earning them.

That's the point to be made, sire. Had they done that from the beginning, much of the market they've lost to Linux and continue losing would be happy MS users to be sure. As is, I see MS continuing to slide.

[KwasiOwusu]

correction:

"The point being, since nearly ALL Nobel Prizes in science have been won by university professors, for most of the breakthroughs that have powered the scientific progress of mankind, university professors sure DO."

[Bush2000]

I'll use small words...

Not difficult -- you don't know any other kind...

This guy decided to do a Windows vs. Linux test. His department takes Microsoft's money. No matter how much you spin, you can't deny that fact.

I don't need to deny anything. His department takes money from a wide variety of industry sources, including IBM, Cisco, and others. And here's where your ignorance of university funding really becomes apparent: Grants aren't provided by IBM, Cisco, and Microsoft in a blanket fashion. They're targeted at specific research projects, usually carried out through a combination of faculty and graduate students. The faculty is comprised of a number of individuals, each of which is likely working on completely independent projects. You seem to think that Microsoft backs up a truck filled with money to the building and all of the professors start filling their pockets. Which is ridiculous. Ford says that Microsoft didn't fund the study. I have no reason to disbelieve anything that he's saying -- and you haven't offered any proof to the contrary, either. You've simply made a lame assertion that because MS funded a research project (not Ford's) in the past, that he's tainted.

Nice try. But that's affectionately known as defective, non-rigorous logic.

Now, he could have avoided the appearance of impropriety by getting someone from the Unix department to do the Linux part of the test, but he didn't.

Wrong. Ford doesn't take money from Microsoft. Hence, no conflict of interest. Game over. You lose.

And he can't claim that it didn't occur to him that there might be an appearance of impropriety, since he's been publicly called on it (and responded to it) before.

It's simple: You're wrong. Ford never took money from Microsoft. He's not taking money from Microsoft now. Try a new angle.

Very simply, the test may or may not be accurate (we don't know because the only thing published thus far are the results, not the methodology or testing criteria) but it's tainted by his connection to Microsoft dollars.

Again, he has no connection to Microsoft dollars.

The only reason to go ahead and run his test would be to make the grant givers at Microsoft sit up and take notice of him.

Uh, nooooo. The reason to run this test is because there are legitimate concerns over whether Linux security meets the sniff test.

[HolgerDansk]

‘Most of the world’s computers run Microsoft’s operating systems, thus most of the world’s computers are vulnerable to the same viruses and worms at the same time. The only way to stop this is to avoid monoculture in computer operating systems, and for reasons just as reasonable and obvious as avoiding monoculture in farming. Microsoft exacerbates this problem via a wide range of practices that lock users to its platform. The impact on security of this lock-in is real and endangers society."

And since we're having an academic discussion, the cite:

Geer,D.; Pfleeger,C; Schneier,B.; Quarterman,J.; Metzger,P.; Bace,R; Gutman,P."CyberInSecurity: The Cost of Monopoly", Computer and Communications Industry Association, Sept. 24, 2003, pg. 5.

(PS -- System I'm posting this from isn't Windows/IE. It's not Linux. Not a Mac either, though Apple is on the right track in many, many ways...)

[Knitebane]

My, my.

You're getting rather worked up about this. You're doing a lot of twisting and spinning to try to deny the fact that Dr. Ford's department takes Microsoft's money.

A personal reason perhaps?

You've denied taking money directly from Microsoft too. Perhaps all of this spinning is because, like Dr. Ford, you've been taking Microsoft's money once removed?

[KwasiOwusu]

You have still to present one iota of evidence to support your wild claims and libel of the good professor.
No surprise there.
This is typical open source disinformation and dirty tricks tactics.
You guys make the KGB look like amateurs when it comes to nasty propaganda.

[dalight]

I guess the stock market has a bone to pick with 25B a year in profit.. because Microsoft stock has been just about flat (no growth) for 3 years, and frankly, the prospects are that this is as good as its going to get. This is the definition of a Cash Cow. You can see this as a derogatory term, but its just a reality. Cash Cows pay dividends but they look more like bonds than stocks at that point. But, MSFT, has some serious clouds on the horizon.

[Bush2000]

My, my. You're getting rather worked up about this. You're doing a lot of twisting and spinning to try to deny the fact that Dr. Ford's department takes Microsoft's money.

Oh, never fear. I don't take any of your rambling incoherence seriously. You're a blowhard. All hat and no cattle. Try growing some gnads and prove your phony allegations before slandering people's reputations.

[Knitebane]

You have still to present one iota of evidence to support your wild claims and libel of the good professor.

I did. Too bad you aren't ethical enough to accept it.

But that's what happens when you back Microsoft. Their unethical practices rub off on you.

Lay down with dogs, get up with fleas.

[KwasiOwusu]

"Geer,D.; Pfleeger,C; Schneier,B.; Quarterman,J.; Metzger,P.; Bace,R; Gutman,P."CyberInSecurity: The Cost of Monopoly", Computer and Communications Industry Association, Sept. 24, 2003, pg. 5"

I remember those clowns alright.
Wasn't their report thoroughly discredited after it came out they had close contacts with CCIA in preparing that report, at the time a Microsoft hating trade group?

That you have the nerve to produce this snake oil report just goes to show how increasingly desperate you are getting.
LOL!

[Knitebane]

Oh, never fear. I don't take any of your rambling incoherence seriously.

The insane seldom take reality seriously, so no surprise there.

You're a blowhard. All hat and no cattle. Try growing some gnads and prove your phony allegations before slandering people's reputations.

Hey, you asked for evidence, I provided it.

Too bad you're not man enough to admit when you're wrong.

But then, spending all that time under Ballmer's desk has probaby affected your manhood.

[KwasiOwusu]

"I did. Too bad you aren't ethical enough to accept it"

Wrong answer.
I am too ethical, and clear thinking to accept your NON-evidence and desperate attempts to smear a guy who's only crime was to tell the truth.

[Bush2000]

I guess the stock market has a bone to pick with 25B a year in profit...

Remind me of how "logical" the stock market is again. Because I have a faint memory of rubes bidding hundreds of dollars per share for worthless companies during the dotcom era...

[KwasiOwusu]

"Lay down with dogs, get up with fleas."

Yep.
Join the open source crazies, and lose any modicum of integrity that you had before , if any.
Yet to see any open source crazy that didn't have plenty of difficulties with the truth or with facts.

[Bush2000]

Hey, you asked for evidence, I provided it.

No, you provided worthless tripe. Not even worth the bits that they're stored in.

[KwasiOwusu]

"Hey, you asked for evidence, I provided it. "

If you call that evidence, then you belong in Bill Klinton's court of "I did not have sexual relations with that woman".
That evidence of yours will last exactly 1 second in any properly constituted court of law.

[Knitebane]

Uhh, Bruce Schneier is widely recognized as one of the foremost authorities on computer security and cryptography in the world.

Unless you can produce similiar credentials, I advise you to shut up and listen to what the man has to say.