Posted on 02/17/2005 9:47:00 AM PST by rit
SAN FRANCISCO — Believe it or not, a Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers.
The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, "Security Showdown: Windows vs. Linux." One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint.
"I actually was wrong. The results are very surprising, and there are going to be some people who are skeptical," said Richard Ford, a computer-science professor at the Florida Institute of Technology who favors Linux.
(Excerpt) Read more at seattletimes.nwsource.com ...
How many linux people do you work with, and do you think thats right to apply it to people here on FR. BTW just for full disclosure, I am RHCE certified on RHEL3.
I suspect that you are percieving it differently, I joke a good deal about windws (boxes I have to restart at least once a month) with the other Unix guys around here but it is just joking..
Say "Microsoft" to the Borg-Gates fanatics and you get the same reaction. They just don't see it themselves.
I have a friend who once worked for Microsoft. Trying to persuade him to believe Windows is an operating system with flaws like any other piece of software is like trying to persuade a devout Muslim that Muhammad was a man with faults like any other man.
That makes me chuckle, of course, whenever I receive his nearly bi-weekly emailed alarms and alerts (he is an independent IT consultant now) to IMMEDIATELY rush this or that MS fix or security patch into my computers or suffer the doom and annihilation of civilization and all that is holy and good.
Obviously, so was I.
first thing I do is ask what were you doing
Yep. Unless it's MS then it's just assumed that it's because MS, as we ALL know, sucks.
How many linux people do you work with
Right now, none. That was a small project I did for a few months doing Perl and PHP. I'm back to C# again.
do you think thats right to apply it to people here on FR
Of course not. But come one, we ALL do it. During the election I supported GWB and of course, my liberal friends all felt that it was because I was a hateful, war mongering nazi who wants to take everyone's right away and nuke the whole planet. It would never occur to them that I just could not fathom the thought of Kerry being president.
90% of the time we, AND YOU GUYS, just say this to ruffle feathers. It's fun yet I never take it personally.
Again, the few people I know who run Linux/Unix boxes act like it is a life changing experience and stupid people like me should just walk away ... dragging our knuckles on the ground as we do it.
Again, this is just joking. But yes, if maybe the only 10 or 15 people I ever met (using Linux) act this way I am going to percieve ALL act like this ... but it is ALL said in a joking way.
There are some serious issues with windows in teh data center. First and foremost is the monthy reboots I need to do for windows patches and the like. Now while one server might not seem like an issue the fact I have 40 servers with different windows and dependancies and you get a mess everymonth. Its hard enough to keep up with things. Throw in things like like the wonderful tendancy MS patches and, more often, service packs to break some functionality I depend on inorder to fix a vulnerabiltiy I cant leave open and you see why UNIX guys love their flavor.
With *nix systems, 90% of the time the patch on the fly without a reboot. the other 10 breaks up to about half the time I dont need the patch (either does not apply or I have a real time work around), or I have to up and take a reboot. It is a more stable platform than windows (but I have not yet touched 2003). And a much nicer box on system resources..
I expect you are right, I think he was an undergrad when he started it. The difference between Linus and Tannenbaum is that Linus was eager to see linux develop into something interesting. (thats not to say, a major operating system, just more like something interesting.)
Tannenbaum, in an interview I read about a year back, said Minix was never intended to be anything other than a teaching tool so he resisted all attempts to add functionality to it that would make it a "real" OS. Which is also why Linus Torvalds decided to write his own.. I think he wanted a terminal program or something to work on it.
Tannenbaum said, if I remember correctly, he doesn't regret one bit that his student has become so famous, his love is being an educator, so you are happy when your students get it. Have to look that interview up, it happened because of the SCO trial and some shill trying to "prove" that linux was stolen. Tannenbaum isn't big on interviews either, at least that was my recollection. It may not have been an interview, but an open letter. I must be getting old.
I found it! "Who wrote Linux" by Andrew Tannenbaum. This guy is a hero even if he is a bit of a flaming democrat.
Old and feeble.. remembered he did a stint of teaching at Helsinki, and just didn't think about it that hard. I corrected it when it was pointed out. Thats the way things are done here, we accept when we make a mistake, clean it up immediately and move on.
Ghod, I wish you would get that. You might not be such a irritating bore if you did.
Of course, this is a definite.. it all depends sort of thing. I very rarely look at users first for this sort of event, except for perhaps, how did they tickle the box to make it hiccup.
You made the claim that the study was more than just another vulnerability count, while I said that's all it was. Read the article again and prove me wrong.
Oh, you mean like the hundreds of desktops and many servers we bought last year, all meant to replace current old Windows systems? Yes, that's increased sales, no that doesn't mean more operating Windows machines. You can expect to see a lot of this about a year or so after major Microsoft version changes, as organizations start to upgrade with new boxes after the old ones have amortized.
Noboby will pay for Windows Server to be installed on their server, then delete it and install Linux on it.
We did exactly that once. It was easier to buy all Windows machines and convert some of them to Linux because of the way the purchase agreement went. Of course at that time Microsoft prevented OEMs from shipping anything but Windows. We also installed Linux on many of the Windows machines getting replaced by a new purchase.
"uncounted copies of Linux" installed on servers from Mars
From Mars? How about web sites all over this planet?
He was, after he did his work on the ARPANET host protocols.
Knitebane, I'd hate to side with Bush here, but he's right on this one point. You need to show how he worked specifically on a Microsoft-funded project in order to show bias, and even that wouldn't necessarily translate to bias on this study depending on what the project was. Loads of companies and organizations fund schools like this, so just funding doesn't mean anything, except in extreme cases where one company practically owns the whole IT department.
Of course, Bush's logic turns on him here, since he used an old IBM grant to iBiblio to say that Pamela Jones of Groklaw was just an IBM schill since Groklaw runs on iBiblio.
It was a CCIA report, and they asked Bruce to give some input -- I wouldn't say it was his.
Aside from that, if you have ever taken a class in cryptography, you've most likely used his book, "Applied Cryptography." It's just like in a CS degree you will have used Tanenbaum's "Computer Networks" and in an OS design class his book "Operating Systems Design & Implementation."
Schneier is so good, his textbook is the standard.
Of course there's not much support difference between buying a Dell and downloading Linux these days. With Dell/Windows, We would sit on the phone for hours with people in India who knew nothing more than how to read cue cards. Then we would figure it out for ourselves.
Not even, and it's not a Dell-specific problem, just reality. We have a bunch of Dell notebooks here, and bought some more not much later, wanting the same hardware since we Ghost everything. Sorry, the new ones have a different video card.
In the 90s my company ordered hundreds of Gateways at one shot. Even these same-model systems didn't always have exactly the same hardware.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.