Skip to comments.
Study finds Windows more secure than Linux
The Seattle Time ^
| 2/17/05
| Brier Dudley
Posted on 02/17/2005 9:47:00 AM PST by rit
SAN FRANCISCO Believe it or not, a Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers.
The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, "Security Showdown: Windows vs. Linux." One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint.
"I actually was wrong. The results are very surprising, and there are going to be some people who are skeptical," said Richard Ford, a computer-science professor at the Florida Institute of Technology who favors Linux.
(Excerpt) Read more at seattletimes.nwsource.com ...
TOPICS: Business/Economy; Technical
KEYWORDS: computersecurity; lie; linux; microsoftastroturf; security; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 361-380, 381-400, 401-420 ... 441-458 next last
To: KwasiOwusu; dalight
Your claims are in direct conflict with the findings of this test. That's because he has real computers running real software in a real networked environment. He's not just making up theoretical installs and counting security notices like these people did. Of course there would be conflicts.
To: N3WBI3
r I have to up and take a reboot. It is a more stable platform than windows (but I have not yet touched 2003). I've been using 2003 for the last year and a half. You still have to reboot, and patches can still mess up your system. The only shockingly pleasant surprise I had going from w2K AS was that IIS 6 is FAR better than IIS 5 (once you go through the troublesome migration). It actually has abilities that other servers have had for years. Welcome to new new millennium, Microsoft!
To: usgator
90% of the time we, AND YOU GUYS, just say this to ruffle feathers. It's fun yet I never take it personally.I've stayed off this thread because I came in late and just didn't feel like banging my head against the wall. Your comment above is on target. Sometimes both sides tweak the other, even when they know there isn't any real substance, there just to get a rise out of folks.
383
posted on
02/18/2005 9:38:24 AM PST
by
zeugma
(Come to the Dark Side...... We have cookies! (Made from the finest girlscouts!))
To: dalight
Tannenbaum, in an interview I read about a year back, said Minix was never intended to be anything other than a teaching tool so he resisted all attempts to add functionality to it that would make it a "real" OS. Which is also why Linus Torvalds decided to write his own.. I think he wanted a terminal program or something to work on it.I hadn't read that before. Sounds to me like Minix was a success in exactly the way that Tannenbaum intended! What more could one ask for?
384
posted on
02/18/2005 9:42:52 AM PST
by
zeugma
(Come to the Dark Side...... We have cookies! (Made from the finest girlscouts!))
To: zeugma
Come to the Dark Side...... We have cookies! Love it!
385
posted on
02/18/2005 9:51:39 AM PST
by
usgator
To: N3WBI3; ImaGraftedBranch
As far as comparative costs go, the determination really comes down to the local context in which a company selects its server. There are clearly situations in which Linux would be a preferred cost savings for one company while Windows 2003 server would be more cost-efficient for another. That was the gist of what I saw revealed in the abstract of the article I posted.
As far as a comparison of their security features goes, that really comes down to the competency of server administration in my opinion. A good server administrator running a well-thought-out and competently executed security setup on Linux will be superior to a less competent and less well-thought-out system on Windows 2003 server and vice-versa.
The real issue around which a comparison of Linux and Windows 2003 server should be based is that of the cross-platform capabilities of the two and, with .NET installed on Windows 2003 server, it is no contest, Windows 2003 server wins hands down. This is what I pointed out in
my first post on this thread and is something that has been verified from the real-world testimony ImaGraftedBranch supplied in his
post #176, in which he pointed out that he was working in a situation in which he was pulling data from multiple platforms of a wide variety supplying over 70 types of datasources. Only .NET can do this with ease.
There is nothing that runs on Linux, or anything else for that matter, that can compare with this level of cross-platform interoperability. That is why the charge so many make against Microsoft that it is not "economically democratic" -- which was the original issue to which I responded in this thread -- fails the test. The great myth of open source software is that it supports an IT world in which everyone can communicate with everyone else. It doesn't. The companies supporting Linux are working very hard to exclude data access and data exchange with Microsoft systems. That is the reality of open source software.
To: Knitebane
Say, you're not that guy "Pinko Commie Dirtbag" always pimping linux with his buds over on DU, are you? Can't tell any difference, that's for sure.
To: StJacques
Other than windows platforms where does .Net run well? You cant compile it on any other system so is it not fair to say its definatly not cross platform? Im not too familiar with .Net so I may be off..
388
posted on
02/18/2005 11:03:05 AM PST
by
N3WBI3
To: N3WBI3
"Other than windows platforms where does .Net run well? You cant compile it on any other system so is it not fair to say its definatly not cross platform?"
So far as I know the .NET Framework is only installable on Windows 2003 Server, Windows XP and XP Professional, and Windows 2000 with the appropriate service packs.
However; it is not the capability to install .NET on distinct server platforms that defines the test of "cross-platform interoperability," which refers to the capability of software installed on one development platform to communicate, interact, and exchange data and information with software installed on a distinct development platform. Microsoft .NET's Common Language Runtime, its OLE DB data provider technology, and its top-of-the-line XML and XML Web Services capabilities give it the ability to run applications that can interact with many other types of applications installed almost anywhere else. Unix, Solaris, OS2, OS/400, SAP, and many other operating systems -- I think it would be fair to say "most operating systems used widely in business processes" -- can run software that calls applications installed with .NET or can be called by them in return. Microsoft .NET does more to remove the barriers that have existed between development platforms, and which have impeded information exchange between them for years, than any other technology now available.
To: rit
390
posted on
02/18/2005 12:20:56 PM PST
by
SengirV
To: StJacques
I think it would be fair to say "most operating systems used widely in business processes" -- can run software that calls applications installed with .NET or can be called by them in return. True, just like most operating systems used widely in business processes can fetch a web page using http protocol.
Microsoft .NET does more to remove the barriers that have existed between development platforms, and which have impeded information exchange between them for years, than any other technology now available.
True only if by "between development platforms" you are referring to between Microsoft development platforms. Otherwise, .NET has nothing to do with it. The mere fact that an application on a solaris OS may call a .NET app on a Microsoft box does not equate to .NET having removed any barriers.
What I understand so far is that .NET is only available on Microsoft platforms. Interoperability implies heterogeneous (ie., windows and non-windows operating systems). The only barrier .NET may have removed (albeit not entirely), is the need to interact with certain MS apps that previously were difficult to communicate with.
To argue Microsoft .NET does more to remove the barriers is akin to saying Microsoft has a lion's share of the market place and they are slowly being forced to license protocols and APIs that previously were proprietary. If that is what you are arguing, then I will accept it.
391
posted on
02/18/2005 1:00:24 PM PST
by
rit
To: rit; ImaGraftedBranch
First of all rit, ImaGraftedBranch can enlighten you about some of the issues you raise, so I'm pinging him in hopes that he jumps in to comment upon what you have posted. Let's get on to your comments now: "True only if by "between development platforms" you are referring to between Microsoft development platforms. . . ."
No, only one platform has to have .NET installed. The other platform can function without anything from Microsoft installed whatsoever.
". . . Otherwise, .NET has nothing to do with it. The mere fact that an application on a solaris OS may call a .NET app on a Microsoft box does not equate to .NET having removed any barriers. . ."
No, .NET has everything to do with it and it has removed the barriers of compiled programming language substituing a "language neutral" runtime compilation in its place. Let's say you have a server-side only Java application installed on a Solaris operating system on one machine and some RPG business logic installed on another machine running the OS/400 operating system and you want to call both from a third machine, which has .NET installed, to bring their information together for use in an application that integrates the two. Without access to a special Application Server on either the Solaris or OS/400 machines, such as an installation of WebSphere on the OS/400 example just given which would permit RPG code to be called by a Java application, you could only call these programs from another application written in the same language. The .NET Common Language Runtime changes all of that. It can call applications written in Java -- or any other object oriented programming language -- from any application written in any of the .NET programming languages (VB.NET, C#.NET, JScript.NET, COBOL.NET, etc.) and it can call RPG, provided that AVR.NET is installed (a plug in from ASNA), just as easily. The installation of additional application servers or interface applications on the Solaris and OS/400 machines are not necessary for a .NET app to communicate with either of the two applications described since .NET is "language neutral." And I haven't even begun to get into XML and XML Web Services where .NET's capabilities outshine all others.
". . . Interoperability implies heterogeneous (ie., windows and non-windows operating systems). . . ."
If by "heterogeneous" you mean the ability to install .NET on machines with distinct operating systems, that is not "interoperability" which implies the ability of software installed on distinct platforms to "operate" in communication and exchange with each other across those platforms. That is what .NET provides.
". . . The only barrier .NET may have removed (albeit not entirely), is the need to interact with certain MS apps that previously were difficult to communicate with. . . ."
Nope. .NET has removed the barriers of programming languages and has opened up XML and XML Web Service programming beyond anything running on any other development platform. If you want to contest this, give me a counter-example and I'll take it on.
". . . To argue Microsoft .NET does more to remove the barriers is akin to saying Microsoft has a lion's share of the market place and they are slowly being forced to license protocols and APIs that previously were proprietary. . . ."
You open source guys who are still concerned about operating system APIs don't realize that the world has changed and you're living in the past. Microsoft is revealing its APIs -- they don't have to be licensed -- because they don't matter any more now that .NET has made application code "language neutral" and the open and non-proprietary standards of XML and XML Web Services are becoming the industry norms for information exchange. Manipulating an operating system API was vital in the days when Microsoft's proprietary ActiveX technology was the centerpiece of its enabling of application code, but that day has passed.
I will admit that the licensing of protocols is a different matter and that there is reason to criticize Microsoft in some instances related to protocol licensing.
To: StJacques
I disagree with the assertion that "Microsoft .NET does more to remove the barriers that have existed between development platforms, and which have impeded information exchange between them for years, than any other technology now available."
The reason is the statement is not qualified and my interpretation of your arguements is that you are implying .NET has done more for interoperability between Windows based, and non-Windows based systems, and that is just not true.
It would be fair to say that .NET has done more for interoperability between different applications of different languages all running on Windows based systems. But, to say it has done more for interoperability than any other technology that exist today, is, well, unqualified.
As noted before, I do not disagree with Microsoft charging for access to protocols or APIs, nor do I disagree with Microsoft providing a license that is inconsistent with the GPL. I do not favor the GPL. Specifically, there are issues in using GPL'd software for public accessible services that eventually a court will need to resolve. But that is a whole other area and I would be happy to discuss through freep-mail.
393
posted on
02/18/2005 2:55:24 PM PST
by
rit
To: SengirV
hte clones here eat it up Who are "the clones"?
394
posted on
02/18/2005 3:07:05 PM PST
by
usgator
To: StJacques
Counter example:
Interoperability between applications on a single system. The Unix shell. From a simple shell script, I can call any other program written in any other language, and I can pipeline output from one to the other.
Interoperability between applications on multiple platforms. XML, WSDL, SOAP, and UDDI.
Note that neither example mentions Microsoft. The later works because it is a service oriented architecture. In fact, hundreds (of thousands ) of non-Windows based systems can interoperate this way independent of .NET.
So what does .NET offer? Interoperability between applications callable from the .NET framework (the framework only runs on Windows). Again, that is not a bad thing, it is just a Microsoft only thing, and that is why I disagreed with the way you phrased your statements.
395
posted on
02/18/2005 3:21:34 PM PST
by
rit
To: rit
". . . It would be fair to say that .NET has done more for interoperability between different applications of different languages all running on Windows based systems. But, to say it has done more for interoperability than any other technology that exist today, is, well, unqualified. . . ."
rit, I did qualify my statement by giving you an example of how .NET has lessened the barriers between platforms, citing an instance in which the Solaris and OS/2 platforms, each running software written in different programming languages, could be integrated without the installation of application servers on the Solaris and OS/2 machines to provide the "bridge" .NET offers right out of the box. Can you tell me that, before .NET, this was possible (using the application types I described in my earlier post)? Of course it was not.
And your insistence that .NET only lessens the barriers between applications running on Windows systems is ridiculous. Before .NET was released I had two options if I wanted to connect a Windows server to an IBM AS/400 machine running the OS/400 operating system to get at installed application code or data residing on the AS/400. I could either make certain that the AS/400 had IBM's WebSphere Application Server installed, and then install a Java application using WebSphere which I could connect to using a Java application installed on the Windows server or I could have purchased IBM's Client Access or Client Access Express software tools to provide enhanced access. But with .NET there is no longer a need. I can call Java application code directly from the Windows server -- or the AS/400 can call my server -- or I can connect to RPG business logic directly using the Common Language Runtime. This is not "all running on Windows based systems." And the programming language in which I write the .NET app doesn't matter. Since I am convinced you do understand more than the basics of client-server connectivity, I am wondering whether you are just denying that the application design structure I have just described exists.
If you want to continue to tell me that .NET only breaks down barriers between Windows systems explain to me why the application systems flow I just described can't be done with .NET. I think more than a few posters on this thread will assure you that it can.
To: rit
This is a response to your #395, which I did not see as I was writing my #394.
"Counter example:
Interoperability between applications on a single system. The Unix shell. From a simple shell script, I can call any other program written in any other language, and I can pipeline output from one to the other. Interoperability between applications on multiple platforms. XML, WSDL, SOAP, and UDDI."
On the Unix shell, even you mention that is not "cross-platform" so I'll leave your comment on that as is.
On XML, WSDL, SOAP, and UDDI, this is all XML and its related technologies which provides a very powerful, indeed revolutionary, alternative to other programming languages and, yes, it is truly cross-platform in its capabilities. But two points follow from identifying these XML-related technologies. First; IBM, Red Hat, and others are trying to limit the full use of XML Web Services (WSDL, SOAP, and UDDI come in here) by stressing RPC-style Web Services (limited in scope) as opposed to Document-Style (unlimited capabilities). IBM's WebSphere Application Server does not contain the JAXP Java API as a quick example and you will find no IBM tutorials on doing Document-Style web services at IBM's DeveloperWorks web site. It is .NET that is fully-enabling XML. XML is not a counter-example to .NET because the .NET APIs are actually XML schemas themselves.
But what about all the legacy code written in Java, RPG, Perl, COBOL, and many other languages that is still a fully-functional part of the business processes of many companies that is residing on their (non-Windows) servers? How can that application code be accessed across platforms without the construction of a specific application server whose installation is required on each separate machine? .NET provides the answer with its Common Language Runtime, OLE DB data providers, and XML-Schema-Based APIs.
.NET's solution not only maximizes the cross-platform potential of XML and XML Web Services - and your examples were meaningful in this respect - it also provides access to regular application code already installed and running on non-Windows platforms.
To: rit
This is a quick followup to my post #397 and your posting of XML and its related technologies as a counter-example.
Since .NET relies upon APIs written as XML schemas I can concede that without XML there could be no .NET and, therefore, that XML is the original cross-platform technology that is revolutionizing cross-platform interoperability. Perhaps I should modify my statement to say that "Microsoft .NET is the most important development platform enabling cross-platform interoperability."
That would be more accurate and it would incorporate your counter-example as a useful and relevant rejoinder to my earlier statement.
To: StJacques
Unfortunately, I have to leave so let's pick this up on monday (or via freepmail). I really am trying to understand what you are saying, but so far all I get out of it is that .NET runs on Windows and it makes it easier for a program on windows to call other processes.... and I fail to see the novelty and groundbreaking technology that supports the unqualified claim of having done more for interoperability than any other technology out there. As I noted, hundreds of thousands of Unix boxes can do the same without .NET, using a service oriented architecture. As windows would require the .NET framework, the Unix boxes would require equivalent (ie., a process that listens for the request, selects the appropriate service to satisfy the request, and provides a response.... that methodology, by the way, goes back to early days circa 1993).
399
posted on
02/18/2005 3:49:20 PM PST
by
rit
To: rit
MS is letting Hollyweird destroy them with all the media player controls , if Gates is that dumb with all the money he has not to fight them Linux will take over in a matter of time. My prediction, custom Linux distros will rule the marketplace.
400
posted on
02/18/2005 3:51:55 PM PST
by
John Lenin
(Just because they smile when they see you doesn't mean they like you)
Navigation: use the links below to view more comments.
first previous 1-20 ... 361-380, 381-400, 401-420 ... 441-458 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson