Re: sick of Linux bias

From: Dazz (cashdj_at_hotmail.com)
Date: 01/07/04


Date: Wed, 07 Jan 2004 23:37:37 +1000

On Mon, 05 Jan 2004 16:51:02 -0500, Jim <me@mail.com> wrote:

>Here is a little article for all of you linux boys out there who feel
>Linux has little to no security flaws. I am looking for the article now
>and will post later, but do any of you remember how the back door trjan
>almost made it into the kernel?

The simple fact is that both OS's aren't free from security flaws.

Any reasonable person (regardless of OS bias) could tell you that.

But trying to excuse one OS over another, regardless of your own
personal bias/agenda, shows how hypocritical both parties can be.

Personally, I wouldn't trust a default install of either.

I'd rather look at the facts for myself and make up my own mind as to
which is the more secure of the two.

I make my living from supporting/administering Micro$oft OS's and
applications, along with the occasional linux server/desktop, and from
a reliability and security point of view, I don't put much faith into
the (lack of) support that Micro$oft provides.

I've seen Micro$oft release patches/service packs that cause more
damage then harm, and these are patches/services packs that are
*supposed* to have been tested prior to being released.

At least with linux, I have more control over the OS and what goes on
under the hood, and I can fix *most* problems as they arise, instead
of waiting around for Micro$oft to release some patch that might take
them days or weeks to release (and they sometimes *still* get it
wrong).

>Open Source and Secure just dont go hand in hand.

Not always, but being able to view the source code, and being able to
change the source code when/if needed, certainly helps.

Not to mention having thousands of eyes also reading through the
source code (obviously not in all cases).

Try doing this with Proprietory source code, and you'll end up in
trouble for copyright infringement or worse.

Good programming skills combined with a knowledge of security are the
real key to secure programming.

Truth be told, Micro$oft have proved time and time again that they
can't, or aren't prepared to, get this right.

You only need to look at the amount of fixes/patches/security
bulletins to see this.

Do you remember when Micro$oft claimed they were going to concentrate
on getting their programming right, so that their customers wouldn't
have to keep relying on service packs/patches/etc?

Well, what happened?

They're still releasing OS's that have major security issues - nothing
has changed.

Dazz

>http://news.com.com/2100-1002_3-5135129.html?tag=nefd_top
>
>Jim



Relevant Pages

  • RE: [Full-Disclosure] Re: January 15 is Personal Firewall Day, he lp the cause
    ... supply of patches (Windows NT4/95/98) these systems should go offline ... Security is always a trade-off. ... This is how Linux and other ... Apache virtually owns the market with more than 60%. ...
    (Full-Disclosure)
  • SecurityFocus Linux Newsletter #39
    ... Subject: SecurityFocus Linux Newsletter #39 ... Need to keep track of the latest vulnerability information? ... vulnerabilities for both security product vendors and corporate security ... NEW PRODUCTS FOR LINUX PLATFORMS ...
    (Focus-Linux)
  • Re: Sound like busy days for anti-virus folkes ?
    ... And it was taken from a Linux computer. ... > ferociously downloading pirate versions of Microsoft ... > Thursday that parts of its valuable source code for its ... security experts feared ...
    (microsoft.public.security)
  • RE: Linux hacked
    ... Subject: Linux hacked ... After you boot up into the OS running from CD, ... >> First let me say I'm a security novice. ... >> been unsuccessful in getting root back. ...
    (Security-Basics)
  • Re: Community responsibility and abuse (2): the case of top-
    ... Without ANY evidence of ANY security problems you try ... PLEASE PROVIDE EVIDENCE OF ANY ... evidence that Linux is anywhere near as insecure as windows. ... Still no "spacific evidence that Linux is anywhere near as insecure as ...
    (alt.linux)