Language Selection

English French German Italian Portuguese Spanish

Linux lags Windows in new security report

Filed under
Linux
Microsoft
Security

A report released today indicates Windows Server 2003 may actually be more secure than its most popular Linux competitor when it comes to vulnerabilities and the time it takes to patch them.

"The fact that Security Innovations [which produced the paper] retained 'editorial control' doesn't help; if Microsoft is paying the bills, there can be all sorts of nonverbal pressure behind the scenes. It isn't like it was 'co-funded' by both Microsoft and Red Hat," said Michael D. "Mick" Bauer, senior editor of Linux Journal and director of value-subtracted services for Wiremonkeys.org.

He also questioned the narrow focus. "This study appears to be more concerned with vulnerability counts and patch-release cycles than in actual security or securability. Certainly, if Microsoft has reduced the amounts of bugs in [its] software and gotten faster at patching bugs, that's great. But the bug-patch rat race is only one part of a much more complicated security picture, and the way I see it, Linux still has compelling advantages from a security standpoint."

Such a reaction was anticipated by authors Richard Ford, Herbert H. Thompson and Fabien Casteran. They intentionally ignored threat profiles in favor of inherent vulnerabilities in Windows Server 2003 and two versions of Red Hat Enterprise Linux 3.0. The goal, they said, is to provide a security metric for IT professionals to apply to their own software shopping.

"I don't think people should make adoption decisions purely based on the results, but I think it does at the very least give decision makers and diehards on either side, or even the neutral people, a chance to look beyond hype and speculation and look at hard numbers," said Thompson, director of research at Melbourne, Fla.-based Security Innovation Inc., the application security provider that produced the report.

Thompson denies Microsoft's money influenced results but admits that's a source of contention for a lot of people. "We've gotten funding from Microsoft and as a result of that people have come back and said this automatically must not be relevant and fair and balanced. That's one reason our mission has been to be completely transparent in the methodology."

Full Story.

More in Tux Machines

Migrating From Windows 7 To Ubuntu: The Ultimate Guide

Despite what all the Linux haters say, choosing Ubuntu is logical and migrating from Windows 7 to Ubuntu is a breeze. This article summarizes the process and provides solutions to some of the most common beginner hiccups. The Windows Vs Mac Vs Linux debate has been going on for years and doesn’t look to be settled anytime soon. If you are a Windows 7 user and still haven’t made the switch to Windows 8, you may want to consider migrating to Ubuntu 14.04, the latest Linux distro from Ubuntu. In addition to strong support from developers and a massive software repository, it’s free, faster and safer than Windows. Read more

7 killer open source monitoring tools

Network and system monitoring is a broad category. There are solutions that monitor for the proper operation of servers, network gear, and applications, and there are solutions that track the performance of those systems and devices, providing trending and analysis. Some tools will sound alarms and notifications when problems are detected, while others will even trigger actions to run when alarms sound. Here is a collection of open source solutions that aim to provide some or all of these capabilities. Read more

Reader Forum: Accelerating ‘IoT’ with an open-source, embedded platform for connected applications

Providing an end-to-end solution for building and deploying new connected applications extremely quickly, at scale, and at a fraction of the cost compared to conventional processes is key to streamlining M2M development. And, using an open-source, Linux-based platform, companies can run applications on any vendor’s hardware and use any cloud management platform. Read more

REPRISE OF AKADEMY 2014: ARTIKULATE

Even when it sounds like KDE Akademy is a just big party, we have been very productive as well. During the birds-of-a-feather (BoF) session on user experience, we discussed usability and visual design for some projects. Here we want to report about the first one: Artikulate. Read more