Language Selection

English French German Italian Portuguese Spanish

Linux lags Windows in new security report

Filed under
Linux
Microsoft
Security

A report released today indicates Windows Server 2003 may actually be more secure than its most popular Linux competitor when it comes to vulnerabilities and the time it takes to patch them.

"The fact that Security Innovations [which produced the paper] retained 'editorial control' doesn't help; if Microsoft is paying the bills, there can be all sorts of nonverbal pressure behind the scenes. It isn't like it was 'co-funded' by both Microsoft and Red Hat," said Michael D. "Mick" Bauer, senior editor of Linux Journal and director of value-subtracted services for Wiremonkeys.org.

He also questioned the narrow focus. "This study appears to be more concerned with vulnerability counts and patch-release cycles than in actual security or securability. Certainly, if Microsoft has reduced the amounts of bugs in [its] software and gotten faster at patching bugs, that's great. But the bug-patch rat race is only one part of a much more complicated security picture, and the way I see it, Linux still has compelling advantages from a security standpoint."

Such a reaction was anticipated by authors Richard Ford, Herbert H. Thompson and Fabien Casteran. They intentionally ignored threat profiles in favor of inherent vulnerabilities in Windows Server 2003 and two versions of Red Hat Enterprise Linux 3.0. The goal, they said, is to provide a security metric for IT professionals to apply to their own software shopping.

"I don't think people should make adoption decisions purely based on the results, but I think it does at the very least give decision makers and diehards on either side, or even the neutral people, a chance to look beyond hype and speculation and look at hard numbers," said Thompson, director of research at Melbourne, Fla.-based Security Innovation Inc., the application security provider that produced the report.

Thompson denies Microsoft's money influenced results but admits that's a source of contention for a lot of people. "We've gotten funding from Microsoft and as a result of that people have come back and said this automatically must not be relevant and fair and balanced. That's one reason our mission has been to be completely transparent in the methodology."

Full Story.

More in Tux Machines

Linux Kernel 3.19-Rc6 Released


Linux Kernel 3.19-Rc6 Released

One more rc released today shortening time period for the final release. Each release sees a new changes and fixes and this one is slightly smaller but as always better.
 
 
 
 
 
 

Read at LinuxAndUbuntu

Ubuntu Flavors 15.04 Vivid Vervet Alpha 2 Released


Picture

Ubuntu flavors 15.04 alpha 2 has been released for testing. Ubuntu Unity does not take part in the alpha releases. Flavors like Kylin, Ubuntu Gnome, Lubuntu and Kubuntu alpha 2 relases are available.



Read at LinuxAndUbuntu

MBARI testing the waters with open source camera

“There is a movement to have open source oceanographic equipment,” said Chad Kecy, lead designer and MBARI engineer. “Anyone could take our designs and modify them for specific needs they have. It’s just a less expensive and easier way of getting cameras in the water.” Read more

Fixing unperceived errors in my X Windows configuration

Last week I decided to bite the bullet and upgrade X Windows to the latest version available in the main Portage tree. After rebooting, X Windows, GLX and Direct Rendering worked fine as usual. So everything was good. Well, not quite. Although the installation was working properly, there were still some long-standing messages in the X.Org log file that indicated my installation was not configured completely correctly. I had ignored them for too long and resolved to find their causes and eliminate them. Here is what I did.

Read more