Language Selection

English French German Italian Portuguese Spanish

Linux still seen as most secure

Filed under
Linux

The Linux-Windows 2005 TCO Comparison Survey, to be published in full in June, is based on responses from 509 companies of all sizes in markets such as healthcare, academia, financial services, legal, media, retail and government, Yankee Group said this week.

While respondents rated Windows security much higher than in last year's survey, Linux was still perceived to beat Windows in every security category, the survey found.

The survey largely reflects the attitudes of companies that are already Windows shops. The vast majority of respondents - 73 percent - used Windows 2000 Server or Windows Server 2003 as their dominant operating system, followed by Linux with 15 percent, Unix with 6 percent and Novell's NetWare with 4 percent, and "another open source distribution" at 2 percent.

The open-source operating system now used as a secondary operating system in 60 percent of the companies, compared with Windows NT at 62 percent, Unix at 35 percent, NetWare at 16 percent and Mac OS X at 14 percent.

Customers who have already deployed Windows Server 2003 are unlikely to be seduced by Linux, saying they found the Microsoft operating system's quality, performance and reliability equal to or better than Linux, Yankee Group said.
Linux continued to hold a perceived edge over Windows in all security categories, including user systems and Web, file, application and database servers. Linux scored at least 8 out of 10 in every category, compared with 6 or 7 for Windows. Windows' overall rating of 7.6 on security was nearly double last year's score. Respondents said Microsoft's changes to its patching system were working - they spent an average of 80 percent less time on patch management.

Participants' Linux servers took longer to recover from security attacks than Windows - 17 hours for Linux and 13.2 hours for Windows, respondents said. To put this in perspective, however, 92 percent of Linux developers say their systems have never been infected with a virus, and 78 percent said their systems have never been hacked, according to last summer's Linux Development Survey from Evans Data.

Respondents said their Windows downtime was three to four times more expensive than Linux downtime, reflecting the more critical data stored on their Windows systems, Yankee Group said.

The survey was curiously lacking in hard TCO (total cost of ownership) data. Most respondents lacked specific information on comparative Linux and Windows capital expenditure, even though more than half of those surveyed said they had performed a thorough TCO (total cost of ownership) analysis. Those with specific information indicated that costs affecting TCO tended to occur in applications and services rather than at the operating system level itself, Yankee Group said.

The research firm did not specify how it selected its respondents. Last year's Yankee Group TCO study attracted criticism when it became clear that that the sample group was taken from a mailing list aimed at Windows system administrators.

Last year's Web-based survey was funded and carried out by Sunbelt Software, a vendor of Windows utilities, which publicised the survey solely through a mailing list called W2Knews, billing itself as "the World's first and largest e-zine designed for NT/2000 System Admins and Power Users". In the 16 February edition of W2Knews, which launched the survey, the company said it and Yankee Group were "surveying Windows Sites" to see how they were "responding to the Linux phenomenon and the TCO question".

There is little consistent data comparing Linux and Windows TCO. A 2002 IDC study called "Windows 2000 Versus Linux in Enterprise Computing", for example, found Linux was more expensive than Windows. But this was funded by Microsoft, and more importantly, one of the report's authors later said Microsoft had chosen scenarios for analysis that would be more costly using Linux.

In December Melbourne-based IT services firm CyberSource published an updated version of what it says is one of the few fully transparent studies comparing the costs of running Linux vs. Windows, finding that Linux installations can be up to 36 percent cheaper to install and run over a period of three years than comparable Windows systems, though subscribing to enterprise technical support and buying new hardware and infrastructure can lower the savings to as little as 19 percent. The report is available here [pdf].

Another major independent study contrasting Linux and Windows is a report from Germany's Soreon Research, using data collected from interviews with 50 enterprises. The report found that Linux had up to 30 percent lower TCO than Windows.

Source.

In related news Latest Linux/Windows research reports queried.

Large questions have appeared over the accuracy of two recent reports comparing the relative costs and benefits of the Linux and Windows operating systems in which Windows was painted as being superior to its open-source rival.

The reports, Forrester's "Is Linux more Secure than Windows?" and a Yankee Group survey on the relative costs of running the two operating systems, were both issued in the past few days.
The security study - whose raw data was vetted by Linux distributors Debian, Mandrakesoft, Red Hat and Suse - found that on average, Microsoft patched flaws faster than Linux vendors. The Yankee Group survey reported that, except for small businesses with customised vertical applications, companies deploying Windows enjoyed a lower cost of ownership than those with Linux.

But the Linux distributors involved in the Forrester study today issued a joint statement calling the study's conclusions inaccurate. And the Yankee Group's methodology has been called in question, with critics arguing it could not have possibly delivered objective results.

More in Tux Machines

Linux Foundation: OpenContrail, SDNs, ONAP

  • Juniper Flips OpenContrail To The Linux Foundation
    It’s a familiar story arc for open source efforts started by vendors or vendor-led industry consortiums. The initiatives are launched and expanded, but eventually they find their way into independent open source organizations such as the Linux Foundation, where vendor control is lessened, communities are able to grow, and similar projects can cross-pollinate in hopes of driving greater standardization in the industry and adoption within enterprises.
  • Juniper Hands OpenContrail SDN to Linux Found. Before It's Too Late
    After failing to develop a community around the project and receiving pushback from a major backer, Juniper may be saving Contrail from becoming irrelevant
  • CableLabs Announces Two Open Source Projects for NFV
    SNAPS is an overarching program at CableLabs to facilitate the adoption of software-defined networking (SDN) and network functions virtualization (NFV) within the CableLabs’ community. The organization says it spearheaded SNAPS to fill in gaps within open source to ease the adoption of SDN and NFV for its cable members.
  • Bell becomes first operator to launch ONAP in production
    Canadian telecommunications company Bell announced it has become the first company to launch an open source version of the Open Network Automation Platform (ONAP) in production. The announcement was noted by Arpit Joshipura, general manager of networking and orchestration at the Linux Foundation, in a company blog post. According to Joshipura, the news marks a first step toward using ONAP as a common platform across Bell’s network as the company re-aligns itself to follow a multi-partner DevOps model.

OSS/Sharing Leftovers

  • Chrome 64 Beta: stronger pop-up blocker, Resize Observer, and import.meta
  • Chrome 64 Beta Brings Stronger Pop-Up Blocker, JavaScript Improvements
    Ahead of the holidays Google has pushed out the Chrome 64 beta to all supported platforms.
  • The Apache Software Foundation Announces Apache® Hadoop® v3.0.0 General Availability
    The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, today announced Apache® Hadoop® v3.0.0, the latest version of the Open Source software framework for reliable, scalable, distributed computing.
  • Open source science: Scientists researching rice plant genetics agree to not file for patents
    The Foundation for Food and Agriculture Research (FFAR), a nonprofit established in the 2014 Farm Bill with bipartisan congressional support, awarded a $1 million Seeding Solutions grant to University of California, Davis (UC Davis) to study the genetics of rice plants. Together with researchers at the University of North Carolina and collaborators, the team will develop and implement a chemistry-driven gene discovery approach to identify genes that modulate root traits.
  • Lytro could open source their light-field photo sharing platform
  • Lytro considering open source light field photo sharing platform
    Lytro is reportedly considering an open source solution after announcing it would no longer support its sharing platform for Lytro cameras’ ‘living images.’
  • When Waze Won't Help, Palestinians Make Their Own Maps
    If you want to drive the 15 or so miles from Jerusalem to the city of Jericho, in the Palestinian Territories, Google Maps will tell you: “Can’t find a way there.” Waze will issue a warning: “Caution: This destination is in a high risk area or is prohibited to Israelis by law.” If you press “Confirm Drive” nonetheless, the app will direct you, just not all the way. When you pass from Israel into the West Bank, part of the occupied Palestinian Territories, Waze’s directions simply end. To keep going, you need to change your setting to allow access to “high risk” areas. Even then, GPS coverage tends to be limited.
  • Using Gmail with OAUTH2 in Linux and on an ESP8266
    One of the tasks I dread is configuring a web server to send email correctly via Gmail. The simplest way of sending emails is SMTP, and there are a number of scripts out there that provide a simple method to send mail that way with a minimum of configuration. There’s even PHP mail(), although it’s less than reliable.
  • Simplicity Before Generality, Use Before Reuse
    A common problem in component frameworks, class libraries, foundation services, and other infrastructure code is that many are designed to be general purpose without reference to concrete applications. This leads to a dizzying array of options and possibilities that are often unused or misused — or just not useful. Generally, developers work on specific systems; specifically, the quest for unbounded generality rarely serves them well (if at all). The best route to generality is through understanding known, specific examples, focusing on their essence to find an essential common solution. Simplicity through experience rather than generality through guesswork.
  • What Ruby Needs
    Of all of the questions we receive at RedMonk, one of the most common concerns programming languages. Whether from members of a given community or a commercial entity, the desire is to better understand a given language’s trajectory and the context around it. Is it going up or down, and what are the reasons for that direction? And, of course: can that direction be meaningfully changed? Recently, we’ve received several such inquiries around Ruby. For those with an interest in the language, then, the following is a quick public summary of the answers we’ve been providing privately.
  • HTML 5.2 is done, HTML 5.3 is coming
    Today W3C releases HTML 5.2. This is the second revision of HTML5, following last year’s HTML 5.1 Recommendation. In 2014 we expressed a goal to produce a revision roughly every year; HTML 5.2 is a continuation of that commitment. This Recommendation like its predecessor provides an updated stable guide to what is HTML. In the past year there has been a significant cleanup of the specification. We have introduced some new features, and removed things that are no longer part of the modern Web Platform, or that never achieved broad interoperability. As always we have also fixed bugs in the specification, making sure it adapts to the changing reality of the Web. Many of the features added integrate other work done in W3C. The Payment Request API promises to make commerce on the Web far easier, reducing the risks of making a mistake or being caught by an unscrupulous operator. New security features such as Content Security Policy protect users more effectively, while new work incorporated from ARIA helps developers offer people with disabilities a good user experience of their applications.

Games: SteamOS Birthday, Best Linux Games of 2017, Finding Paradise

  • It's Been Four Years Since SteamOS Began Shipping With Not Much To Show
    It was four years ago this week that Valve began shipping SteamOS, their Debian-based Linux distribution intended for Steam Machines and those wanting a gaming-oriented Linux distribution. While Valve still technically maintains the SteamOS Linux distribution, the outlook at this point is rather bleak. For our coverage from four years ago when Valve began shipping SteamOS 1.0 based on Debian Wheezy, see SteamOS Compositor Details, Kernel Patches, Screenshots, Former NVIDIA, Microsoft Developers Doing Lots Of The SteamOS Work, and The First NVIDIA GeForce Benchmarks On The SteamOS Beta.
  • 7 Best Linux Games of 2017
    We take a look at the best Linux games of 2017, ranging from AAA titles to introspective indie hits. So park your gamepad, pop your feet up, and raise a glass of something socially acceptable to what’s been another terrific year for Tux fans with twitchy thumbs!
  • Finding Paradise Available Now for PC, Mac, and Linux
    Canadian indie game studio Freebird Games has released Finding Paradise, a spiritual successor to the studio's hit game To the Moon. You can check out the game's release date trailers below, the first being slightly less of a "serious" trailer:

OSS: Blockchain, Avast, Predictions, GreenKey

  • Startup Aims to Build Open-Source Telecom Ecosystem on Blockchain
    There are 2,000+ mobile network operations in charge of providing communication services at global scale. However, the traditional infrastructure is centralized, inflexible and inaccurate. Common services like 3G/4G, Wi-Fi, BOSS mobile communications solutions and companies that use cloud-based communications solutions are often unable to render accurate content billing and distribution. Conventional mobile packages overcharge customers, not to mention that they pose concerns around data transmissions. An alternative solution to average mobile network providers could be Blockchain technology.
  • Merry Xmas, fellow code nerds: Avast open-sources decompiler
    Malware hunting biz and nautical jargon Avast has released its machine-code decompiler RetDec as open source, in the hope of arming like-minded haters of bad bytes and other technically inclined sorts with better analytical tools. As discussed as the recent Botconf 2017 in France earlier this month, RetDec provides a way to turn machine code – binary executables – back into an approximation of the original source code.
  • 10 open source predictions for 2018
    With 2017 just about done and dusted, dozens of open source experts have polished their crystal balls and made predictions about what can be expected in the open source space in 2018. Now it's our turn. (With fingers firmly crossed) here are 10 open source trends that you may – or may not – see coming to the fore next year. Some are obvious, some are frivolous, and some could just change your life.
  • Stop Calling Everything "Open Source": What "Open Source" Really Means
    "Open source" is an exciting concept in the world of software and beyond. But it shouldn't be applied to contexts where it makes no sense.
  • GreenKey to join Symphony; open source voice software
    GreenKey, creator of patented voice software with integrated speech recognition designed for the financial markets, today announced the firm has joined the Symphony Software Foundation, a nonprofit organization fostering innovation in financial services through open source software (OSS).
  • GreenKey Joins the Symphony Software Foundation; Will Open Source Voice Software
    GreenKey, creator of patented voice software with integrated speech recognition designed for the financial markets, today announced the firm has joined the Symphony Software Foundation, a nonprofit organization fostering innovation in financial services through open source software (OSS). GreenKey will release a Community Edition of its voice software development kit (SDK) that will enable banks and other financial market firms to "voice enable" any web application.