Security: Unpatched and Doing Fine?
It's been a year since the Honeynet project published the results of their study, which concluded that Linux systems can last much longer than Windows systems unpatched on the Internet. I am sure that to some extent this remains true, but I wonder when I see things such as statistics that claim the highest percentage of attacks are seen on Linux systems and the number two reason they are attacked is because they are unpatched.
This has long been a sore spot for me in the Linux world, not because Linux systems are "unsafe", but because patching (not just for enterprises, but even for home users) on Linux is a pain. Some versions are easier than others, but simply trying to get the patches and ensure that you don't break anything is usually a challenge. And I don't see it getting easier, either.
Just to prove my point, I took a gander at some patching methods for several different platforms: