* MOST UNSECURE OS? YEP, IT'S LINUX:
According to a new Aberdeen Group report, open-source solution
Linux has surpassed Windows as the most vulnerable OS, contrary to the
high-profile press Microsoft's security woes receive. Furthermore, the
Aberdeen Group reports that more than 50 percent of all security
advisories that CERT issued in the first 10 months of 2002 were for
Linux and other open-source software solutions. The report muddles the
argument that proprietary software such as Windows is inherently less
secure than open solutions. And here's another blow to the status quo:
Proprietary UNIX solutions were responsible for just as many security
advisories as Linux in the same time period. Could Windows be the most
secure mainstream OS available today?
"Open-source software, commonly used in many versions of Linux, UNIX,
and network routing equipment, is now the major source of elevated
security vulnerabilities for IT buyers," the report reads. "Security
advisories for open-source and Linux software accounted for 16 out of
the 29 security advisories--about one of every two
advisories--published for the first 10 months of 2002. During this
same time, vulnerabilities affecting Microsoft products numbered
seven, or about one in four of all advisories."
The stunning report makes several claims that seem to fly in the face
of widely accepted beliefs. First, the Aberdeen Group says that
Windows-based Trojan horse attacks peaked in 2001, when CERT released
six such advisories, then bottomed out this year, when CERT didn't
issue any alerts. However, Trojan horse-based attacks on Linux, UNIX,
and open-source projects jumped from one in 2001 to two in 2002. The
Aberdeen Group says this information proves that Linux and UNIX are
just as prone to Trojan horse attacks as any other OS, despite press
reports to the contrary, and that Mac OS X, which is based on UNIX, is
also vulnerable to such attacks. Even more troubling, perhaps, is the
use of open-source software in routers, Web servers, firewalls, and
other Internet-connected solutions. The Aberdeen Group says that this
situation sets up these devices and software products to be
"infectious carriers" that intruders can easily usurp.
According to the Aberdeen Group, the open-source community's claim
that it can fix security vulnerabilities more quickly than proprietary
developers can means little. The group says that the open-source
software and hardware solutions need more rigorous security testing
before they're released to customers. This statement is particularly
problematic because many Linux distributions lack the sophisticated
automatic-update technologies modern Windows versions contain.
We can rail against Microsoft and its security policies, but far more
people and systems use Microsoft's software than the competition's
software. I believe that we'll never know how secure Linux is,
compared with Windows, until a comparable number of people and systems
use Linux. But despite the fact that Linux isn't as prevalent as
Windows, we're still seeing a dramatic increase in Linux security
advisories today. I think the conclusion is obvious.
Full Version: Aberdeen Group Reports..!
I'm not sure if you want me to respond to this in some way, or not...
I haven't read the report myself so all I can say is what I've heard from others and that is:
They counted the same problem several times... like once for RedHat, once for Debian, once for SuSE and once for Mandrake... that is four times although it was the same problem affecting all those distributions. ( the problem in question her is a problem with OpenSSH)
They compared OpenSource, which is quite a lot of products, with Windows which is only an operating system. Some of the security advisories are also for "very small usergroup products".
And of the security holes actually there only a few where "remote holes".
As I said I haven't read the report myself but this is what I have heard from friends of mine.
/LinuxSam
I haven't read the report myself so all I can say is what I've heard from others and that is:
They counted the same problem several times... like once for RedHat, once for Debian, once for SuSE and once for Mandrake... that is four times although it was the same problem affecting all those distributions. ( the problem in question her is a problem with OpenSSH)
They compared OpenSource, which is quite a lot of products, with Windows which is only an operating system. Some of the security advisories are also for "very small usergroup products".
And of the security holes actually there only a few where "remote holes".
As I said I haven't read the report myself but this is what I have heard from friends of mine.
/LinuxSam
To Have U Respond...... not really Sam.
Helll, I don't think the Aberdeen Group likes anyone cos they talk wildly about all platforms....LOL.
I'd like to add that the basic idea behind open source is very simple. When programmers can read, redistribute, and modify the source code for a piece of software, the software evolves. People improve it, people adapt it, people fix bugs. And this can happen at a speed that, if one is used to the slow pace of conventional software development, seems astonishing.
We in the open source community have learned that this rapid evolutionary process produces better software than the traditional closed model, in which only a very few programmers can see the source and everybody else must blindly use an opaque block of bits.
Open Source Initiative exists to make this case to the commercial world.
Open source software is an idea whose time has finally come. For twenty years it has been building momentum in the technical cultures that built the Internet and the World Wide Web. Now it's breaking out into the commercial world, and that's changing all the rules. Are you ready for Linux?
I've enjoyed what little experience i've had with Linux....
Helll, I don't think the Aberdeen Group likes anyone cos they talk wildly about all platforms....LOL.
I'd like to add that the basic idea behind open source is very simple. When programmers can read, redistribute, and modify the source code for a piece of software, the software evolves. People improve it, people adapt it, people fix bugs. And this can happen at a speed that, if one is used to the slow pace of conventional software development, seems astonishing.
We in the open source community have learned that this rapid evolutionary process produces better software than the traditional closed model, in which only a very few programmers can see the source and everybody else must blindly use an opaque block of bits.
Open Source Initiative exists to make this case to the commercial world.
Open source software is an idea whose time has finally come. For twenty years it has been building momentum in the technical cultures that built the Internet and the World Wide Web. Now it's breaking out into the commercial world, and that's changing all the rules. Are you ready for Linux?
I've enjoyed what little experience i've had with Linux....
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.