|Linux security is a 'myth', claims Microsoft|
Linux security is a 'myth', claims Microsoft [vnunet.com]
A senior Microsoft executive has dismissed Linux's reputation as a secure platform as a "myth", claiming that the open source development process creates fundamental security problems.
This is directed at the corporate IT customer to re-enforce their worst fear:
"Don't buy Linux ...it's not supported by a big stable company like Microsoft!"
How come it's only Microsoft that thinks this?
but it's true..Linux is no more secure then any other system ..and he raises a good point..
When it is exploited who is the responsible party?
Hard to convince Corporate entities to use a system where it is difficult to assign responsiblity too and even if you could assign responsibility ..those parties really have no money or assets that the agrieved party could go after.
What's new are the Firefox numbers and more importantly, even our lil' ol' secretary that can hardly wield a mouse now has the perception that IE is bad medicine. Windows is next.
|but it's true..Linux is no more secure then any other system ..and he raises a good point.. |
When it is exploited who is the responsible party?
I really want to see MAC OS take off. Microsoft's market share is not good for consumers.
Yesterday I said:
|I really want to see MAC OS take off. Microsoft's market share is not good for consumers. |
I know that Apple's MAC OS is based on UNIX. I know that UNIX is Open Source. But isn't someone responsible for the UNIX kernel, isn't it some US university?
Sorry People I think I'm going mad here?
If UNIX is Open Source then that means the UNIX Kernel is also Open Source as there both the same?
|I know that Apple's MAC OS is based on UNIX. I know that UNIX is Open Source. But isn't someone responsible for the UNIX kernel, isn't it some US university? |
OS X is built on top of Darwin, which is based on 4.4BSD, which is a Unix variant created by the University of California at Berkeley.
I don't know if Berkley actually still maintains BSD- they probably do.
BSD came in to existence because AT&T started licensing Unix I believe.
This question is never left alone for a considerable amount of time...
With a capable systems administrator, both linux and windows are secure!
Linux has the advantages of cost! You have to license almost everything under windows.
Support is not that big a deal, I don't recall requiring that much (paid) support for linux or windows servers.
<There are fundamental things missing. For example, there is no single development environment for Linux as there is for Microsoft, neither is there a single sign-on system.>
Heheh.. those are pros, not cons :-).
<but it's true..Linux is no more secure then any other system>
What are you basing that on? Obviously this has a lot to do with how the system is built, but it is historically true that Windows is easier to break than Linux (this also matches my own personal experience).
<..and he raises a good point..
When it is exploited who is the responsible party?>
When you're talking about the security of a system, placing blame really is the last thing you're worried about. The most important thing is fixing the problem; or as open-source software has proven it's good at, not having the problem in the first place.
The process for finding bugs in close-source applications is trial and error of users. This is a very slow process, and new bugs (and exploits) are slowly discovered over the life of the product.
The process for finding bugs in open-source applications is by releasing the source code to the community and allowing it to be examined by many others (the same way that an author would turn their writings over to several others to be proof-read); plus trial and error by users.
The latter method is much more effective, and this is the main reason (there are a couple of others) that Linux is more secure than Windows.
<I know that UNIX is Open Source. But isn't someone responsible for the UNIX kernel, isn't it some US university?>
Unix is not open-source.
<With a capable systems administrator, both linux and windows are secure!>
I agree that this is likely the biggest factor in security. However, once System Admin A has properly setup Windows, he will continue to spend a decent amount of his time making sure the system is functioning properly and securely. Once System Admin B has properly setup Linux, he can generally leave that system alone and move off to other projects. It will still require updates, just not nearly as frequently since most updates are for very minor fixes. Rarely are there critical patches that need to be applied.
|but it's true..Linux is no more secure then any other system |
I can download the source for linux and audit the sources to see if there are shoddy program practices leaving gaping holes for hackers if I so desire......
Anyone download source for any version of Windows lately?
They should put up or shut up....
I remember a networking deal we (the MS competitor from Cambridge, heard of them?) were trying to land in the early 90s, some big sale to New Zealand, huge. To the customer MS claimed our product caused their flaky LAN Manager to lock up, so we spent 3 weeks in the lab and determined that even Program Manager could lock up LAN Man. in the event of a networking fault. Sent the results to the potential customer, and MS sheepishly admitted we were correct and lost the sale.
THE TRUTH SHALL SET YOU FREE!
<I can download the source for linux and audit the sources to see if there are shoddy program practices leaving gaping holes for hackers if I so desire......>
And just before anyone tries to make the argument "The average person isn't going to download the source code and examine it," (trying to cut this one off at the pass).
The average person doesn't need to.. the many geeks around the world that do it are sufficient. If there are any such issues, they'll be happy to tell the rest of the world.
There are several open-source pieces of software that have historically been buggy (I won't name any names), and people know it.. because those that look at the source code inform those that don't look at the source code.
|"We are increasingly seeing that the biggest challenges in the marketplace are less for Microsoft and more in the Unix space. Customers are moving away from Risc to Intel as the price performance ratio is compelling" |
Well well. What a surprise. Is it possible that consumers are starting to realize that they only really need a processor operating at about 400MHz? As processor speeds increase, this simple fact will get lost in the PR, but there is absolutely no argument that a RISC system computes orders of magnitude faster than a CISC system (read: Intel). But consumers just don't need it. Period. (Note to all of you Mac fans, graphic artists and filmmakers: you're not normal consumers! :)
I'm really looking forward to Intel's new marketing campaign, "Made for Linux". Oh wait ... that'll never happen as long as "Made for Windows" makes them such a tidy profit ... so maybe Linux is operating well in a biased architecture?
So how does the MS product compare to the 'Nix product on a CISC system? Even MS's own numbers show Debian to be on par or faster than any MS product in even the most rigorous test (genetic sequence mapping). Apple's tests show the same thing. This is the result even though the MS tests ran on "Made for Windows" architectures and Apple's tests ran their RISC architecture against a Linux installation on CISC "Made for Windows" architectures.
|The credibility of Linux in the enterprise is beginning to suffer, according to McGrath |
At least HE has an opinion. I wonder if it's based on reality outside of Red One?
|"A lot of customers have got trials and pilots of Linux, but are holding back Linux deployment into the mainstream because the operating system does not have the solution stack that they were expecting" |
Ahh, the "solution stack." Meaning that because there's no drop-the-cd-in solution to handle ActiveX apps or other MS-centric software, and because the market has been dominated by MS for so long (how many software companies could afford to issue Linux-only apps, compared to MS-only app developers?) the software pile for Linux is, in fact, smaller than the MS pile. So he's right on this one ... IF the companies' expectations are just to replace ALL of their existing MS apps with Linux alternatives.
What's held my company back is a massively complicated MSAccess database that would literally take a year of concerted effort to convert to mySQL or some other db system, due to the b******t way Access handles queries and relationships. Other than that single database, everything we need to communicate, word-process, surf, or whatever is readily available for no licensing fee in Linuxspace. Believe me ... I'm working on that d**n database.
I'm a huge Linux fan, I've been using it exclusively at my home for over 8 years, and all of my company's servers are Linux (except the one that hosts that d**n db ... our only remaining NT box) ... but let me ask y'all:
When MS puts out some drivel like that, it's so easy to scoff at them.
When some Linux firm puts out similar drivel, do you nod your head and say a quiet "amen"?
The proof is in the pudding. Admins have the responsibility to make sure their networks are doing what they need to do, whether it's with Linux or MS. If Linux is working for you, great. If MS is working for you, great.
(I can't resist) But you MS guys should really take a look at what "working FOR you" can mean by loading up a Linux box in your network and seeing what you can learn from it. It's different, and probably more geeky than what you are used to. But the security (yes, I said security) will amaze you, and make you take a second look at your NT systems in a new way: how to make them HALF as secure as the Linux box. Plus, you'll be all set to apply for that Linux admin job when the bottom falls out and MS becomes the scourge of the free world due to that one massive security hole that none of the iconoclastic MS developers squirrelled away in Red One noticed ... a hole similar to those noticed and patched by the Open Source community in the Linux environment, every day.