• Welcome to Computer Association of SIUE - Forums.
 

Study: Linux' Security Problems Outstrip Microsoft's

Started by Michael Kennedy, 2002-11-16T13:05:07-06:00 (Saturday)

Previous topic - Next topic
Print
Go Down Pages1
User actions

Michael Kennedy

2002-11-16T13:05:07-06:00 (Saturday)
Gee, I wonder who funded this "research"?

QuoteOpen source software has surpassed Microsoft (Nasdaq: MSFT)  software in terms of security  problems, according to an Aberdeen
Group report.

"Open source software, commonly used in many versions of Linux, Unix, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers," the report stated.

The research cited a list of advisories published by the Computer Emergency Response Team (CERT), a federally funded research and development center operated by Carnegie Mellon University.

The CERT  report claims that security alerts for open source  and Linux software accounted for 16 out of the 29 advisories published during the first 10 months of 2002. During those same 10 months, only seven security problems were documented in Microsoft products.

Full Story: http://www.newsfactor.com/perl/story/19996.html

It sounds very pro Microsoft, but is also kinda a dumbass thing to write.  Apparently, they think open source is less secure because the WHOLE COMMUNITY has more security flaws than one company.  Good logic there, guys...
"If it ain't busted, don't fix it" is a very sound principal and remains so despite the fact that I have slavishly ignored it all my life. --Douglas Adams, "Salmon of Doubt"

Stiffler

Re:
#1
2002-11-16T21:36:45-06:00 (Saturday)
It said that only 7 were reported on a Windows system, that's because there were ONLY 7 Windows systems for that task. hehe

Jon
Retired webmaster of CAOS.

Victor Cardona

Re:
#2
2002-11-17T15:51:03-06:00 (Sunday)
Yes because Linux, Apache, OpenSSH, Sendmail, WSFTPd, and all the other major free software projects have security flaws then they must be less secure than Windows :-)

Victor

William Grim

Re:
#3
2002-11-17T19:21:19-06:00 (Sunday)
I don't know about you, but some of those security problems are the fault of administrators themselves.  Although, I'm sure that some of the problems do in fact stem from some open source software.

However, the CERT choosing such a broad topic as "Open Source Software" is sort of absurd.  That kind of labelling means _ALL_ BSD/GPL'd software; it's not like you have to use send[crap]mail or WS[I've got security problems]FTPd.  You can run stuff like qmail and proftpd.  And as far as I know, Apache only had one serious bug as of late (don't remember what it was called though, but either way, it was fixed damn fast, unlike MS' speed of problem solving).

I think that if we look at the proprietary nature of CLOSED-SOURCE SOFTWARE, we'll find many more holes overall.  Open Source just encompasses SO MUCH more software than MS does.

Okay, I'm finished ranting.
William Grim
IT Associate, Morgan Stanley
Print
Go Up Pages1
User actions