PPRuNe Forums - View Single Post - The state of the computing industry
Thread: The state of the computing industry
View Single Post
Old 28th September 2004 | 15:18
  #3 (permalink)  
Evo
20 Anniversary
 
Joined: Sep 2002
Posts: 1,650
Likes: 0
From: Chichester, UK
Don't shoot the messenger - I was just quoting from the article

While I do agree with you, I also think people overstress the both the intrinsic security of Linux and the security problems of Windows. Linux is obviously not immune from bugs - just grab the Linux graphics library changelogs to see exactly the same kind of bugs as the one that has been exploited in Windows. They are fixed quickly, but actually doing anything about it "within hours" in practice involves recompiling something from sorce and is beyond all but fairly advanced users. I've had to do it a couple of times, and it's never been straightforward. For most people, it's a case of waiting for RedHat to build and repackage the fixes, and that can take a lot longer.

Many, if not most, of the recent widespread Windows problems have been perfectly avoidable - they involved well known problems where patches have been available for some time, and, more often than not, clicking on something to run it. Relatively few, I think, are simply from well-known but unpatched flaws - how many experienced Windows users get viruses, malware etc.? I've never had one, and (until I recently switched to Firefox) I was on the unholy Windows/IE/OE trinity. If it was so easy, then wouldn't I be seeing problems that I couldn't avoid?

The problem is really a social one - people don't maintain their computers - rather than a sofware one. The rapid response of the open-source community doesn't bring that much of a benefit if the patches aren't applied by the user. What I think is the main security advantage that Linux appears to have is just a result of it's very nature as an technophile's operating system: it's run by a more technical set of people, and they're more likely to configure a machine securely, and keep a machine patched when the updates appear. Move Linux into the mainstream and you're back to an mis-configured and unpatched operating system - just an open-source one, this time.

edit: that's not to say Windows is great - when Doom 3 has to have admin rights to run you know something is with your security architecture...
Evo is offline