Re: [SLUG] I told them . . .

From: Paul M Foster (paulf@quillandmouse.com)
Date: Sun Aug 01 2004 - 18:16:33 EDT


On Sun, Aug 01, 2004 at 03:12:48PM -0400, Robert Snyder wrote:

> God the usual MS bashing has started again.
>

And it will reappear from time to time as well. It is common on Linux
mailing lists, including this one. In fact, it appears to be common
among Windows users as well. The reasons are obvious. You should know
that by now.

<snip>

> I see problems in windows but I find more in them is all this extra bs.
>
> If i were to count bugs in all the extra bs in linux probably have a
> shit load of bugs too.

Most Linux exploits are in ancillary software, not the kernel. There are
some significant differences in the way this works in Linux versus the
way it works in Windows.

The code for Linux ("Linux" being the kernel and included programs) is
transparent. It can be fixed by you or anyone else, and in general is
repaired more promptly than code from Windows. In addition, the OS APIs
are well-known in Linux. Microsoft APIs are a mix of known and hidden.
And the vast majority of the software that runs on Windows is likewise
closed source. The best security experts in the world agree that Open
Source has a security edge simply because it is Open Source.

Microsoft has made a series of crucially bad security decisions which
have lead to the ease with which its software products can be exploited.
Moreover, Microsoft's core OS architecture was never designed with
security in mind. Putting it in after the fact has been less than
successful. Microsoft deserves to be castigated just for this.

Yes, it's true that Microsoft's ubiquity has lead to more exploits
than its next most popular challenger. But the point is made moot by
their horrible security design and closed source nature of their
software. People aren't bailing from Windows in droves in favor of Linux
because Windows is more secure than Linux. Just the opposite.

Most of the exploits exploited by hackers on Windows rely on Windows
programs, not necessarily the Windows kernel. The billions this has cost
business and home users can never be recovered from Microsoft, and is
one of the reasons people are switching to Linux. The original poster's
problem was a prime example of this. It wasn't a kernel problem with
Windows, but an exploit that arose out of Microsoft's atrocious security
model in Windows. And the answer that his Linux system couldn't be
exploited this way is an example of what Linux's better security
produces.

Linux's lower popularity leads to exploits found but never exploited.
This is the rule rather than the exception. Microsoft can't make that
statement about Windows.

Paul
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 14:12:38 EDT