June 9, 2003, 23:08
|
#1
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
May 2003 corp/gov't security breaches: Windows: 3,801 Linux: 19,208
Draw your own conclusions.
http://www.wininformant.com/Articles...rticleID=39231
Quote:
|
Linux Not as Secure as Windows Server
Curiously, this news will come as a surprise to some people, but according to a report from the security experts at mi2g, open-source poster child Linux is losing the security fight--big time--to Windows Server. Yes, you read that right: In May 2003 alone, Linux-based corporate and government systems experienced 19,208 successful breaches worldwide, whereas similarly oriented Microsoft Windows Server systems suffered only 3801 breaches. During this time period, more than 75 percent of all server-based breaches occurred on Linux systems; Windows systems were responsible for just 15 percent of breaches. Furthermore, the reports says that Windows-based systems were far more resilient than Linux-based systems during the Iraq war months from March to May 2003, a time of increased hacking activity. mi2g, which has been tracking server attacks since 1995, now oversees a database that contains more than 220,000 individual attacks and more than 7000 hacker groups. So why are Linux servers more easily compromised? The security experts quote several primary reasons: First, most Linux servers are improperly configured and don't come with decent default security configurations. Second, the open-source community doesn't have a coherent "trustworthy computing" initiative. Third, Linux is a target because of its increasing popularity in the server world. And, fourth, Frank Stallone. In other words, everything I've been saying about Windows, Linux, and security not only is true but is evolving in a wonderfully predictable way. Shouldn't we stop all the bogus "Windows isn't secure" baloney when a far less secure competitor is just waiting to be compromised?
|
|
|
|
|
June 9, 2003, 23:10
|
#2
|
PolyCast Thread Necromancer
Local Time: 03:18
Local Date: November 2, 2010
Join Date: Jul 2002
Location: We are all Asher now.
Posts: 1,437
|
Re: May 2003 corp/gov't security breaches: Windows: 3,801 Linux: 19,208
While it's probably true....You really should find a less-biased source
|
|
|
|
June 9, 2003, 23:12
|
#3
|
Warlord
Local Time: 23:18
Local Date: November 1, 2010
Join Date: Dec 2002
Posts: 234
|
Hackers have better taste in targets.
How many Linux servers vs Windows servers are there?
And what about Unix and other flavors of servers?
(Just to place it in some context)
|
|
|
|
June 9, 2003, 23:12
|
#4
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
__________________
"I'll never doubt you again when it comes to hockey, [Prince] Asher." - Guynemer
|
|
|
|
June 9, 2003, 23:14
|
#5
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
Okay.
First question - what is the source of said statistics?
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 9, 2003, 23:18
|
#6
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
Quote:
|
Originally posted by Edan
Hackers have better taste in targets.
How many Linux servers vs Windows servers are there?
And what about Unix and other flavors of servers?
(Just to place it in some context)
|
http://archive.infoworld.com/article...er.xml?s=IDGNS
Windows Server: 49%
Linux: 25.7%
Although other sources say differently:
|
|
|
|
June 9, 2003, 23:22
|
#7
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
And, of course, there's also this interesting bit from CERT: all current issues are Windows-related.
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 9, 2003, 23:23
|
#8
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
Nice attempt at a countertroll, but more glaring is how you're trying to sidestep the issue that, in reality, although Windows servers vastly outnumber Linux ones, Linux security breaches vastly outnumber Windows.
__________________
"I'll never doubt you again when it comes to hockey, [Prince] Asher." - Guynemer
|
|
|
|
June 9, 2003, 23:26
|
#9
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
Quote:
|
According to a new Aberdeen Group report, open-source solution Linux has surpassed Windows as the most vulnerable OS, contrary to the high-profile press Microsoft's security woes receive. Furthermore, the Aberdeen Group reports that more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions. The report muddles the argument that proprietary software such as Windows is inherently less secure than open solutions. And here's another blow to the status quo: Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period. Could Windows be the most secure mainstream OS available today?
"Open-source software, commonly used in many versions of Linux, UNIX, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers," the report reads. "Security advisories for open-source and Linux software accounted for 16 out of the 29 security advisories--about one of every two advisories--published for the first 10 months of 2002. During this same time, vulnerabilities affecting Microsoft products numbered seven, or about one in four of all advisories."
The stunning report makes several claims that seem to fly in the face of widely accepted beliefs. First, the Aberdeen Group says that Windows-based Trojan horse attacks peaked in 2001, when CERT released six such advisories, then bottomed out this year, when CERT didn't issue any alerts. However, Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002. The Aberdeen Group says this information proves that Linux and UNIX are just as prone to Trojan horse attacks as any other OS, despite press reports to the contrary, and that Mac OS X, which is based on UNIX, is also vulnerable to such attacks. Even more troubling, perhaps, is the use of open-source software in routers, Web servers, firewalls, and other Internet-connected solutions. The Aberdeen Group says that this situation sets up these devices and software products to be "infectious carriers" that intruders can easily usurp.
According to the Aberdeen Group, the open-source community's claim that it can fix security vulnerabilities more quickly than proprietary developers can means little. The group says that the open-source software and hardware solutions need more rigorous security testing before they're released to customers. This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain.
|
__________________
"I'll never doubt you again when it comes to hockey, [Prince] Asher." - Guynemer
|
|
|
|
June 9, 2003, 23:34
|
#10
|
King
Local Time: 00:18
Local Date: November 2, 2010
Join Date: Apr 2000
Location: Los Angeles
Posts: 1,886
|
Asher, you are so pro-microsoft you are starting to even scare me...
__________________
Lets face it. We flamiing queers have more appeal then Pat Robertson and other religious wackos. We have shows that are really growing in popularity. We have more channels (Q TV, Logo Channel). And we help people in their style issues (Queer Eye for the Straight Guy). The last thing I saw a religious preacher did was ask for $5 in a "generous pledge" to help his bank account in Zurich, erhm, some starving kids in Zimbabwe.
|
|
|
|
June 9, 2003, 23:36
|
#11
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
Just the facts, Fez, just the facts.
It annoys the hell out of me when Linux zealots run around saying everyone should switch to Linux because it's more secure.
Whoever's saying that obviously doesn't check for updates, my Linux partition gets about 30 security patches a week. (literally)
__________________
"I'll never doubt you again when it comes to hockey, [Prince] Asher." - Guynemer
|
|
|
|
June 9, 2003, 23:38
|
#12
|
King
Local Time: 00:18
Local Date: November 2, 2010
Join Date: Apr 2000
Location: Los Angeles
Posts: 1,886
|
Cute Asher.. very cute.. You really know how to clobber people with those things you call facts... Well you aren't as bad as MtG.
__________________
Lets face it. We flamiing queers have more appeal then Pat Robertson and other religious wackos. We have shows that are really growing in popularity. We have more channels (Q TV, Logo Channel). And we help people in their style issues (Queer Eye for the Straight Guy). The last thing I saw a religious preacher did was ask for $5 in a "generous pledge" to help his bank account in Zurich, erhm, some starving kids in Zimbabwe.
|
|
|
|
June 9, 2003, 23:44
|
#13
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
Quote:
|
Originally posted by Fez
Well you aren't as bad as MtG.
|
As good as, you mean.
By the time I get to be his age, I sure as hell hope I am.
|
|
|
|
June 10, 2003, 00:10
|
#14
|
King
Local Time: 00:18
Local Date: November 2, 2010
Join Date: Apr 2000
Location: Los Angeles
Posts: 1,886
|
__________________
Lets face it. We flamiing queers have more appeal then Pat Robertson and other religious wackos. We have shows that are really growing in popularity. We have more channels (Q TV, Logo Channel). And we help people in their style issues (Queer Eye for the Straight Guy). The last thing I saw a religious preacher did was ask for $5 in a "generous pledge" to help his bank account in Zurich, erhm, some starving kids in Zimbabwe.
|
|
|
|
June 10, 2003, 00:41
|
#15
|
Deity
Local Time: 23:18
Local Date: November 1, 2010
Join Date: Feb 2001
Posts: 21,822
|
linux sucks - it isn't Windows
you want a secure, efficient, powerful, RELIABLE OS? get windows XP
__________________
[Obama] is either a troll or has no ****ing clue how government works - GePap
Later amendments to the Constitution don't supersede earlier amendments - GePap
|
|
|
|
June 10, 2003, 01:13
|
#16
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
Quote:
|
Originally posted by Asher
Nice attempt at a countertroll, but more glaring is how you're trying to sidestep the issue that, in reality, although Windows servers vastly outnumber Linux ones, Linux security breaches vastly outnumber Windows.
|
In reality? As I said, we know nothing of how this statistic is derived, this, completely meaningless.
P.S. Oh yeah, the Aberdeen Group
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 10, 2003, 01:16
|
#17
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
Quote:
|
Originally posted by skywalker
linux sucks - it isn't Windows
you want a secure, efficient, powerful, RELIABLE OS? get windows XP
|
Such ignorance
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 10, 2003, 01:22
|
#18
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
Quote:
|
Furthermore, the Aberdeen Group reports that more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions.
|
Interestingly, an analysis of 2003 CERT advisories shows a different picture, yet Glonkie banish the new analysis with a wave of hand, but quotes the Aberdeen Group report to support his argument.
Talking about selective.
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 10, 2003, 03:32
|
#19
|
Emperor
Local Time: 22:18
Local Date: November 1, 2010
Join Date: Apr 1999
Location: The cities of Orly and Nowai
Posts: 4,228
|
linux is fun...
should everybody switch? no. but should people use it if they want? sure.
besides, it's not like i have anything a hacker wants. except plans for world domination, maybe.
__________________
B♭3
|
|
|
|
June 10, 2003, 03:34
|
#20
|
Deity
Local Time: 15:18
Local Date: November 2, 2010
Join Date: Nov 2001
Location: That's DR WhereItsAt...
Posts: 10,157
|
HEY! Let's be reasonable for a second.
There just are times you love the BSD.
Windows. For when you're too lazy to do anything else.
|
|
|
|
June 10, 2003, 03:48
|
#21
|
Apolyton Grand Executioner
Local Time: 19:18
Local Date: November 1, 2010
Join Date: Oct 1999
Location: Fenway Pahk
Posts: 1,755
|
Quote:
|
Originally posted by MrWhereItsAt
HEY! Let's be reasonable for a second.
There just are times you love the BSD.
Windows. For when you're too lazy to do anything else.
|
Yeah. Like those times when you figure out you're in business to make money, not to make some political statement out of choosing an obscure OS.
__________________
Bush-Cheney 2008. What's another amendment between friends?
*******
When all else fails, blame brown people. | Hire a teen, while they still know it all.
|
|
|
|
June 10, 2003, 03:49
|
#22
|
Apolyton Grand Executioner
Local Time: 19:18
Local Date: November 1, 2010
Join Date: Oct 1999
Location: Fenway Pahk
Posts: 1,755
|
Quote:
|
Originally posted by Asher
As good as, you mean.
By the time I get to be his age, I sure as hell hope I am.
|
You'd better be better by then.
__________________
Bush-Cheney 2008. What's another amendment between friends?
*******
When all else fails, blame brown people. | Hire a teen, while they still know it all.
|
|
|
|
June 10, 2003, 03:51
|
#23
|
Apolyton Grand Executioner
Local Time: 19:18
Local Date: November 1, 2010
Join Date: Oct 1999
Location: Fenway Pahk
Posts: 1,755
|
Quote:
|
Originally posted by Fez
Asher, you are so pro-microsoft you are starting to even scare me...
|
Asher's just the vocal advocate. Some of us are just taking our pro-MS positions to the bank.
__________________
Bush-Cheney 2008. What's another amendment between friends?
*******
When all else fails, blame brown people. | Hire a teen, while they still know it all.
|
|
|
|
June 10, 2003, 04:23
|
#24
|
Emperor
Local Time: 05:18
Local Date: November 2, 2010
Join Date: Nov 1999
Posts: 3,801
|
Quote:
|
Originally posted by skywalker
linux sucks - it isn't Windows
|
That arguement is as valid as...
Windows sucks because it doesn't have a cute penguin mascot and it's not invented by a Finn.
__________________
"Kids, don't listen to uncle Solver unless you want your parents to spank you." - Solver
|
|
|
|
June 10, 2003, 04:24
|
#25
|
King
Local Time: 06:18
Local Date: November 2, 2010
Join Date: Oct 1999
Location: Shireroth
Posts: 2,792
|
Quote:
|
Second, the open-source community doesn't have a coherent "trustworthy computing" initiative
|
Yes, we do. It's called OpenBSD . Honestly, although I only use Linux myself, I've become more and more positive towards the BSDs lately... and to do some finger-pointing, RedHat sucks ! I think they've never heard about the value of 1) using pristine sources (which tend to be less buggy than patched ones, especially if you write the patches yourself) and 2) disabling everything by default and letting the admins enable stuff as needed...
As for the study... well, I don't have the means to pay for it so I'll just have to wait for someone else to check its credibility... especially since there was no connection between what was said about the study at mi2g's site and what WinInfo reported...
|
|
|
|
June 10, 2003, 04:27
|
#26
|
King
Local Time: 04:18
Local Date: November 2, 2010
Join Date: Aug 1999
Location: Dilbert
Posts: 1,839
|
I honestly couldn't care less what OS people use, and I should imagine I speak for the vast majority of people.
|
|
|
|
June 10, 2003, 04:28
|
#27
|
Emperor
Local Time: 05:18
Local Date: November 2, 2010
Join Date: Nov 1999
Posts: 3,801
|
I wouldn't wonder if there has been some warm handshakes in the background between this Aberdeen Group and Microsoft, nor would I wonder if MS would own them.
Speaking of non partial statements, the FBI has issued several warnings regarding Windows products like Win XP and its UPnP support. Also NSA has clearly chosen Linux with its NSA Linux initiative. Let that speak for itself.
__________________
"Kids, don't listen to uncle Solver unless you want your parents to spank you." - Solver
|
|
|
|
June 10, 2003, 04:56
|
#28
|
King
Local Time: 19:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: You think you're better than me? You've been handling my ass pennies!!!
Posts: 1,101
|
I knew it was Frank Stallone's fault
__________________
"Luck's last match struck in the pouring down wind." - Chris Cornell, "Mindriot"
|
|
|
|
June 10, 2003, 05:51
|
#29
|
Deity
Local Time: 11:18
Local Date: November 2, 2010
Join Date: May 1999
Location: The City State of Noosphere, CPA special envoy
Posts: 14,606
|
Quote:
|
Originally posted by Asuka
I wouldn't wonder if there has been some warm handshakes in the background between this Aberdeen Group and Microsoft, nor would I wonder if MS would own them.
|
There were some massive controversies over the last Aberdeen Group study that Glonkie quoted. IIRC, the study was found to be funded by Microsoft. I will try to locate some sources.
__________________
(\__/) 07/07/1937 - Never forget
(='.'=) "Claims demand evidence; extraordinary claims demand extraordinary evidence." -- Carl Sagan
(")_(") "Starting the fire from within."
|
|
|
|
June 10, 2003, 09:01
|
#30
|
President of the OT
Local Time: 21:18
Local Date: November 1, 2010
Join Date: Nov 1999
Location: Calgary, Alberta
Posts: 40,843
|
UR...the "study" of the Aberdeen group consisted of someone looking at the CERT statistics and telling everyone what they were.
__________________
"I'll never doubt you again when it comes to hockey, [Prince] Asher." - Guynemer
|
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is On
|
|
|
All times are GMT -4. The time now is 23:18.
|
|