Linux security - a continuing joke

So you want to replace Windows systems with Linux. You. Have. Got. To. Be. Joking!

Security on Linux and Unix is a joke - it makes Windows look like Fort Knox in comparison!

Just look at them: Unix was released in 1976 and has been used in servers for more than 20 years - BUT IT STILL GETS BUG REPORTS, sometimes down to the kernel. IBM security used to be pretty good until AIX came along, but look in CERT and there's now hundreds of reports about AIX. And Linux, son of Unix, is as bug-ridden as its parent.

They've had more than 25 years to get Unix working properly BUT THE BUGS ARE STILL BEING FOUND! (Is the problem the operating system or the language it is written in? I've never figured that out.)

Windows was released in latter half of 1980's and has only recently attempted to move into servers. (That's about 3 years as a server system compared to 15 by Unix.) Sure Windows is not terribly secure but it is making a lot of progress. It is 10 years younger than Unix but right now Windows XP is looking a darn sight more secure than Unix-Linux.

And sure Windows has bugs, but few are now in the kernel; most are in the applications. The same can't be said for Unix-Linux. Comparing the state of system security and the amount of time that the systems have been in general use, it's clear - Windows wins hands-down!

Don't get me wrong; I am not a fan of Windows and Microsoft. I don't like their licensing policy; I don't really like the overblown products. I don't like their way of fixing bugs - their policy started as upgrade-to-fix (aka. "buy-a-bug-fix") and the recent SQL looked like instructions for flatpack furniture - using tool T3 insert piece G8 into slot C9 with grommet H23… you get the picture.

The OpenVMS community often says that VMS security now is where windows security is wants to be in 5 years. Guess what? Windows security now is where Linux should be trying to be in less than 5 years. Judging by their progress over what is nearly 30 years, just how much time will Linux/Unix need to catch up with an operating system that is about 10 years younger than them?

Given a choice I'd run with OpenVMS. Now that is a secure operating system! Too bad that it didn't get to the desktop. Too bad that nothing much else did either. Too bad we get lumped with Windows.

Windows has too many bugs, sure, but almost all the bugs are in the Microsoft applications; I know, Internet Explorer has had more bugs than a summer evening!

By virtue of the fact that there's a Windows box on almost every desk - and usually internet-connected at that - it is a favourite target of the virus writers and there's a lot of publicity every time a bug or virus appears. BUT IT STILL BEATS LINUX HANDS DOWN!

Linux-Unix is as buggy as a kindergarten in winter, and not just in the applications. Just take a look in any security-tracking database and you'll find vulnerabilities everywhere, right down to the kernel or just as bad, the middleware that talks to the web. And just don't forget that Linux and Unix bugs might be spread across several manufacturers and for Linux there might be no manufacturer as such.

Riddle me this Batman: if every piece of Linux source code had stacks of AP's poring over it and thoroughly checking it, how come people are still finding security-bugs and, more to the point, how do those bugs get in there in the first place?

The big push this year is for Linux on the desktop. Thanks but no thanks!

I'd rather have security-bugs in applications, and viruses that just email all kinds of garbage around the web from my copy of Outlook, than have security-bugs in the kernel of my operating system.

Can you imagine what kind of damage kernel-level security-bugs can do to your system? Now spread that across hundreds, thousands, millions of desktop systems and it's really gonna be a nightmare.

When you can give me something BETTER than Windows I'll look at it. Don't worry about being cheap. (Linux might be free but to me it's the kind of free that a prisoner feels when he walks out an unlocked door.) Get me "better"!

Linux - you want to be in the big world? You know what you've got to do.

Name, email address supplied