Is Windows safer than Linux?

Windows+security=8,230 hits

http://news.google.com/news?hl=en&ned=us&ie=UTF-8&q=Windows%2Bs…

Linux+security=1,870 hits

http://news.google.com/news?hl=en&ned=us&ie=UTF-8&q=Linux%2Bsec…

BSD+security=62 hits

http://news.google.com/news?hl=en&ned=us&ie=UTF-8&q=BSD%2Bsecur…

Microsoft is starting to believe their own propaganda. They must not use their own products.

being a windows xp user i agree that xp has security holes but so does every software out there. but i do admit linux is a better more stable choice than xp is. however for longhorn it will be kind of interesting to see if ms learned their lessons based on their security experiences with xp and see if they start to build a stable and tight os right from the scratch…not unlike linux. seriously this is microsofts last chance. i am buying a mac system top of the line of course as soon as longhorn comes out and if it is a bigger pile of junk than xp already is. thats the line!

I’ve read somewhere that it is harder for non experienced people to secure a Unix like system then a Windows system.

That might have been true at some point, but recent Linux distros are very secure out of the box.

Forget SELinux, it only prevents unwanted users from breaking into your computer. The owner of the computer can still do almost what he anything he wants.

Windows is the first OS that is safe for the movie, music and software industry. By applying TCPA they can make sure unlicenced content and software ends up on computers of users they don’t trust.

The user will be safe too, the only thing they have to do is to trust Microsoft, thats why its called trusted computing.

The question is windows safer than any operating system!!!!

So, you want a comparision on application patches also. First there needs to be a list of actually used packages of both OS’ before that can be useful. Of the thousands of packages in a linux distro, how many are used? And of those that are not, how many dont have any known vulnerabilities because no one uses them. One of the biggest arguments I see is the malware/virus arguments. Malware/virus are written for the masses, regardless of your argument. As long as you install the patches they supply, you dont get the virus’ that use the vulnerablity. If you get any other virus, it is from pure social engineering. I will agree that you generally dont need to install patches on a linux machine as close to the release date of the patch as you do on windows, which is a plus. Oh yeah, and any server that gets malware should shoot their admin…who browses the web on a server. A typical hack of a windows server generally results from either users not being deleted that no longer should have access to the machine, or password cracking. Neither of these are OS vulnerabilites. The point here is, patches are necessary on any OS. Beyond that it is up to the user and admin to maintain common sense. The TCO of linux being cheaper is hard to compare. I still have yet to see anyone compare software cost, staff cost, user productivity cost, support cost, and disaster cost between two like companies (number of employees, salaries, and job function) using different platforms. That would be a little more conclusive..but only for that sort of company. Each industry is going to have better TCO with one or the other.

Ok – that isn’t _exactly_ a good comparison. But Windows _IS_ like Swiss cheese. Soft and full of holes. Even if Windows because a thousand times more secure overnight it would still pale in comparison to Linux.

How? Well, how many viruses do you hear about with Linux? How about SpyWare? How about open ports that shouldn’t be open by default. How about turn around from reported holes to patches for those few holes found in Linux compared to Windows?

The article is PURE PURE PURE FUD.

I’ve never worried about a Windows update mutating my box into a 6ft tall cyborg killing machine…with Linux I feel those wacky devs are just a few updates away

My Linux workstation IS a mutant 6ft tall cyborg killing machine! Mine!

Of course these fellas at MS are doing their job, and they have a very difficult job. They need to take an inherently insecure OS and do their darnedest to try and make it secure AND do so in a way that doesn’t kill all the apps out there that run on it at the same time.

But they do this kind of press to reassure the loyal middle management that authorizes volume purchases that the anti-MS messages out there are just noise. If they didn’t continually try and saturate the media with messages about security then people would start to defect in large numbers. This kind of message is intended to give hope to the loyal fans who are beleaguered by the din of the anti-MS crowd.

Nick McGrath, head of platform strategy for Microsoft in the UK has claimed that ‘Linux is not ready for mission critical computing.’

Really? Last time i read the Halloween documents Microsoft had different viewpoints on this *g*.

http://www.opensource.org/halloween/

Wow…yet another argument. I really don’t care or post in these but I just want to say.

It’s all opinion;

In terms of spyware and virus’s though, yes Linux is “safer”. I have never gotten virus’s or spyware that could lead to viru’s on my WinXP machines cause I know what I am doing. But with Linux I HAVE NEVER recieved anything at all…I am new to linux and very prone I guess I have only used various OS’s for the past 2 months and everything has worked fine. However…

Linux easy to use? Hell no…you need training or expierence or a lot of time to teach yourself. This is my response to all you guys saying Linux is easy in what not.

I barely figured out how to install anything…I NEVER got wireless working let alone Ethernet connection that was Stable. KDE is the dumbest Interface ever, GNOME is good.

Support? Yeah from a bunch of asses through IRC? They never help to much, I did from teh UBUNTU channel but my god everywhere else I was treated horribly because god forbid I never used Linux before but Windows all the time. If I needed help I could not get it instantly, and I don’t like going through pdf’s of faqs all day.

You mean that you might actually have to *educate* yourself a little to use a new system? That is perhaps the lamest, weakest argument I’ve ever heard in my life. If you seriously cannot at least hit the ground running *slowly* with fedora, ubuntu or suse, the problem is not with the software. It may be a new paradigm – not everything is in c: – but a weekend with a book and a little poking around on the net should be easily ample to at least have you doing email and surfing (99% of what 99% of people do).

Then again, I don’t imagine that any of us asses on IRC or Linux forums will miss another n00b kicking and screaming that his linux distro isn’t exactly like his beloved XP box.

As far as the article goes — it’s patently absurd. Linux has a lot of shortcomings, and WIndows does kick it’s ass in several arenas, but security is ~*not*~ one of them. No amount of spin-doctoring can make this so, and certainly not the strawmen that MS is building.

Funny, I hear this argument all the time, even among my IT friends. These same friends will spend hours and days figuring out the intricasies of the latest video game without complaint. (And just to make sure everyone understands, we’re in our early and mid-thirties, not high school kids, having grown up with PCs, Atari, etc.) However, when it comes time to hone their IT skills or examine something new, the complaints and excuses are myriad.

The truly sad part is that having Linux skills would likely boost their leverage during salary reviews, perhaps even add some job security (I mean, if you convince your boss to use Linux, you eliminate the competition from 90% of the current admin population), and open up other potential employment avenues (knowing Linux makes adapting to other Unix solutions so much easier, and running those old Unix systems is where you really rake in the bucks).

So, the “oh, it’s difficult” argument, at least among the kind of folks that read OSNews is pathetic, at best. If you want something as easy as those posts seem to indicate, flipping burgers at your local fast food joint might be more up your alley. Granted, windows is easy on the surface, but once a problem surfaces, it’s anything but simple to work with.

MS is using a classic play from their playbook.

Say whatever you want regardless of the truth, and if you repeat it enough, people will believe it.

It worked for Bush.

Surely if Red Hat have issued more security patches than Windows, that means Red Hat is better at finding, identifying and fixing bugs, and therefore is safer?

It is not really a level playing field to compare the Windows range of OS against the Linux range of OS.

“So Dave, are you telling us to move along or are YOU moving along. And why do we care?f”

Robert, FYI: this is what law enforcement says at accident scenes to help move the gappers along. In essence, Dave has implied that this is a brutal accident and in turn getting people not too gawk.

Its just a bit of hummor. Well, this humor is probably country specific (or not).

The ususal crap. Shut-up Microsoft..you know you suck.

-Nx

Who gives a smeg about Microsofts propaganda anyway these days?

ISA sound card support is totally not-there in seeming ANY linux distro. Sound card support for more modern PCI cards seems ok, but for any ISA card it is totally hit or miss.

That may be true, I wouldn’t know because I haven’t seen an ISA sound card in ages!

At some point, keeping compatibility for obsolete hardware seems more trouble than it’s worth…

If malware writers only find the holes in Windows after MS publicizes them along with the patches, why bother patching the OS at all? Why not keep everybody in the dark if it’s really not possible for outsiders to find holes in Windows?

works for michael moore as well. works for most politicians. your just pissed off that the other side did it better. (for the record, im a little L libertarian, and absolutely hated bush, kerry, nader, baderick, pretty much anyone who ran for presidency in 04, rush limbaugh, and michael moore)

Yes, it is. just like it is an opinion that windows is any better. In my opionion it isn’t and it really surprises me that people manages to get it to work, or perhaps they don’t.

How, does this make it different from Windows, MacOS-X or any other os for that matter. Modern OSes are quite complex. They are mostly built to be used in environments where you usually have trained sysadmins wiht a MSCE or something equivalent for other OSes.

I rather be treated like an idiot for free on IRC, than pay for it on the Microsoft support line. Your Linux guys usually tells you to read the manual, and often even gives you some direction before they are willing to answer your questions.

The Microsoft people tells you to shell out some money and uprade to the latest versions before they tell you that it is your own fault. And usually it is much more important to make sure that you are eligable for support than actually giving it.

A lot of malware today doesn’t erase your files. Instead, it will try to compromise your system – and it can do that much more easily if it has root/Amdministrator privileges. So, yeah, the “root/user divide” is pretty damn important!

Personally, I don’t worry about that too much. To me, the most dangerous thing in Windows, as far as malware is concerned, is the fact that you can make a file executable simply by giving it the right extension (i.e. .exe, .bat, .vbs, etc.). This is really bad from a security standpoint – especially when combined with flaws in IE or OE.

I don’t believe that Linux’s small market share is solely responsible for the fact that there is no malware for it. After all, its market share is 1/40th of Windows, yet Windows has 2,500 times more trojans, viruses and worms!

http://www.pcpro.co.uk/news/69136/microsoft-linux-is-not-ready-for-…

‘And it also enabled us to initiate some real discussions around security about why our platform is more secure than Open Source.’

McGrath pointed to research that showed Microsoft patched its vulnerabilities within 25 days on average compared with 57 days for the Open Source community. However, the Open Source camp has long pointed out that if you consider critical vulnerabilities, the picture is completely reversed.

McGrath conceded: ‘Yes, the level of criticality is important,’ but wondered whether, as a Linux customer, who to turn to if a hole was discovered. ‘Where’s the accountability?’ he asked. ‘If the community can’t fix it then that leaves them open to attack.’

He argued that the amount of money Microsoft is pouring into security gives it a far more secure, reliable and consistent product range.

Ok lets look at this a little less Microsoft Bias (possibly more Linux bias tho :S)

Who will Linux customers turn to? The developers?

Who will Microsoft customers turn to? Well first their wallets, then to Business people.. and the Business people will issue a report to the Developers.

What if the Linux Community can’t fix it? Who says Microsoft can? On both sides you have PEOPLE. on 1 side it’s all Professionals. On the other side you have both Professionals and Amateurs.

Does the Amateurs give you less of a secure feeling? It’s true that they have less experience. However every commit is seen and in a sense monitored by hundreds in the Community.

‘We’ve made serious investments to build dedicated teams of people. We have consistent Windows update services. Microsoft continues to take security as a number one priority. How do we do this? Because we can afford to pay people.’

So the only reason Microsoft has more security is because they can pay people? That sounds logical…………

http://www.techweb.com/wire/security/60300209

“Even with the relatively large number of bulletins we released this week, we compare favorably,” he said. “Year-to-date for 2005, Microsoft has fixed 15 vulnerabilities affecting Windows Server 2003. In the same time period, for just this year, Red Hat Enterprise Linux 3 users have had to patch 34 vulnerabilities and SuSE Enterprise Linux 9 users have had to patch over 78 vulnerabilities.”

I think it might be safe to say that Linux is at least fixing more problems then they are leaving open.

One however might argue that Microsoft has less to patch.

Linux has sucky hardware support, for example my wireless adaptors cannot run on Linux unless I jump some serious hoops

WiFi, imho, is quite a pipe dream. It works only if you ignore all security and dont try to secure it yourself by establishing a VPN connection over the top of it. We attempted this one time on a 22meg link and received dialup speeds accessing our own network. I wonder if i try this again on one of those SuperG thingy links if i’ll get adsl modem speeds?

They need to take an inherently insecure OS and do their darnedest to try and make it secure AND do so in a way that doesn’t kill all the apps out there that run on it at the same time.

What’s “inherently insecure” about Windows ?

Internet Explorer and the way it is setup.

Explain.

Active X on by default.

Active X is quite limited by default these days.

Users setup as Computer Administrators by default,

Minor configuration detail, easily changed. Hardly “inherent”.

the fact that a file can be made executable by changing the extension.

This one I’ll actually agree is a possible hole, although in real terms I don’t think it classifies as major (or “inherent” – it’s really just a shell behaviour and can be overridden by setting the “executable” file attribute).

Internet Explorer being integral to the Operating System(no internet browser should have this access).

IE runs in user space as the logged in user. It’s the same a KDE’s khtml. It doesn’t have any more “access” than any other application.

The default settings can be changed, but most users don’t know that they need to change these.

Easily-changed configuration settings are not “inherent” vulnerabilities, they’re configuration settings. Linux didn’t suddenly become “inherently insecure” because someone released a distro that defaulted to a root account for the user.

I use windows since 3.1 times… windows 95 had sum problems, they more or less solved them. Win98 more problems, they solve it. win98 SE was the best win till now (my opinion). win ME was the shamest OS on earth.

WinXP… they aint improoving their OS’s… more problems

nearly 50 mins to install…

Im sick of win… Sorry guys… I had my years to experience win… I bought mandrake, cuz in a very short amount of time it impressed me very much.

Windows cant astonish me anymore.

Goodbye Explorer

Philippe

Any doubts or coments http://groups.yahoo.com/group/linux_dot3

Actually there was some malware for MySQL not long ago, It attacked MySQL servers running on windows where the user had not set any passwords. So don’t tell me that opensource is more secure.

My Win9x OS’es run fine. I’ve never gotten zilch, and I run no anti anything. HOWEVER, the first thing I do is RIP out MSIEx. Then I replace Explorer with the Win95 Explorer. Don’t use wscript, activex, java (which I really hate), and several other Win OS junks I don’t like. I don’t use Outlook or any other Win web junks, nor do I use MSFT software other than the OS. Win98se can be whittled down to about 70-120MB’s, or less than 50MB’s if you use the Win95 (not OSR2!) explorer and other junks.

Nevertheless, I’m planning on moving some some flavor of Linux sometime. It’s just that I’ve gotten WinCRAP to run so well I’m getting lazy.