Linux many errors 3 Windows? Verdict unfounded!

A recent US government study found that the number of security holes in the Linux / Unix open source operating system is three times that of the Windows operating system, not only criticized by the open source community, but also forcing it to Few security experts have to be skeptical.

2005 Security Security Newsletter published by the US government's Emergency Computer Response Team (CERT) last week, statistics show that among 5,198 vulnerabilities recorded, 812 is Windows, 2328 vulnerabilities belong to Linux / Unix and 2,058 bugs scattered in other systems.

Is it really dangerous to triple?

Reacting to this report, the NewsForge.com website confirmed that government data had "been mistaken", because many other independent reports before - of course, by non-open source organizations - all concluded that Windows is full of dangerous security vulnerabilities, easily exploited by hackers.

While the Windows vulnerability is only counted in XP, NT and 98 versions, the 2328 number is included in all from Solaris, AIX, HP-UX, BSD and Linux operating systems, along with 100 Different versions of this operating system Penguin.

" Calculating the total number of CERT vulnerabilities is odd. They put together all the vulnerabilities found in Unix and Linux together, while this number does not reflect anything about the security of an operating system alone. ", Joe Brockmeier, editor-in-chief of Linux.com reacted harshly.

Real risk and Data

For example, according to Joe, a vulnerability in the Mac OS X operating system cannot be applied to Linux or Unix, but the government report did not clarify this point. And yet, the Firefox browser is also included in the Linux platform, including all of its security holes in Linux, although in fact, it runs on many different operating systems.

And yet, according to Joe, CERT's research did not pay attention to the severity of the recorded vulnerabilities, as well as how long the company released the patch.

Graham Cluley, senior consultant of security firm Sophos, said that the severity of a vulnerability, as well as the number of exploited vulnerabilities, are the two most important criteria in assessing the safety of an operating system - not the above-mentioned "upper-middle-class".

" There are many riddled holes that do not mean that the operating system is less secure than the other operating system. It is important for people to see with a specific vulnerability, a large or small hacker exploitation level. " he said.

The majority of computer viruses and Trojans still target Windows operating systems only.

Windows - The "favorite" goal

Yankee Group analyst Andrew Jaquith said that the way of "counting" CERT-style software vulnerabilities is a superficial and superficial approach, because it is based only on the vulnerabilities that have been released. publish on the web only. "It cannot measure the security nature of that operating system, so it is inevitable that no conclusive conclusions can be made."

The Windows operating system, with its current popularity, is still a favorite target for hackers and malware-destroying software.

Unlike Microsoft, according to Joe, the Linux community takes a different approach to security: scouring existing vulnerabilities that exist in the system. And Microsoft, meanwhile, keeps its product source confidential and only reacts when notified of the problem.

" Information with public opinion is a good thing, but giving such information in an inconspicuous way will certainly confuse and misunderstand the nature of the problem, " Joe said.

Thien Y