On Wed, Jun 25, 2003 at 09:31:08AM -0700, Chris W. Parker wrote: > Please list for me reasons why you believe (or know for a fact) that > Linux is more secure than our current setup. Let's assume two > different situations: 1. Out of the box with a standard install,
I don't know that it is. You must stay up to date or stay off the internet. Things might cool down in a few years (I think security holes are being fixed faster than they are being made). > 2. Standard install, fully patched. 1. Open code. What's public is more likely to be examined, and security holes publicized and fixed. Open source people seem to care about security. MS mostly just talks about security, and only recently at that. There are lots of examples of companies told about security problems, ignoring (or even threatening) the messenger, until that is, the problem is publicized. 2. Open code. Source code that might be looked at by other programers (particularly the kernel itself) will be higher quality in the first place (can you say embarrassment?) than will compile-sell-and-forget proprietary code. 3. There is no marketing department in most open source projects to drive mis-features for features sake, mis-features that compromise security. When marketing does promote security it is frequently snake-oil solutions when most security holes are simply bugs, and marketing never really cares about bugs--just the biggest bugs. 4. More information and control available to you in how you configure things. 5. To have decent security you have to learn a little something about security yourself. If you do Linux you know you have to learn something. If you do MS you might think there is a "Do what you are supposed to and Bill will take care of you."-solution. There isn't, but the fact that MS fights your taking responsibility leaves you little choice. -kb, the Kent who thinks firewalls are inappropriately popular because MS gives users so little alternative. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
