> The only reason Microsoft OS' are perceived as being so insecure > (well, they do have their faults) are because of the large installed > base. When a vulnerability is found, because of all the machines > running it, the impact is felt more.
I don't suppose anything like CodeRed comes to mind and the myriad variants thereof... > Nobody would claim that *nix operating systems have no security > vulnerabilities at all. When a Linux flaw is found, it circulates among > the Linux admins, but the press doesn't bother creating the media > stir because, who cares, Linux has a small installed base (I'm just > saying what the press would be thinking). Nobody sane would claim that anything connected to the open Internet is unbreakable. But Unix gets pretty close (OpenBSD comes to mind -- and it's not just because it comes packaged with everything turned off). The Open Source community, in my humble opinion, has been known to release security patches within four hours. I don't think the same could be said of Microsoft who -- just recently, btw -- released a certified Windows update that screwed up network connectivity for 600,000+ users. And this is from a company that claimed Open Source doesn't work because they don't have the funding for R&D or quality assurance. Right. > But, just like a good Linux admin can take steps to protect their > system from unknown flaws, like by removing components they > don't actually need, good Windows admins can do the same, > and have been for years. I think this argument is comparing apples and oranges. You're taking a toy operating system (Windows) and comparing it to something that was designed to run in a mission critical environment (*nix) and even less than perfect hardware (think back to the 70's). Between Microsoft and Unix developers, you have two conflicting schools of thought. On the one hand, the developers focus on a monolithic do-all design that results in huge binaries and hundreds of thousands of lines of bug-infested code. On the other, you have the developers who write small tools designed for a specific task (qmail comes to mind). Less code = fewer bugs. This is probably why the security conscious tend to disable MTAs like sendmail... But again, I'm looking at my cheesy copy of Outlook Express while I write this and another thought comes to mind. Perhaps the happy-go-lucky clickable interface makes screwing something important up much easier. In UNIX, if you don't know what your doing, you're more likely to either have nothing work because you can't fix it -- or because you were stupid enough to listen to the BOFH in the cube next door who said, "Yeah, to get super-user privs, just type rm -rf /" Go figure... ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
