"THE" reason why M$ O/S are not so secure

[ThePreacher]

Originally posted by oblio
Now the question is since when has linux been a 'very secure' os.

never?
I get security advisories from SuSE almost daily.

http://www.securityfocus.com/cgi-bin...or&which=title

http://www.securityfocus.com/cgi-bin...or&which=title

http://www.securityfocus.com/cgi-bin...r&which=vendor

http://www.securityfocus.com/cgi-bin...r&which=vendor

*** http://www.securityfocus.com/cgi-bin...r&which=vendor

http://www.securityfocus.com/cgi-bin...or&which=title

http://www.securityfocus.com/cgi-bin...or&which=title

oblio, I agree with you, Linux does not offer perfect security either, but I can't name a single OS that has absolutely no holes or security problems. As for security in comparison to a windows product, I believe that the lateset kernel of linux is more secure than most of the microsoft software products available. People are beginning to realize that they have to give up ease of use for security. Why do you think that microsoft has a firewall prepackaged with XP. They take a small step in the right direction with different logins for each user, but how about root permissions. How about before being able to delete necessary system files or programs or making major system changes, a root password must be entered. How about free upgrade CD's sent out to everyone who bought their OS that included all the patches and security fixes. Another thing, before they make a new version of a product they should look at all the security problems in the old version and fix them. Ive seen the same problem occur in several different versions of IE.

[antihaxor]

Oblio has a good point....but I have to agree with the Preacher. Linux does have security concerns..however the open source nature of it lets these concerns be detected and addressed in a much more timely fashion. Just try to get your hands on some windows source code and you will see what I mean.

[Focmaester]

Linux is safe, not secure.
Look at Alldas, the statisitics indicate that Windows is no 1 being attacked and Linux on the 2nd place.
OpenBSD on the other hand has better security. Solaris is nice but noy secure as well.

[ThePreacher]

Originally posted by Focmaester
Linux is safe, not secure.
Look at Alldas, the statisitics indicate that Windows is no 1 being attacked and Linux on the 2nd place.
OpenBSD on the other hand has better security. Solaris is nice but noy secure as well.

The more people who use an OS, the more security problems will arise. Since Linux and Windows are both widely used, its obvious that a lot of security flaws are in the spotlight. However, fewer security flaws for a less used OS like BeOS are out there. Linux is more secure, but nothing is 100%.

[Focmaester]

Originally posted by ThePreacher


The more people who use an OS, the more security problems will arise. Since Linux and Windows are both widely used, its obvious that a lot of security flaws are in the spotlight. However, fewer security flaws for a less used OS like BeOS are out there. Linux is more secure, but nothing is 100%.

Not only that, there are a lot of dirty virusses and trojans out there that can xploit *nix/linux systems.
But kiddies don't know a lot about Linux (yet) in order to cause more damage then there is now. Who knows what is yet to come.

[THEJRC]

aaaaayyy now....

VB is all over M$ products, I did not mean to imply that M$ is based on VB.... was simply noticing that quite a number of the flaws happen to be exploits on that particular language...

as far as ANYTHING being secure.... just look at how TCP/IP was exploited (SYN flooding, etc.) nothings perfect.... IMHO operating systems such as BSD, Solaris, and HP-UX are more solid simply because of their age, it takes time to find holes, and more time to patch holes.... and we continue to find holes even in those OSes that have been around... Linux does have a large amount of holes as well... its also young. The blame for such risks shouldnt be place on the OS however....

If I lose data from any of my servers, whether Suse, Solaris, BSD, or NT based.... its my butt.... an administrators job is to watch for exploits, updates, bugs, and proactively reduce the damage factor. I can honestly say I spend more time backing up and patching than anything else.... but when I do it right.... I dont need to do anything else.

just my opinion though I'm a tool user, I use multiple platforms for multiple tasks, and I do my best to make sure they all stay as stable as possible regardless of how I feel about the manufacturer

JRC

[Tenaga]

I would have to agree that the degree of user friendliness contributes the amount of insecurity in OSes. Linux is a more complicated OS and not as many people mess with it because of the complications and the fact that everyone uses Windows. Now, everyone uses Windows because it is more popular, it is user friendly, and it already has many people using its earlier versions. The so-called script kiddies would most likely attack the people using the OS that is more well known because it grants them access to a larger variety of users.

[oblio]

the term script kiddie was created in reference to the drones on linux running simple off the shelf code. Security focus claims 9/10 blackhats use linux

[s0nIc]

well M$ does have a point..

check this thread out...


http://www.antionline.com/showthread...hreadid=135948

this shows why M$ cant make their products very secure..

[Vorlin]

I think the ideal situation would be for M$ to release the source code for windows (like THAT will ever happen) you could then go about plugging the holes yourself like you can with freeBSD. Iwas hoping that the anti trust case against M$ would force them to go "open source" but alas...NOT

1: if they released the "source code", because of the way they've acted about it the past few years, nobody would believe it and ask for "the real source code". I know I wouldn't believe 100% that it would be the source code for anything MS released.

2: yes, I fully believe that if they released Win95's source code (version A), it'd take about 6 months to strip the bugs out and cut the codebase down to probably 1/4 of what it started out. That's what Open Source is all about and yet these MS fscknuts don't realize that. We don't care about 'stealing' the code so much as we want it to be stable and do what it says it's supposed to do.

3: I think the source code for Windows is supposed to be released after the JFK assassination documents are supposed to be released (wasn't that supposed be in 2000?)...HAH, I'll just not wait.