[Coco] OT: Ballmergram - Linux TCO

[John R. Hogerhuis]

On Thu, 2004-10-28 at 21:49, Jim Cox wrote:

> While I am not defending M$ in any way, a lot of "experts" 
> state that once Linux gains a big enough share of the 
> market, it too will see an increase in attacks.

This is true. Redhat however, now ships with firewall running and
enabled, just as Windows should have done a long time ago (now it does
with SP2, I believe).

When folks ask me why their Windows box keeps crashing, I say because
you don't listen to me; when you get a broadband connection, plonk down
$50 for a IP sharing router + firewall. Of course, don't run ANYTHING
untrusted from the Internet. Oh, and remember that no bank will EVER
send an email to you asking you to verify your details...

There is nothing magic about Linux security. Like Windows, most
components of a GNU/Linux system are written in C. Given the fact that
programmers are not perfect, that means there are security holes. Why is
Linux considered more secure than Windows? Mainly because windows is a
bigger target. Also, however, Microsoft made a concerted effort to make
the Internet a seamless experience. Click and run... given the fact that
most users run their systems as admin user, that's just plain unsafe at
any speed...

>   Unlike 
> Windows, Linux should have a quicker response to security 
> issues.
> 

Well, it certainly happens. It depends on the subsystem. The kernel
(Linux) certainly sees quick vulnerability fixes. However, if you are
using Oddball Application X that one guy maintains in his spare time,
and 2 other people use it, you may not get quick fixes.

The big difference in Free and Open Source software is that you have the
code. If there is a problem and you really need a piece of software to
work, you can hire a programmer off the street to fix it, whether a
vendor supports it or not.

If you are paying for support, as with Redhat, you may be able to get
the vendor to fix it.

> -Jim