Bad Linux
Brian Cluff
plug-discuss@lists.PLUG.phoenix.az.us
Thu, 17 May 2001 15:50:50 -0700
> "Mean time to patch" meaning when a person applies the patch to the
> affected computer? If yes, I seriously question the "Windows: Overnight"
> statement. I even question it if it means to when the patch is available.
> Overnight is baloney, IMO.
The problem with comparing linux to windows is that places too often compare
windows itself with no apps on it to an entire distro where 98% of all the
security holes get patched within minutes and the other 5 percent are games
or something else that really doesn't matter all the much for a server and
the are either not being supported or just tell people it will be fixed in
the next version. Meanwhile it shows up on the numbers as never being
patched bringing the avarage of everything else down.
If you you compare windows against just a very stripped down version of
linux so that you have equal functionality on both sides, I would bet the
linux would come with flying colors, or compare a windows machine loaded
with all the server software and other programs and all the bugs and
security holes that machines has to an equivenent machine running linux and
the security holes that goes with that machine. I would bet that linux
still comes out on top.
It's really not fair when you have to factor in holes for multiple versions
of software that can't even run at the same time (sendmail, postfix,
wu-ftpd, proftpd... etc etc) that often come with a distro.
Plus the fact that the often lump all security holes found in all distro in
the "linux" catagory, often times counting the same security hole more than
once.
Brian Cluff