Linux/Unix Vulnerabilities Outnumber Windows' 3 To 1

GEC: Discuss gaming, computers and electronics and venture into the bizarre world of STGODs.

Moderator: Thanas

Post Reply
User avatar
Dominus Atheos
Sith Marauder
Posts: 3904
Joined: 2005-09-15 09:41pm
Location: Portland, Oregon

Linux/Unix Vulnerabilities Outnumber Windows' 3 To 1

Post by Dominus Atheos »

InformationWeek wrote:Linux and Unix, including the Mac, had 2,328 vulnerabilities last year, compared with 812 vulnerabilities for Microsoft Windows, according to the U.S. government's computer security group.

Tallies kept by the U.S. government's computer security group show that Linux and Unix operating systems faced nearly three times the number of vulnerabilities in 2005 than did Microsoft's often-maligned Windows.

In the US-CERT (United Stated Computer Emergency Readiness Team) year-end vulnerability summary, Linux/Unix accounted for a whopping 2,328 vulnerabilities, about 45 percent of the 5,198 total.

Windows, on the other hand, sported just 812 vulnerabilities during the year, said US-CERT, or 16 percent of the total.

Another 2,058 vulnerabilities affected more than one operating system.

Although US-CERT didn't break out Mac vulnerabilities in a separate category, the Linux/Unix section listed more than 25 attributed to the Apple Computer operating system.

The end-of-year vulnerability score should be taken with a grain of salt, however, since US-CERT doesn't filter out updates (so one actual vulnerability can be counted numerous times) nor does it break out individual vulnerabilities from warnings that cover multiple bugs (as in the many Mac OS X vulnerability listings).
Suck it, Linux geeks!

Sorry about the above comment, I just hang around at Slashdot way to much, and they piss me off.
Top
User avatar
Durandal
Bile-Driven Hate Machine
Posts: 17927
Joined: 2002-07-03 06:26pm
Location: Silicon Valley, CA
Contact:
Contact Durandal

Post by Durandal »

This is a far cry from the whole story. If, for example, Mac OS X suffered from an SSH vulnerability, it's not exactly a huge deal since SSH is off by default. Whereas, if there's a Samba vulnerability in Windows, it becomes a conduit for a worm almost immediately, since Samba is on by default.
Damien Sorresso

"Ever see what them computa bitchez do to numbas? It ain't natural. Numbas ain't supposed to be code, they supposed to quantify shit."
- The Onion
Top
User avatar
Pu-239
Sith Marauder
Posts: 4727
Joined: 2002-10-21 08:44am
Location: Fake Virginia

Post by Pu-239 »

Plus distros tend to include a lot of desktop applications that on the windows side aren't really considered part of Windows.

ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer


George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Top
User avatar
Pu-239
Sith Marauder
Posts: 4727
Joined: 2002-10-21 08:44am
Location: Fake Virginia

Post by Pu-239 »

http://it.slashdot.org/comments.pl?sid= ... d=14397492 is interesting..

ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer


George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Top
User avatar
Xon
Sith Acolyte
Posts: 6206
Joined: 2002-07-16 06:12am
Location: Western Australia

Post by Xon »

But at the same time it can take multpule patches to close the one vulnerability.
"Okay, I'll have the truth with a side order of clarity." ~ Dr. Daniel Jackson.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
Top
User avatar
Darth Wong
Sith Lord
Sith Lord
Posts: 70028
Joined: 2002-07-03 12:25am
Location: Toronto, Canada
Contact:
Contact Darth Wong

Post by Darth Wong »

The fact that phpBB exploits are listed as Linux-only exploits EVEN THOUGH PHPBB RUNS ON BOTH WINDOWS AND LINUX is a good indicator of the worthlessness of this assessment.
Image
"It's not evil for God to do it. Or for someone to do it at God's command."- Jonathan Boyd on baby-killing

"you guys are fascinated with the use of those "rules of logic" to the extent that you don't really want to discussus anything."- GC

"I do not believe Russian Roulette is a stupid act" - Embracer of Darkness

"Viagra commercials appear to save lives" - tharkûn on US health care.

http://www.stardestroyer.net/Mike/RantMode/Blurbs.html
Top
Miles Teg
Padawan Learner
Posts: 300
Joined: 2002-07-21 06:11pm

Re: Linux/Unix Vulnerabilities Outnumber Windows' 3 To 1

Post by Miles Teg »

Darth Atheos wrote:
InformationWeek wrote:Linux and Unix, including the Mac, had 2,328 vulnerabilities last year, compared with 812 vulnerabilities for Microsoft Windows, according to the U.S. government's computer security group.

Tallies kept by the U.S. government's computer security group show that Linux and Unix operating systems faced nearly three times the number of vulnerabilities in 2005 than did Microsoft's often-maligned Windows.

In the US-CERT (United Stated Computer Emergency Readiness Team) year-end vulnerability summary, Linux/Unix accounted for a whopping 2,328 vulnerabilities, about 45 percent of the 5,198 total.

Windows, on the other hand, sported just 812 vulnerabilities during the year, said US-CERT, or 16 percent of the total.

Another 2,058 vulnerabilities affected more than one operating system.

Although US-CERT didn't break out Mac vulnerabilities in a separate category, the Linux/Unix section listed more than 25 attributed to the Apple Computer operating system.

The end-of-year vulnerability score should be taken with a grain of salt, however, since US-CERT doesn't filter out updates (so one actual vulnerability can be counted numerous times) nor does it break out individual vulnerabilities from warnings that cover multiple bugs (as in the many Mac OS X vulnerability listings).
Suck it, Linux geeks!

Sorry about the above comment, I just hang around at Slashdot way to much, and they piss me off.
I'm not impressed. Even a cursory glance at that page should tell you why the numbers stack up as they do.

Several Points:

* Windows is one operating system, while the Unix/Linux category includes at least these distinct UNIX style codebases: HP-UX, AIX, Darwin, Linux, Solaris, SCO UNIX, and BSD.

* (Related to point one) This list contains vulnerabilities for several different Linux and BSD distributions, including but not limited to: SuSE, Redhat, NetBSD, OpenBSD, FreeBSD, etc. The UNIX/Linux list appears to list each vulerability multiple times when an app is distributed by/runs on all of the above UNIX systems and distributions.

* The amount of software for Linux systems that comes bundled with the various distributions is several times the amount of software bundled with Windows (perhaps even an order of magnitiude or two). The list of vulns under "Multiple Operating Systems" only appears to include items that are cross platform.

It's pretty clear this is a worthless POS.
Miles Teg
Now I am become death -- the shatterer of worlds...
-- Oppenheimer 1945
Top
Post Reply

Return to “Gaming, Electronics and Computers”