Why open source code for me will always be better…
Microsoft is still saying that proprietary code is far more secure than open source….a crazy point of view
- If we follow M$ assumption: exposed code is vulnerable…
- On the other side linux code has always been exposed…
- Windows code has always been safely locked away (true for end user or developer not affiliate with M$)
The only conclusion to the point above is that #Linux contains more bugs/security problems than Windows.
But in real world, this conclusion is not realistic, since all webserver, and critical application are running under a UNIX system (Google #Linux, and look at the crazy uptime of the 50 first server (average uptime of the first site is 1567 days. That’s over four years!!!) running in the world on Netcraft: all are #Linux based)
For me it has to do with the quality of the code.
Linux is open for a long time (start in 1991, and based on Unix concept a lot more older) and so it has been hardened. M$’s code will be the opposite since the only model for security so far has been secret by obscurity (disastrous results as state by Kerckhoffs’ principle from the late 1880s) and influencing lawmakers to produce draconian laws to try to prevent anyone from considering trying to bypass the security. This has resulted in M$’s laxness in security that a few hyped media campaigns and a couple of code patches is not going to solve. Morever, since M$ can not beat Linux with code quality (at least not before 2-3 years), the concept of Patents has popup in Europe and outside America. These big company are not only trying to kill an utopy, it is like trying to close the mouth of all individual computer hobbyist all over the world. Imagine yourself in a world where an idea can be patented, what a disaster for innovation, since every technologic improvment is based more or less on what has been done before….
Some facts, easy to verify Yourself:
- Yes: It is possible TODAY to apply system/application/desktop patches to your machine without rebooting: Linux does it (except for kernel change)
- Yes. It is possible TODAY to remove all un-needed/un-wanted software from your machine (less code, less flaws, less security problems: see reduce surface of attack): Linux does it. A server can be configured with a graphical user interface, but do not need it to run. As an example Windows 2003 server is still containing and running in kernel space some dangerous program: Media Player and Internet Explorer just to name a few.
- Yes. It is possible TODAY to deinstall totally a software. Linux does it
- Yes it is possible TODAY to try Linux without hurting your computer: Knoppix and 130 others live Linux distributions are here to convince You
So do You need to switch now from windows to linux? NO, switch only for some good reasons, as there is still some open issues, mainly because a lot of company do not support Linux when they release drivers for their peripherals.
Remember, as in real life, it is not always the best companies, persons, or applications which wins, it is not because 90% of people use IE or M$, that it is the only browser choice. It is crazy but 400 years ago, all people were convince that the earth was flat….
if you are concerned by security, these sites are worth the visit:
Secunia – Security and Virus Information
Linux Exposed Security Solutions