__/ [ William Poaster ] on Tuesday 06 June 2006 13:06 \__
> On Tue, 06 Jun 2006 05:42:02 +0100, Roy Schestowitz wrote:
>
>> ,----[ Quote ]
>> | People keep having this delusion that security is a product. That, if
>> | you just buy some magic box, you'll have a program or an operating
>> | system that's as secure as Fort Knox.
>> |
>> | [...]
>> |
>> | Some systems are more secure than others. Linux, as anyone who pays any
>> | attention to security news knows, is a lot more secure than Windows. If
>> | we were talking cars, Linux would be a Volvo S80 and Windows would be a
>> | Ford "Hit here to blow up" Pinto.
>> |
>> | [...]
>> |
>> | The same is true for applications. Are Firefox and Thunderbird safer
>> | than Internet Explorer and Outlook? Of course, they are. Does that mean
>> | you're safe using them without their latest patches? I don't think so!
>> `----
>>
>> http://www.linux-watch.com/news/NS4575571479.html
>
> AFAIK no one has said that linux is perfectly secure. However it's been
> proved time & again that it's far more secure than windows, even when
> it's unpatched. http://www.theinquirer.net/?article=20817
I believe that a rather famous reference is the following, which comes from
an authority figure in the field:
http://www.schneier.com/blog/archives/2005/01/linux_security_1.html
This points to a PDF file, of which he provides a quote/summary.
,----[ Quote ]
| Recent data from our honeynet sensor grid reveals that the average
| life expectancy to compromise for an unpatched Linux system has
| increased from 72 hours to 3 months. This means that a unpatched Linux
| system with commonly used configurations (such as server builds of RedHat
| 9.0 or Suse 6.2) have an online mean life expectancy of 3 months before
| being successfully compromised.
`----
Bruce adds: "This is much greater than that of Windows systems, which have
average life expectancies on the order of a few minutes."
> Of course, keeping up with patches/updates will help in keeping it secure
> &, unlike Winders, these can be checked in various linux newsgroups/
> mailing lists, & also in development mailing lists (if you wish) to see
> how others have fared before you apply it to your distro.
> Linux users know that any vulnerablities are quickly fixed, & in some
> cases (in my experience) are fixed before a notification that such a
> problem exists is issued.
Yes, you beat me to the menstioning of the frequency of patches and the speed
at which they are prepared and delivered. This helps the sysadmin sleep much
better at night.
Best wishes,
Roy
--
Roy S. Schestowitz | #ff0000 Hot Chilli Peppers
http://Schestowitz.com | GNU is Not UNIX ¦ PGP-Key: 0x74572E8E
1:50pm up 39 days 19:23, 11 users, load average: 2.80, 2.88, 2.93
http://iuron.com - proposing a non-profit search engine
|
|
