____/ [H]omer on Sunday 01 July 2007 13:25 : \____
> Verily I say unto thee, that earlyblueberry@xxxxxxxxx spake thusly:
>
>> To be fair, both OS X and Linux are successfully hacked far less
>> frequently than Windows. One of the reasons, of course, is that
>> Windows is simply installed on more PCs
>
> .----
> | This reasoning backfires when one considers that Apache is by far
> | the most popular web server software on the Internet. According to
> | the September 2004 Netcraft web site survey, [1] 68% of web sites
> | run the Apache web server. Only 21% of web sites run Microsoft IIS.
> | If security problems boil down to the simple fact that malicious
> | hackers target the largest installed base, it follows that we
> | should see more worms, viruses, and other malware targeting Apache
> | and the underlying operating systems for Apache than for Windows
> | and IIS. Furthermore, we should see more successful attacks against
> | Apache than against IIS, since the implication of the myth is that
> | the problem is one of numbers, not vulnerabilities.
> `----
>
> http://www.theregister.co.uk/security/security_report_windows_vs_linux/#myth1
>
>
> A more recent analysis, by Google:
>
> "Compared to our sample of servers across the Internet, Microsoft IIS
> features twice as often (49% vs. 23%) as a malware distributing server."
>
> Based on a market share of Apache:66%, IIS:23%.
>
>
http://googleonlinesecurity.blogspot.com/2007/06/web-server-software-and-malware.html
>
>
> So ... IIS has one third the market share, but hosts twice the Malware.
To be padantic, the number was identical IIRC (overall), but the difference in
installed based spoke volumes. So it was something along the lines of "IIS is
twice as likely to host malware". Microsoft and its ilk chose to blame the
competence of Windows admins. I don't know if it's an excuse or a really
bad 'compliment'.
> Thurrott is just preaching the party line without engaging any
> braincells. The argument that "there's more Malware on Windows is
> because Windows is more ubiquitous" is an urban myth. *nix is just
> inherently more secure, or to be more precise, Windows is inherently
> insecure. Anyone who still doubts that by now is living in a fantasy land.
I think I mentioned this earlier in this particular thread (maybe a separate
one), but Thurrott is a very biased party. One needs to listen to independent
professionals who do not speak for their wallet/employer/affiliates.
--
~~ Best of wishes
Proprietary, lockin-based tools lead to regrets. Doc(umen)tor, heal thyself.
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
15:05:01 up 14 days, 20:33, 5 users, load average: 0.90, 1.37, 1.71
http://iuron.com - Open Source knowledge engine project
|
|
