On Fri, 2004-10-08 at 15:55, Matthew Miller wrote: > On Fri, Oct 08, 2004 at 02:32:02PM -0500, John Thompson wrote: > > exploits. If this were true, however, we would expect that in markets > > where Windows has less penetration -- e.g. internet severs, where > > Windows servers comprise ~40% of the market -- that Windows should only > > suffer ~40% of the exploits in this arena. That is not what we see, > > however: even with ~40% of the internet server market, Windows still > > suffers ~95% of the significant exploits. One can conclude from this > > that Windows is inherently less secure than other platforms. > > One can conclude all sorts of things. :) > > But the one you've picked doesn't necessarily follow. 95% of desktop share > might lead to increased incentive and ability to develop exploits, which > then _happen_ to also work when the same OS is used in other markets -- > leading to more exploits there than you would expect by looking at that > segment in a vacuum. > I agree. The big reason MS gets popped all the time is the fact that is has a majority of _desktops_. Not only that, but the legacy codebase for Windows is still rooted in the DOS days when it was 1 computer/1 user and no other connectivity except maybe sneakernet. This mindset alone is a hurdle Windows still has yet to overcome, even with the addition of Terminal Services. Linux's main advantage is that it's been built with 30-odd years of Unix legacy behind it without 30-odd years worth of legacy code. This is a Good Thing. The best of both worlds in my opinion. I've said before and I"ll say it again, if Microsoft wants to truly build a secure OS, it needs to start over. From the ground up and learn from it's mistakes with previous versions of Windows. Part of it's problem with fixing Internet Explorer is the fact it's codebase is so large. That and the fact it tries to be all things to all people. -------------------------------------- Mark Haney Network Administrator InterAct Public Safety Systems mhaney@xxxxxxxxxxxxxxx Fedora Core release 2 (Tettnang) Kernel: 2.6.8-1.521 GNU/Linux 15:56:48 up 8:15, 2 users, load average: 9.17, 9.24, 8.81
Attachment:
signature.asc
Description: This is a digitally signed message part
