OS X, iOS and Linux have more vulnerabilities than Windows!!!!!

17 replies [Last post]
alimiracle
Offline
Joined: 01/18/2014

OS X, iOS and Linux have more vulnerabilities than Windows!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!
!!!!!
this idea makes me so crazy
http://betanews.com/2015/02/22/os-x-ios-and-linux-have-more-vulnerabilities-than-windows/

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

This startling fact comes from the National Vulnerability Database (described as the "US government repository of standards based vulnerability management data")..

I think you have your answer here alimiracle...
You always have to check the sources of information.

tomlukeywood
Offline
Joined: 12/05/2014

this may be true (though i don’t think its true)

but you have to remember as gnu/linux-libre is libre software
more vulnerability's will be discovered
Note the word Discovered

its a good thing if a vulnerability is discovered in a libre program
because it means people can fix it

if it were never discovered then how would it ever get fixed?

so the fact there are less vulnerability's discovered
in m$ windows may mean Micro$oft just don’t try and find them
or leave them open as a backdoor

onpon4
Offline
Joined: 05/30/2012

Or that Microsoft just fixes the vulnerabilities before they become known, and pretends they never existed.

I can't help but notice that Windows only shows having fewer "medium" and "low" vulnerabilities than "Linux" (not sure if that's referring to the kernel or GNU/Linux); in fact, the proportions don't make sense. If you take this at face value, Windows vulnerabilities are always really bad, and small ones just don't exist. The only way this can make sense is if Microsoft is just not publishing Windows vulnerabilities that haven't been discovered by someone else, and others tend to only discover the really bad ones (i.e. the ones they can most easily take advantage of).

In short, this is a piece of FUD that probably revolves around an incomplete vulnerability history. Don't trust it.

doolio
Offline
Joined: 12/31/2013

The table presented in the article lists it as the "Linux Kernel" ... hopefully that means they understand the difference.

davidnotcoulthard (not verified)
davidnotcoulthard

Might as well say that according to ISIS 99.99999999999999999999999999999% of law-abiding human beings practice Islam as practiced by ISIS.

Sadly the commenters on there don't know that.

davidnotcoulthard (not verified)
davidnotcoulthard

Oh, and which would one prefer? A 2nd-hand car with 10-powered-by-God-knows-what cosmetic problems or one that is prefect except that the brakes have all failed?

quantumgravity
Offline
Joined: 04/22/2013

And why is my gnu/linux system running safe and secure since 12 years now while every windows system of my friends and collegues is permanently fucked up with malware?
But if some random site on the internet states something different, then of course i have to be wrong...

davidnotcoulthard (not verified)
davidnotcoulthard

Especially if The Daily Mail then echoes the Internet article.

(In all fairness the article cited a rather authorative (if not always correct) site, only to then draw conclusions perhaps worse than what floppies are compared to HDDs capacity-wise)

doolio
Offline
Joined: 12/31/2013

Your comment reminds me of this issue of xkcd. Very funny.

https://www.xkcd.com/386/

danieru
Offline
Joined: 01/06/2013

> US government repository as source

of course Windows is more secure FOR THE GOVERNMENT than the
Linux kernel, with Windows it's more easy to spy citizens.

alimiracle
Offline
Joined: 01/18/2014

Windows is Closed Source
How We Knew our b this gaps?
Talk is not logical
all this malware
and thei tel
OS X, iOS and Linux have more vulnerabilities than Windows
hahaha
but I want
tel
Windows like Raccoon City

JaguarSoul87
Offline
Joined: 01/31/2015

Windows like Raccoon City

More like the Umbrella Corporation for that matter ;).

Any goverment source is full of crap, they are just trying to save their doomed to extintion, and so beloved back doors paradise OS.

jei
jei

I am a member!

Offline
Joined: 02/18/2015

You can't correlate something like the number of vulnerabilities recorded in a public database with a notion of being "more secure" or "less secure". And nobody (not the government, not Microsoft, not the Linux Foundation) says that, it's just a wrong conclusion by some "journalist". But you guys know that it's clickbait anyway, so why discuss this to begin with? (Also anecdotal evidence is equally worthless. Any personal GNU/Linux system not having security problems in decades is a thing you can be happy about, but nothing you can make general arguments with.)

marioxcc
Offline
Joined: 08/13/2014

The article is fallacious. It makes several assumptions, and among them, that the number of vulnerabilities listed in a public database is representative of an operating system security. To start with, since GNU/Linux is mostly free software, then it can be examined by security researchers easily, which is not the case with Windows. This implies that at the same level of security, GNU/Linux, other free software packages and mixed operating systems will have more discovered vulnerabilities.

Using the same fallacy, we could take any barely known toy cryptosystem and claim that it's more secure than AES, DES, RSA, CAST5, etcetera, since there are no known vulnerabilities for the toy cryptosystem while there are plenty of attacks for each of the established cryptosystems. However, as any cryptographer will tell you, that's not a sign of security. Cryptographic algorithms can only be trusted when they have received extensive scrutiny. With the current state of cryptography, this scrutiny will discover some vulnerabilities or potential vulnerabilities in the system. Most of the time, these vulnerabilities (called “attacks” in this context) will not impair the security of the system in practice (Furthermore, sometimes these attacks don't even apply to the algorithm being analyzed itself, but to a intentionally weakened version, or apply to the algorithm being analyzed). See for example Bruce Schneier Applied Cryptography.

The situation with software is similar. With the current state of software development, if software is analyzed, vulnerabilities will be discovered (That will become a thing of the past when programs are not only written, but mathematically proven correct to behave according to a specification (which is much less likely to be flawed, since it's usually simpler than the implementation)). Software which undergoes more scrutiny, such as important free software, compared to important proprietary software, will have more known vulnerabilities. This is factor that makes GNU/Linux more secure. See also full disclosure in the English language Wikipedia (but note that what Wikipedia states as a fact is driven mostly by popularity among a group, namely the authors of the so called “reliable sources” in its policy, hence you will find that GNU/Linux is an OS [...] which some call “GNU/Linux”).

Communication media of this style (wide-audience magazines, newsletters, etcetera) aren't a good source of information, especially technical information (information within the scope of technique, engineering and science). These media frequently exaggerate, and misinterpret the information from the underlying source. When reading popular media, I recommend to maintain a critical attitude.

Reading technical books is a much more effective, efficient an reliable way to acquire knowledge on a technical area.

HuangLao
Offline
Joined: 01/19/2014

Article is bunk.

One must consider that the most secure servers in the world all run GNU/linux. The US federal government mainly uses GNU/Linux, especially RHEL (RedHat Enterprise Linux), NSA uses RedHat, most of the worlds air traffic controllers are using GNU/Linux etc...Oh, by the way this also includes ISS (as in International Space Station) which uses Scientific GNU/Linux which is a spin of Fedora.

Seems more like Microsoft damage control.

Jodiendo
Offline
Joined: 01/09/2013

Indeed that is about other non-trisquel compatible software issues and comments based on events. but this forum should be under non-free software issues forum folder. Do we have that folder available? No we don't!

By Reading the community forum guidelines, Some of guidelines could be read and interpret very differently.
It is not specific and still vague with generalization. Thai is just my opinion, everyone else is entitled to their own.

All I'm asking is a little bit of reorganization with More alternative forum folders. It will be good For any user to post properly in their proper forums, as need it.

That will help, folder indexing and topic location, avoiding the over crowding of the main forum, it will help at the long run.

Everything has its rightful place. Yet, If the admins of this Trisquel website, don't mind non-related Trisquel topics to be place anywhere? Then is there headache, resources, time and money.

Specially, When downtime and maintenance schedules take longer from the normal.

This matter needs to be address properly.

Respectfully and don't scream at me. I'm all ears...

Watchingtheweasels
Offline
Joined: 09/05/2013

The biggest security vulnerability that Windows has is the from-the-factory back door access that has shipped with every version of Windows since before XP.