Users login

Create an account »


Users login

Home » Hacking News » The Penguin bites back at Windows

The Penguin bites back at Windows

by Nikola Strahija on February 8th, 2002 Certain distros of the Linux operating system suffered more security vulnerabilities than Windows last year. Because all Linux distributions use the same kernel, figures cannot be aggregated for the open source OS.

According to the figures gathered from SecurityFocus's Bugtraq mailing list, mainstream Linux distros such as Mandrake 7.2, Red Hat 7.0 and Debian 2.2 had 33, 28 and 26 security vulnerabilities reported last year respectively.

This compares with a total of 24 security vulnerabilities reported for Windows 2000 - leading some commentators to argue that the Microsoft OS is more reliable than the least reliable Linux distros.

Bugtraq also reported that Solaris 7 and 8 tied with Redmond's score of 24 security bugs.

Neil Barrett, technical director at security consultancy Information Risk Management, said: "Nine times out of ten, hackers break into a site through an application vulnerability. It's almost always the application packages that cause the problems."

Tom Sightler, a senior network engineer, added: "With Linux distributions, the numbers do, in some cases, include vulnerabilities discovered in the OS, Sendmail, Apache, email clients, PostgreSQL, and hundreds of other programs that are included with the distribution."

Barrett said that when considering security vulnerabilities, you should always bear the applications in mind.

It is also possible that because Windows is based on closed source code, the number of bugs reported are only the ones we know about. And while avoiding the Microsoft conspiracy theory, more vulnerabilities may have been reported in Linux because of its open source nature.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »