05.14.11

Windows is Getting Less Secure Over Time While GNU/Linux Grows Bigger

Posted in FUD, GNU/Linux, Microsoft, Security, Windows at 11:52 am by Dr. Roy Schestowitz

Another Linuxphobiafest from the Microsoft crowd

Summary: Patterns of FUD that has mostly died are returning to the corporate news, so we quickly rebut again

THE NUMBER of attack vectors is increasing when it comes to Microsoft Windows. There is no point denying the fact that a lot of the security problems we have today are caused by Windows. What remains for pundits to debate is whether market share is a factor.

There is that old comparison of platforms based on security criteria and this is a jar of worms that has not been opened in a while. GNU/Linux market share flamewars, even the GNU/Linux versus Windows security debate, have not made many headlines for months if not years. With The Register making some spurious remarks and some other sites following suit, the boring discussion is being reopened, so we’ll address it very quickly (without repeating points we covered before, hopefully).

It was only a few days ago that we wrote about Vista 7 insecurity, listing yet again some previous posts on the subject, such as:

1. Cybercrime Rises and Vista 7 is Already Open to Hijackers
2. Vista 7: Broken Apart Before Arrival
3. Department of Homeland Security ‘Poisoned’ by Microsoft; Vista 7 is Open to Hijackers Again
4. Vista 7 Security “Cannot be Fixed. It’s a Design Problem.”
5. Why Vista 7 Could be the Least Secure Operating System Ever
6. Journalists Suggest Banning Windows, Maybe Suing Microsoft Over DDoS Attacks
7. Vista 7 Vulnerable to Latest “Critical” Flaws
8. Vista 7 Seemingly Affected by Several More “Critical” Flaws This Month
9. Reason #1 to Avoid Vista 7: Insecurity
10. Vista 7 Left Hijackable Again (Almost a Monthly Recurrence)
11. Trend Micro: Vista 7 Less Secure Than Vista
12. Vista 7 Less Secure Than Predecessors? Remote BSoD Now Possible!
13. Vista 7 Unacceptable for Large Businesses and Windows XP Still Not Secure

Groklaw points out that “Microsoft downplays Server bug threat” by quoting:

Microsoft is downplaying the threat posed by one of the three bugs the company patched today, said security researchers.

The update in question, MS11-035, patches a single vulnerability in WINS (Windows Internet Name Service), a component in every supported edition of Windows Server, including Server 2003, 2008 and the newest, Server 2008 R2.

Attackers could exploit the WINS bug by crafting a malicious data packet, then shooting it at a vulnerable Windows Server box.

This is yet more evidence of Microsoft negligence [1, 2, 3].

When a company does not address known flaws, then it deserves no respect and no business. Microsoft also lies about the number of flaws because this helps the company game the numbers and make it look as though Red Hat, for example, makes a less secure operating system.

There is this new article with a tease headline that poses an allegation as a question. But it does quote some valid messengers, e.g.:

“Linux has been more widely deployed, which has certainly made it a bigger target to hackers in general,” said Charlie Belmer founder and CEO of security vendor Golem Technologies. “But in terms of overall security it is still far superior to Windows.”

Mr. Belmer has a point, unlike Mr. Ballmer.

Tony Bradley, who has been defending Microsoft for years in IDG, is upset by an article from his colleague, Katherine, who likes GNU/Linux. She wrote about issues relating to allegations of NSA back doors a few days ago and the Microsoft booster is of course upset. He admits that Vista 7 is not so secure. It is even less secure than its predecessors. He then defends his poorly-structured contention by pointing fingers elsewhere and spreading the “1% market share” slur about GNU/Linux. Towards the end he becomes the “But” troll to seem fair. How shallow and transparent!

This actually leads us to addressing the next piece of FUD which has returned. Some numbers that are presented in this new article confirm what we have said for years:

This chart reflects the relative popularity of Linux as a desktop OS in each country. It doesn’t mean that these countries have the most Linux users overall (which is more difficult to estimate correctly).

Statcounter measures things like referrals or sites that hand over logs, leading to statistical bias. Privacy correlates with GNU/Linux use. But anyway, the more important observation to make is that the English-speaking world is nowhere in sight. Tell this to all the English-centric ‘market share’ companies.

GNU/Linux does not have a 1% market share on the desktop. This might be true in the United States, whose population only accounts for about 5% of the whole world. Statistics-backed lies are not so uncommon and IDG pushes a lot of this lie, being a US-based company.

As some people will rightly show this month, there is a sharp GNU/Linux usage increase (relative) in Wikipedia recently (it is still English-centric). There is clearly something going on. Meanwhile, Google claims that only 20% of its employees use Windows and the company’s founder has harsh words for Microsoft. Google banned Windows for security reasons and its founder said that Windows is “torturing” users. Well played. As Mr. Pogson put it:

Sergey Brin of Google was quoted as stating that other OS and even GNU/Linux tortures users. I would take GNU/Linux any day because if you don’t want to manage it the darned thing just keeps running. I have set up machines that ran years without an update. Others have reported that forgotten machines kept running for many years.

There is already some damage control from Microsoft boosters like Gralla, who denies the truth. People do not choose Windows, they just buy a computer. Many are brought into a torture of malware and unreliability.

Speaking for myself, I have used the very same KDE session since March (no login screen since then). That’s how reliable GNU/Linux is today. KDE4 has become absolutely fantastic.

One of the best sites around, Dedoimedo (it is criminally under-subscribed to), has this new Great Linux World Map, which rather than name distributions (which mostly assemble parts) shows just what makes up the free operating systems. As the author put it:

Of course, I could not plaster every single distribution or Linux-related item onto the map, as it would clutter this precious work of art. You get old distributions and you get new distributions, you get big ones and small ones, popular and obscure, but not all of them. If you feel your Linux distribution has been neglected, it’s not out of malice, it’s just pure aesthetics. Finally, naturally, since this is a bold expedition unto humor, you should not take anything seriously, neither names, nor terms, nor shapes, nor phrases used. It’s all jolly good fun.

GNU/Linux is still poised to win on the desktop if only we have patience. Google is making some interesting moves right now with subsidies. Well, using Skype, Microsoft will probably make life harder for GNU/Linux users and Linux-powered phones (and just about any other user of the proprietary software). As Groklaw put it, “this means Skype gets less pleasant for users and Microsoft gets to track us? Thanks, but no thanks.”

In another context, argued Groklaw, “When that happens to you often enough, you stop using proprietary software.”

The front page of the official Ubuntu Web site still sports Skype. They will hopefully amend that soon as advertising proprietary software was never a bright idea. █

Permalink  Send this to a friend