Reminder to Corporate Press: PHP is Not Linux

Dr. Roy Schestowitz

2013-12-03 14:31:54 UTC
Modified: 2013-12-03 14:31:54 UTC

Summary: Reporting on scare-mongering from Symantec mostly off target

A PHP worm is widely described in the press as a Linux problem, even though PHP runs on many platforms and flaws in PHP are not uncommon. The FUD comes from an insecurity firm, Symantec, which has history of hostility against GNU/Linux. This FUD has occupied the press in recent days. Here is an example from IDG. Somehow a PHP issue gets described as a "Linux worm" (usually in headlines, too) for many other writers to repeat without researching any further. If there is any issue associated with embedded devices (which cannot be patched easily, if at all), then don't blame Linux; embedded systems just happen to be an area reined by Linux and GNU. Windows would not have coped any better.

As Mr. Schneier helps remind us these days [1], proprietary software is a helluva lot worse than GNU/Linux, even if there were some security issues in particular combinations like Linux+PHP. Well, proprietary software is often designed with back doors, as Stuxnet helps remind us (Microsoft works closely with the NSA).

So, before bashing Linux over software that also runs on Windows (PHP) be sure to check which platform has vulnerabilities by design. The most disturbing fact is, nowadays it is common to call out "Linux" when there is some Linux-associated weakness but never call out Windows when only Windows is at fault (as in Stuxnet and NSA back doors).

PHP is rarely used on Windows because performance- and cost-wise Windows is a pile garbage; especially developers should realise this (some develop on Windows/Mac OS X but only ever deploy on GNU/Linux). Why pick on the operating system when the flaw is to some degree platform-agnostic? Maybe it was Symantec's malicious intention again. Symantec makes money from offering remedies to users of a back-doored operating system (like selling insurance for a soon-to-be-broken product). So ignore Symantec's sensationalism and those whom it bamboozled into parroting. ⬆

Related/contextual items from the news:

More on Stuxnet

Recent Techrights' Posts

IBM's CEO Roasted, Sizzled and Grilled for Dumb and Inconsistent Vapourware Promises: It looks like being a chronic liar is what it takes to lead the company once synonymous with computing
Who Imitates Who? Plagiarist as Client (From Microsoft), 'Plagiarism' at the Law Firm?: let's revisit the subject
Links 11/06/2025: More Vulnerabilities Found in 'Smart' Phones, China Extends Reach in the Pacific: Links for the day
Gemini Links 11/06/2025: Grain and Steam Next Fest: Links for the day
Links 11/06/2025: "Quantum" Hype From IBM, US Closer to Martial Law, and “The Nation” Celebrates Milestone: Links for the day
IBM's Goal Is Not (and Never Was) Computer Users' Freedom: More than 1.5 decades ago I found IBM to be an "ally of convenience" because of OpenDocument Format (ODF)
Wayland Shows the IBM/Red Hat Way of Doing Things: IBM is trying to 'kill' X
GitHub is Proprietary, Controlled by Microsoft, and GPL Violation Warehouse: "IRS tax filing software [will be] released to the people as free software" ... In general this is good news
Slopfarm Catastrophe: Seems like BetaNews (or BetaNoise) has just suffered a major data loss and restored the site from a week-old backup
Abuse Inside the Polish Patent Office (UPRP) - Part VIII: Illegal Working Conditions: How many people need to die for these people to get their massive salaries?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 10, 2025: IRC logs for Tuesday, June 10, 2025
Links 10/06/2025: Apple Hype and Physical Attacks on Bloggers: Links for the day
Gemini Links 10/06/2025: Loon Lake, Farming, and Forth: Links for the day
Links 10/06/2025: Jaws at 50 and US Democracy Crushed Very Rapidly (Martial Law Seems Imminent): Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VII: Washing Their Hands After Corruption and Abuse: "Tragedy or comedy?"
Culling Bad RSS Feeds of Bad Sites: Not throwing out the baby with the bathwater
If 'Microsoft v Techrights' is Dealt With by a 'Microsoft Court' (or a Court Outsourced to Microsoft): More on that later
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, June 09, 2025: IRC logs for Monday, June 09, 2025
Gemini Protocol Turns Six in 10 Days From Now: If you haven't tried it yet, then give it a go today
Live as You Preach: technology is fast becoming dysphoric
Gemini Links 09/06/2025: Addition Addiction and Nitride: Links for the day
Links 09/06/2025: Science, Hardware Projects, and Democracy Receding: Links for the day
Computers Got Smaller, So GNU/Linux Got Bigger: Many people here recognise the lack of urgency (or need) to get expensive new laptops
BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore: SS Fagioli is basically a parasite leeching off or exploiting other people's work
Links 09/06/2025: Chaos in Los Angeles and Hurricane Season: Links for the day
GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It: Microsoft is - and has long been - organised crime
They Say I'm Mr. Bombastic: They didn't take good lawyers
Links 09/06/2025: Windows TCO and Many Data Breaches: Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO: it's like a money-laundering operation where one politician rewards another at taxpayers' expense
Gemini Links 09/06/2025: Pipelines and Splitgate: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, June 08, 2025: IRC logs for Sunday, June 08, 2025