Reminder to Corporate Press: PHP is Not Linux

Dr. Roy Schestowitz

2013-12-03 14:31:54 UTC
Modified: 2013-12-03 14:31:54 UTC

Summary: Reporting on scare-mongering from Symantec mostly off target

A PHP worm is widely described in the press as a Linux problem, even though PHP runs on many platforms and flaws in PHP are not uncommon. The FUD comes from an insecurity firm, Symantec, which has history of hostility against GNU/Linux. This FUD has occupied the press in recent days. Here is an example from IDG. Somehow a PHP issue gets described as a "Linux worm" (usually in headlines, too) for many other writers to repeat without researching any further. If there is any issue associated with embedded devices (which cannot be patched easily, if at all), then don't blame Linux; embedded systems just happen to be an area reined by Linux and GNU. Windows would not have coped any better.

As Mr. Schneier helps remind us these days [1], proprietary software is a helluva lot worse than GNU/Linux, even if there were some security issues in particular combinations like Linux+PHP. Well, proprietary software is often designed with back doors, as Stuxnet helps remind us (Microsoft works closely with the NSA).

So, before bashing Linux over software that also runs on Windows (PHP) be sure to check which platform has vulnerabilities by design. The most disturbing fact is, nowadays it is common to call out "Linux" when there is some Linux-associated weakness but never call out Windows when only Windows is at fault (as in Stuxnet and NSA back doors).

PHP is rarely used on Windows because performance- and cost-wise Windows is a pile garbage; especially developers should realise this (some develop on Windows/Mac OS X but only ever deploy on GNU/Linux). Why pick on the operating system when the flaw is to some degree platform-agnostic? Maybe it was Symantec's malicious intention again. Symantec makes money from offering remedies to users of a back-doored operating system (like selling insurance for a soon-to-be-broken product). So ignore Symantec's sensationalism and those whom it bamboozled into parroting. ⬆

Related/contextual items from the news:

More on Stuxnet

Recent Techrights' Posts

KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term): It only serves to distract from real articles
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?: This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users: Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading: Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month: Two more doctorate degrees
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024: IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language: Links for the day
Growing Older and Signs of the Site's Maturity: The EPO material remains our top priority
Links 20/11/2024: Politics, Toolkits, and Gemini Journals: Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles: Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites: Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More: Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban: Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP: Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia: Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk: Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West: Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West: Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024: IRC logs for Tuesday, November 19, 2024
Links 19/11/2024: War on Cables?: Links for the day
Gemini Links 19/11/2024: Private Journals Online and Spirituality: Links for the day
Drew's Development Mailing Lists and Patches to 'Refine' His Attack Pieces Against the FSF's Founder: Way to bury oneself in one's own grave...
The Free Software Foundation is Looking to Raise Nearly Half a Million Dollars by Year's End: And it really needs the money, unlike the EFF which sits on a humongous pile of oligarchs' and GAFAM cash
What IBMers Say About IBM Causing IBMers to Resign (by Making Life Hard/Impossible) and Why Red Hat Was a Waste of Money to Buy: partnering with GAFAM
In Some Countries, Desktop/Laptop Usage Has Fallen to the Point Where Microsoft and Windows (and Intel) Barely Matter Anymore: Microsoft is the next Intel basically
[Meme] The Web Wasn't Always Proprietary Computer Programs Disguised as 'Web Pages': The Web is getting worse each year
Re-de-centralisation Should Be Our Goal: Put the users in charge, not governments and corporations in charge of users
Gemini Links 19/11/2024: Rain Music, ClockworkPi DevTerm, and More: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 18, 2024: IRC logs for Monday, November 18, 2024