Bonum Certa Men Certa

Reminder to Corporate Press: PHP is Not Linux

PHP



Summary: Reporting on scare-mongering from Symantec mostly off target

A PHP worm is widely described in the press as a Linux problem, even though PHP runs on many platforms and flaws in PHP are not uncommon. The FUD comes from an insecurity firm, Symantec, which has history of hostility against GNU/Linux. This FUD has occupied the press in recent days. Here is an example from IDG. Somehow a PHP issue gets described as a "Linux worm" (usually in headlines, too) for many other writers to repeat without researching any further. If there is any issue associated with embedded devices (which cannot be patched easily, if at all), then don't blame Linux; embedded systems just happen to be an area reined by Linux and GNU. Windows would not have coped any better.



As Mr. Schneier helps remind us these days [1], proprietary software is a helluva lot worse than GNU/Linux, even if there were some security issues in particular combinations like Linux+PHP. Well, proprietary software is often designed with back doors, as Stuxnet helps remind us (Microsoft works closely with the NSA).

So, before bashing Linux over software that also runs on Windows (PHP) be sure to check which platform has vulnerabilities by design. The most disturbing fact is, nowadays it is common to call out "Linux" when there is some Linux-associated weakness but never call out Windows when only Windows is at fault (as in Stuxnet and NSA back doors).

PHP is rarely used on Windows because performance- and cost-wise Windows is a pile garbage; especially developers should realise this (some develop on Windows/Mac OS X but only ever deploy on GNU/Linux). Why pick on the operating system when the flaw is to some degree platform-agnostic? Maybe it was Symantec's malicious intention again. Symantec makes money from offering remedies to users of a back-doored operating system (like selling insurance for a soon-to-be-broken product). So ignore Symantec's sensationalism and those whom it bamboozled into parroting.

Related/contextual items from the news:



  1. More on Stuxnet


Recent Techrights' Posts

Computers Got Smaller, So GNU/Linux Got Bigger
Many people here recognise the lack of urgency (or need) to get expensive new laptops
GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It
Microsoft is - and has long been - organised crime
They Say I'm Mr. Bombastic
They didn't take good lawyers
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 09, 2025
IRC logs for Monday, June 09, 2025
Gemini Protocol Turns Six in 10 Days From Now
If you haven't tried it yet, then give it a go today
Live as You Preach
technology is fast becoming dysphoric
Culling Bad RSS Feeds of Bad Sites
Not throwing out the baby with the bathwater
Gemini Links 09/06/2025: Addition Addiction and Nitride
Links for the day
Links 09/06/2025: Science, Hardware Projects, and Democracy Receding
Links for the day
BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore
SS Fagioli is basically a parasite leeching off or exploiting other people's work
Links 09/06/2025: Chaos in Los Angeles and Hurricane Season
Links for the day
Links 09/06/2025: Windows TCO and Many Data Breaches
Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO
it's like a money-laundering operation where one politician rewards another at taxpayers' expense
Gemini Links 09/06/2025: Pipelines and Splitgate
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 08, 2025
IRC logs for Sunday, June 08, 2025
Links 08/06/2025: Tiananmen Carnage Censorship Persists, North Korean Goes Offline
Links for the day
Gemini Links 08/06/2025: Love as an Ethnographic Method and Monitorix Gemini-Frontend v0.1
Links for the day
Links 08/06/2025: Exposure of More GAFAM Surveillance and Social Security Records Compromised
Links for the day
Linux Foundation is a Mediator for Microsoft et al, Not for Small Companies That Support Rather Than Attack the GPL
Many people still wrongly assume that because it is called "Linux Foundation", then it is pro-Linux and represents the same mindset
This Past Friday, Confirming What We Said All Along About Brett Wilson LLP: It's Shrinking, Has Considerable Debt, Loss of Net Assets Despite the Microsoft SLAPP Money
The documents only became publicly available less than 2 days ago
Some of the Many Reasons We Sued Microsofters for Harassment
perpetrators of harassment
For 20 Years Many People Were Sharecropping for Canonical's Oligarch, Now He's Deleting All Their Contributions
"Ubuntu has erased instead of archiving the trove of material at Ubuntu Forums"
There Was Always Too Much 'Crazy Stuff' Going on Around Freenode
What many IRC users lost sight of
Exposing Crime is Not a Crime (It Never Was)
In the eyes of rich and powerful people, those who speak about their crimes are the "criminals"
GNU/Linux Distros Abandoning Microsoft GitHub
Will curl be next to leave Microsoft GitHub?
Expect More XBox Mass Layoffs Soon If the Rumours Are True
From a Microsoft media operative
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 07, 2025
IRC logs for Saturday, June 07, 2025
Europe Needs to Move Away From GAFAM; The Sooner, the Better
Europe - not just the EU - must abandon GAFAM as soon as possible
The Issue Isn't GNOME's Promotion of Diversity But GNOME Corruption, Abuse, Censorship, and Worse
So-called "Conservative" (republican, pro-Trump, bigoted) people want you to think the problem with GNOME is politics
When the News Sources Become Scarce and Increasingly Full of Polluted/Contaminated 'Content' (With LLM Slop and Slop Images)
Integrity matters
"Linux" Sites That Spew Out LLM Slop
We're lacking enough material for another "Slopwatch"
Abuse Inside the Polish Patent Office (UPRP) - Part V: Breaking the Law, Just Like EPO
We'll hopefully cover some of the pertinent details later this year