Linux lags in security

Filed in archive News on March 23, 2007

I normally write editorial pieces over at my personal blog but this one simply invites questions to be asked of the conclusion of the said study. In Symantec's Internet Security Threat Report volume XI, it stated the following statistics, as summarized here:

1. 39 vulnerabilities, 12 high priority, average resolution 21 days
2. 208 vulnerabilities, 2 high priority, average resolution 13 days
3. 43 vulnerabilities, 1 high priority, average resolution 66 days

Without batting an eyelash, which statistic would your rather have? I'd rather have no. 2 or no. 3. Fewer serious vulnerabilities over no. 1 with a dozen.

To my shock and horror, no.1 was declared the most secure. And yes, it was none other than Windows! No. 2 was Red Hat Linux and no. 3 was Apple's Mac OS X.

Call me strange but having 12 high priority vulnerabilities speak of the way the system was engineered in the first place. I mean, if the OS was the most secure, why have more than 10 times the number of vulnerabilities as compared with its competitors? I just do not see the logic behind the conclusion - it does not matter if it took Apple 45 more days to fix ONE high priority vulnerability along with 42 others or 13 days for Red Hat to fix 2 high priority vulnerabilities along with 207 others - the fact of the matter is - the product, i.e., Windows, has holes like cheese!

I just don't believe it.

[btw, opinions are mine alone and does not reflect Creative Weblogging, Inc.'s]