Linked by Thom Holwerda on Thu 12th Feb 2009 15:18 UTC
Privacy, Security, Encryption It's time for another security report. You know, those reports that tally vulnerabilities, and then plot or graph them in such a way that their benefactors or clients come out most favourably. Ok, that might be a bit cynical, but fact remains that there is usually something wrong with such reports. The one that's making its rounds across the internet today is certainly one of them. According to IBM, AIX is the most secure operating system, and Mac OS X the least secure. Not only is the report rather slim on details when it comes to operating system vulnerabilities, it seems like most websites reporting on this story have misunderstood what it was about.
Permalink for comment 348619
To read all comments associated with this story, please click here.
where's the link?
by pixel8r on Fri 13th Feb 2009 03:54 UTC
pixel8r
Member since:
2007-08-11

I fail to see how just the "number of DISCLOSED vulnerabilities" has any relation to how secure an OS is?

Say I'm developing my own OS but never disclose any vulnerabilities - does that make it the most secure OS out there?

Is it therefore surprising that an Open Source OS has the most disclosed vulnerabilities? I'd be more interested in knowing how many of these are still outstanding as we speak. And how serious are these vulnerabilities? Do they affect software that is installed by default? Is it something anyone can hack into or does it require a professional "hacker"?

Linux typically has hundreds if not thousands of packages installed by default, increasing the potential for vulnerabilities in the software...most of which a good firewall (also installed by default in most linux distros, but sadly not all) will block.

But in Windows or Mac OS's, how do you determine the vulnerabilities from all of the installed software? (I'm talking about after you've installed countless free apps you've downloaded, game demos, games, flash, java etc).

No apples-apples comparison exists for OS security and it would be a difficult thing to do.

I think a more fair comparison is to count the number of times each OS has actually been compromised and note the severity of each case. It still wont tell you which is more secure but it will let you know how likely you are to have security issues if you run that OS.

Reply Score: 2