Jeff Jones has published another one of his vulnerability scorecards comparing various operating system offerings. As always, these figures just list the patched vulnerabilities over the designated period of time; they do not take into account any unfixed or undisclosed vulnerabilities. Hence, these reports are not proper measurements of security - they are just that, a tally of fixed vulnerabilities. Any conclusions like "x is more secure than y" cannot be drawn from this data set. As always, do with it as you please.
To read all comments associated with this story, please click here.
Member since:2006-04-20
To be fair though, most of the packages that ship with a typical Linux distribution have nothing whatsoever to do with the core OS, so you would be comparing apples and oranges if you are basing your comparison on an OS with relatively few "packages" vs an OS that bundles loads of miscellaneous applications that have no bearing on the security of the OS itself. And since an install of Vista consumes nearly twice the HDD space of a Linux distro, in terms of sheer complexity, Vista is probably harder to maintain (I dare say because of all the backwards compatibility userland crud).
In terms of the Kernel itself, I would hazard a guess that the Windows Kernel is intrinsically more secure than the Linux Kernel, though I would expect a flood of posts disputing this opinion...
Member since:
2005-07-08
The day Vista ships with 10,000 packages or whatever like Linux distros do is the day I'll take this nonsense seriously.