Linked by Thom Holwerda on Wed 15th Apr 2009 09:54 UTC
Bugs & Viruses Whenever the Conficker worm comes up here on OSNews (or any other site for that matter) there are always a number of people who point their fingers towards Redmond, stating that it's their fault Conifcker got out. While Microsoft has had some pretty lax responses to security threats in the past, it handled the whole Conficker thing perfectly, releasing a patch even before Conficker existed, and pushing it through Windows Update. In any case, this made me wonder about Linux distributions and security. What if a big security hole pops up in a Linux distribution - who will the Redmond-finger-pointing people hold responsible?
Thread beginning with comment 358879
To read all comments associated with this story, please click here.
My $.02 on the issue
by Morgul on Thu 16th Apr 2009 17:52 UTC
Morgul
Member since:
2005-07-06

The problem with the question is that the only possible answer is 'everyone'. People will always finger point. However, I think, while there will always be those who don't think before they point, majority of the Linux community will refrain. (Perhaps I'm a starry eyed dreamer, but I think I've got a point here.)

The reason (most) people point the finger at Microsoft when an exploit like Conficker comes out is the lack of transparency. You said that Microsoft handled the exploit perfectly, and from a certain perspective, you're right. From a certain perspective. Let's tip this on it's head. What if Microsoft was a Linux Distribution?

Every program that would have gone into windows would have had it's code looked at by hundred or thousands of people. Anyone could look at it and stumble upon these exploits. Would that have stopped Conficker? No clue. But, it might have and that is enough reason to point your finger at Microsoft and say, "It's you're fault!"

Let's not leave reality too much, however. The 'Many Eyes' theory is flawed. Many people looking at something only makes it statistically more likely they'll catch a bug. It's by no means a promise of success. Could there be a Linux Conficker? Yes. I have no doubts. Let's hope when it comes out, the Linux community handles it with the same grace as Microsoft has with this particular exploit.

So, to answer your question, people won't pin the blame in the same way. They Linux community will simply focus on fixing it (and then people will blame their distro for not releasing patches "on time") and the Linux haters will snuggle their Ballmer/Jobs plushies a little closer, after writing on their msdn blog about how 'broken' linux is.

Reply Score: 1