Tests at Microsoft’s Linux lab show that counting the raw number of security updates required by the various operating system flavors is not as meaningful as examining the efficiency of the update process.
Windows vs. Linux: Think Patch Quality, Not Quantity
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Microsoft is very reliable source for data!
Their studies always is very scientific. Not much like open source advocat FUD which just claim without have proof!
You have to acknowledge that because is very true!!
You really expect me to believe that?!
Ever heard of irony and sarcasm?
I’d rate you funny if I could
Again, a linux distro carries TONS of apps that a typical windows installation doesn’t have. Example: Windows XP can’t play DVDs ut of the box, you need to install a 3rd part app.
And nor can most Linux distributions. Hell, some can’t even play MP3s out of the box.
Who’s got the stick now?
HAHA is pretty clear that this guy, “Linux is Poo” is the funniest ever in every post he demonstrate the lack of knowledge about Linux and OSS in general. I understand you, you can’t even configure X in Linux but man there are irc channels to help you.
About the article:
Is a great laugh, FUD all spread in the article. Example: You install SuSE Linux, it comes with mp3, java, flash, dvd, anything you can throw at it out of the box. And 1.8 GB of apps if you choose the KDE default install. There are apps for everything you would ever need and more on the CD. So is sure you would need more patches and all have great quality because I only have to patch one app one time only or 2 if it is very critical.
About Windows:
We don’t know how many security flaws are in Windows XP with SP2 and all security updates to date because we can’t see the source so there most be 1,000 security flaws and yet they are fixing 3 on patch tusday. Windows has more security flaws in a system which only contains base than in a Linux system that contains all apps you need.
I personally use Freebsd now and is way secure not to say Linux is not secure but I wanted to test something different since I have been a Linux user for years, still I love Linux and now love *BSD too.
Go back to #linux4kids.
SuSE can play DVDs out of the box? Really? What with DeCSS and all? Right.
errr…. hmmm… arrrr… yep I made a mistake there I weren’t going to write dvd in there my fingers were faster than me. With just downloading libdvdcss2-1.2.9-1.i386.rpm thats all? WOW how great is Linux <sarcasm> I didn’t even had noticed it without you making me see the light thanks</sarcasm>. Do Windows plays DVD out of the box? Man you should learn a bit about the OS world. POOR guy.
So in order for Linux, the operating system of freedom fighters and open-ness evangelists everywhere, to play DVDs you have to install something illegal? Works out nicely.
Oh, and insofar as Windows is concerned, all Windows PCs you buy with a DVD drive come with a DVD player package. If you build your own PC, the video card or motherboard usually comes with a DVD player package. Nice try.
Man you are poor poor guy. Still isn’t out of the box since someone had to install it. Nice try poor poor guy. I feel pitty for him is there some charity out there that recollects donations for poor poor “Linux is Poo”?
Excellent defense. You lose.
Actually it’s perfectly legal
“to play DVDs you have to install something illegal?”
Not illegal where I am sitting.
“Works out nicely.”
Yes it does. Works a charm, actually.
Ah, but that means Linux is not a viable option for anyone in the US who wants to play DVDs, and do it legally.
Do you guys include that as a point when you’re trying to push Linux on some poor, unsuspecting user?
I could reply: “who cares about your piece of shit US” … but I won’t.
There is at least one Linux distribution which includes a US legal DVD player.
However, what I would really challenge is “… is it constitutional for anyone to try to prevent you playing a DVD that you purchased in whatever manner you please?”
I would think you could have a decent case here against the **AA’s for “resrictive trade practice” and oligopoly collusion.
Hey, fanboi Poo, does Windows play Ogg Vorbis out of the box?
(Actually, I know the answer to this. You click on an .ogg file, and Windows asks you what application? You take a stab and guess ‘Windows Media Player’ – and Windows tells you “This format is not supported”. It spits the dummy badly, and refuses to download a codec – even though codecs for Ogg Vorbis for Windows are actually available).
Edited 2006-01-12 10:16
Yeah, because the world cares about your piece of shit codec. The one time in my life that I actually had to play an OGG file, I played it with my already-installed Winamp.
Hey, here’s a clue: How many MP3 players on the market play OGG? How many music stores sell OGG?
The clue train is coming, and it’s going to run you the f*** over.
“How many MP3 players on the market play OGG?”
http://www.ciao.co.uk/Portable_MP3_Players_5266512_3-ogg_vorbis~w5
http://reviews.cnet.com/4566-6490_7-0.html?filter=500891_5414570_50…
http://yahoo.pcworld.com/yahoo/bguide/0,guid,15,page,3,00.asp
http://reviews.cnet.com/4520-6450_7-5899700-1.html
http://www.mp3players.co.uk/site/uk/iops_mfp300.html
http://www.i4u.com/article651.html
http://www.atruereview.com/mp3player/index.php
http://cgi.ebay.co.uk/EZ-AV-256MB-MP3-PLAYER-WMA-PLAYER-OGG-PLAYER_…
http://www.directron.com/ifp780t.html
http://www.engadget.com/2005/12/21/monolith-premium-mx7000-rugged-m…
http://www.amazon.com/gp/product/B000285A1O/102-6873764-2997744?v=g…
http://www.pcstats.com/articleview.cfm?articleID=1785
http://uk.bizrate.com/marketplace/product_info/overview/index__cat_…
http://www.bhatt.id.au/blog/2005/08/23/iriver-t30-wma-ogg-mp3-playe…
http://newsvac.newsforge.com/newsvac/04/11/22/1435233.shtml
http://www.amazon.com/gp/product/B0007TSWYA/102-6873764-2997744?v=g…
and so on, and so on.
Everywhere but on Windows Media Player, it would seem.
Yeah, that’s 16 players out of what … 500? Oh, and of course the #1 player on the market by something like 60-70%, doesn’t do OGG.
No.
You try to play a DVD and if it requires descrabling (and the distro respects American weirdness about the “decss” library and does not include it by default) then Linux will tell you that you need to install “libdvdcss”.
Configuration -> Packaging -> Synaptic Software Manager
(enter the root password)
Click the “Search” button.
Type “libdvdcss” & hit enter. This finds the libdvdcss package in the repositories.
Select the libdvdcss package for installation.
Click “Apply”.
Done.
Now you can play DVDs.
Edited 2006-01-12 09:59
Actually, so can most linux distributions
Your knowledge seems to be quite outdated. At least flame linux-distributions on basis of something new
“And nor can most Linux distributions. Hell, some can’t even play MP3s out of the box. ”
Since you started the ‘out of the box’ topic, let me add to it…
Out of the box
Linux can help you surf safely, Windows can’t!
Linux can help you make presentations, documents, spreadsheets, Windows can’t!
Linux can connect you to IRC, Yahoo Chat, ICQ, Jabber, Gadu- Gadu, Windows can’t Linux!
And, I am just talking about Ubuntu Linux which comes with the bare minimum of software. Not even reached Fedora/SUSE with their tons of software!
So by the time, you install the above, I would have installed w32codecs around 5 times
)
Got the point?
And stop whining about the mp3 support everytime when you are probably aware why it hasn’t been included till now!
Edit: I missed out one – OOTB, Windows can fetch you a virus in 15 mins?, Linux can’t
(
Edited 2006-01-12 14:56
Strong Windows Security in few words:
“More cracks appear in Windows”
from
http://www.channelregister.co.uk/2006/01/11/ms_january_patch_tuesda…
It is because they can just take apart the Linux source code and tell use that there method is better. We have to take what Microsoft say about there own OS because it’s not opensource. They have captured Linux and are experimenting in there lab to find weaknesses and report it, they seem to be learning at the same time. Can anyone see what is happening here?
Yep. Unless Microsoft is willing to open up it’s code to compare the two, than how can any serious, UNBIASED analysis be made?
just what I needed after a hard day at work, some Microsoft sponsored FUD to cheer me up.
we are all to believe that Microsoft products are far more secure than linux, even after the past 2 weeks have shown that microsoft has had a vunerability in WMF files since their inception with Windows 3.0
yeah right
What at a funny article.
“We make it easier to install updates, so are our many extremely critical system flaws are no problem; we’re safer than systems with few uncritical flaws, even if they patch within one day. We are better, because we have Windows Update. The fact patches aren’t released until all systems have been affected by the flaws is irrelevant to the security. Our fixes are better.”
So says Microsoft.
That’s something I’ll have to remember the next time I’m trying to update a computer that can’t connect to Windows update because it’s behind a proxy server. It’s also really helpful the way direct downloads of updates are next-to-impossible to find on the Microsft site.
Come on now your comments are hardly fair, Windows cannot do a lot of things out of the box. Surely you can put together better trolls than that, your really slipping, ran out of ammunition?
Come on people, MS may not be your favorite OS but you have to admit that their patching process is pretty streamlined. (true, in debian is as simple as apt-get update but is that what you call intuitive?)
As long as you can live with the following truths:
1. Windows (as any OS) will always need patching
2. Patches in an OS as widely used as Windows will always take time to be available (10% of the total time will be spent writing the patch, 90% in testing)
Do they test patches? LOL I think obvius answer is no. When MS needs to patch a vulnerability opened by another patch.
I am an avid XP user because I prefer it to Linux simply because it is easier for me and less hassle configuring and downloading packages and compiling and adding switches and tweaking that file etc etc. Lets face it the right way to do any kind of *NIX is the OS X way of doing it. Period. That is not what we are discussing here however. The patching process in XP is pretty streamlined. But that is not also what the article is about. Tests at MS’s Linux lab sounds crazy right from the start! WTF is MS doing with Linux? Sure they are experimenting and learning and doing various things trying to improve their own OS. That is all great and good. But you cannot expect anyone to seriously believe that these results shouldnt be taken with a grain of salt. Hire an independent tester. Hire someone who will be the mediator and will take a look at both MS and Linux code. Make them sign NDAs or whatever the hell if MS is so freaking paranoid about losing their precious code…like the OS is not pirated at all by millions of XP users anyway right? Bottomline is MS can easily hire an independent group of testers but they will never do that beacuse the truth is that Linux is more secure. I am an XP user because simply I am used to it and there are a lot of softwares I use that do not run on Linux. But I will be ready to admit XP’s weaknesses. Things have improved a lot there is no doubt but there is still room to improve. MS knows XP is security compromised…they should just nail all the damn flaws they know all at once. They have a huge number of employees after all.
“in debian is as simple as apt-get update but is that what you call intuitive?”
Try this instead then:
Configuration -> Packaging -> Synaptic Software Manager
(enter the root password)
Click toolbar button “Mark All Upgrades”
Click toolbar button “Apply”.
(wait for all downloads to complete & packages to install).
Done.
{BTW, apt-get update will only refresh your local cached copy of what is contained in the repositories. You actually need to do ‘apt-get upgrade’ for this same operation on the command line).
Edited 2006-01-12 10:10
You really know nothing do you, There is a reason why SuSE cannot play DVD’s out of the box, but I guess not being a SuSE user you don’t know. It’s just a few packages to install anyway. Don’t tell me Windows can run all media types out of the box because it’s pretty useless apart from it’s own WMP monopoly.
Did any of you actually READ the article? It’s not about what is more secure, but about the patching process.
You just have to throw your 2 cents in about security, even though it’s not relevant to the topic, don’t you? Feel proud.
I guess it’s NOTHING compared to the Windows people who pirate copies of XP, MS office, Photoshop, the list goes on. It’s a fact that more Windows users are criminals then any other OS. We Linux users don’t have to pirate our software and claim it’s free.
Next!
Given a >90% install base of Windows, that’s pretty much a given, unless Windows users were intrinsically 9 times more honest than the general public.
Solaris comes with telnet and FTP servers running, but all access denied with a default install. Granted, there is still the possibility of vulnerability in the authentication part of the dialogue, but this default install (as mentioned in the article) allows for legacy uses, whilst providing a reasonably secure default installation. From historical evidence, a Windows default install of FTPd would allow Administrator access.
On a more positive note, it’s interesting that the MS guy claims to use Linux on a daily basis – I’m sure that few Linux kernel developers would admit to running Windows, but then again, of course, he isn’t a Windows kernel developer, so that’s not a fair comparison. I’m sure many of the IBM guys who work on Linux have managers who use Windows, so it’s quid-pro-quo, after all
The posts so far seem to have read the first page, if that (in the classic Slashdot styleee).
If you read the whole article, it is surprisingly balanced. Alan Cox (for RedHat) and Chris Ratcliffe (for Sun) give very strong counter-arguments which shoot down the MS FUD very clearly.
Microsoft seem to be going for the “Default Install” argument quite a bit at the moment (because default is pretty much all that Windows has, whereas Linux distro’s, and even quite a few UNIX variants, tend towards include-everything-as-default so that they can win last year’s battle about how little they offer by default). The *nix crowd always have the more secure card up their sleeve, because the “chuck everything in” default was only added for the novice user MS claim to aim for (not that a genuinely novice user could install a secure Windows, Linux, or UNIX system)
Don’t get sucked into this Microsoft PR garbage.
They’re doing this because they don’t have a real way to compete, and they know it. They’re trying to annoy you. This is Bill Gates’s way. Win by all and any means.
Look at what they’re doing.
(1) Vista’s GUI => Doesn’t take a genius to know that’s OS X’s concept.
(2) IE7 => Gees…It feels like…Firefox.
(3) Attacking Linux Vol 1 => “Get the Facts” website.
(4) Attacking Linux Vol 2 => Use tech sites with lies as PR. (Tech sites like eWeek can be bought…They are the PR prostitutes, and MS is their pimp).
(5) Attacking Linux Vol 3 => Set up an open-source lab. Point out all the deficiencies to undermine Linux publically.
Now putting this altogether, it doesn’t take a friggin genius to figure out Microsoft isn’t about making software, innovation or fairness. Microsoft is about making WAR and WINNING. They will kill, destroy, etc when they can get away with it. Its about TOTAL domination by any and all means.
If you bicker among yourselves, you’re just wasting time. If you waste time arguing, that is not time spent on writing software. That’s exactly what Microsoft wants you to do!
And hal2k1, just ignore “Winnie the Pooh” (Linux is Poo).
He has some serious issues in regards to Linux in general. Replying to him will only carry the situation further in an unnecessary fashion. If you think time is money…The Poo man is wasting your MONEY!
He ain’t no Windows fanboi, he’s a FreeBSD/Apple nutjob that has a sick mind of using Windows posts to pick on Linux. (I’ve never seen a FreeBSD user like this one.)
Its a matter of choice. With windows choices are made for you, in a true GNU linux you make the them. In linux if your box borks its usually due to something you did. In windows…well…who really knows why a windows system borks.
-nX