|| ||Leon Brooks <leon-AT-cyberknights.com.au>|
|| ||Michael Dickman <michaeldickman-AT-att.com>|
|| ||Relatively insecure, or absolutely insecure?|
|| ||Sun, 10 Oct 2004 11:07:16 +0800|
|| ||LWN Letters <letters-AT-lwn.net>|
Hi Michael, I'm quoting you from:
> Yes, today, Windows has security problems, but Eslambolchi is looking for
> desktops two to three years down the road, and if Linux becomes popular
> and hackers pay attention to it, who's to say the Linux desktop won't have
> its own security problems?
Roughly 2/3 of all webservers are Apache, and the vast majority of those are
running Linux. This has been so for many years. If popularity were a
statistical indicator of security risk, server-based disasters like CodeRed
wouldn't have happened on MS-Windows, they'd have happened on Linux.
The overwhelming majority of email servers (MTAs) are Open Source and have
been for a very long time, likewise for FTP servers, name servers (DNS) and
so on. If they were going to be attacked, they would already have been.
So in answer to your question, history's to say that Linux is already popular,
and doesn't have the feared security problems.
I can think of many reasons for that, including that it's simpler, safer and
more granular to update than anything Microsoft offers, but it seems fairly
obvious that the most fundamental one has always been and will continue to be
design decisions. This is not a transient problem, nor has it ever been.
Over time, design decisions become very difficult to reverse. The annoyances
faced by MS-Windows users over new restrictions introduced as part of XP SP2
show just the tip of that iceberg of pain - which will only get worse with
ShortHorn. For many people, it will be ever simpler as their current systems
drift out of support range to simply switch to something else.
The design philosophy which causes this pain is that security has always been
a slap-on applied late in the process for Microsoft, but it is built right in
to practically everything else. The WinFS recently dropped from LongHorn (to
make it ShortHorn) has been in the offing under various names since before
MS-Windows-95, and it's been so hard for MS to bring to market precisely
because of the same kind of poor design decisions.
The MICA derivative of VMS, from which MS-Windows-NT was copied, was able to
be raised to high military security levels through the application of *one*
configuration change but consistently poor design decisions applied by MS to
that code-base have thoroughly trashed that inherent toughness. If that's
Microsoft *starting* from a secure position, how will they do with no run-up?
Desktop software is becoming far more complex than server software, and I
expect that increase in complication to translate to a decrease in security.
However, the same decrease will apply across both MS-Windows and Linux, and
Linux's current collection of viruses is laughably small, something like
seven families, all obsolete, versus a highly disproportionate tens of
thousands of virus families living in Microsoft Land. Linux can be safely
expected to remain far more secure by default.
Hossein Eslambolchi is doing well to scan ahead along AT&T's track, but your
own raising of this popular straw-man right at the start of the process is
not a good indicator for AT&T's impartiality. Partiality is poison to
effective analysis. Have you also read and considered any of the many
well-researched white papers which lay this and other straw men to rest?
Comments (4 posted)
Page editor: Jonathan Corbet