Eric at on 25 May 2011 07:14:28 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Microsoft's Many Eyeballs?

Hash: SHA1

My experience is that Linux is far more stable and secure than Windows.  Bugs,
when discovered, are fixed more rapidly.  Also, this behavior applies to Linux
AND to the wide range of Open Source applications.

I believe that is due, in part, to a philosophy of design that is different from
Windows and other Microsoft software.

Microsoft strives to make things "easy" and "flashy" (think: ActiveX extensions
in the browser) and backwards-compatible with prior versions.  Some flaws that
are revealed in Windows impact versions going back to Win95.  That's because
Microsoft carries parts of the code base forward with each iteration of the OS.
 I would have thought that the complete rewrite that was Windows NT would have
left Win95 bugs behind.

There is less incentive for Open Source projects to do that.  Instead they are
likely to adhere to standards and not make general use of proprietary
extensions.  There is one Microsoft browser but several Open Source browsers
(Firefox, Chromium, Mozilla, and Konqueror come to mind but there are many more
[1,2])  These browsers are more likely to adhere to web standards, and do more
with those standards, than to rely on an "ActiveX type" of solutions.

Microsoft's answer to the security issues affecting ActiveX is to institute
"kill bits" and give the users an easier way to enumerate the installed ActiveX
libraries and disable them if necessary.  Still, "drive-by" installs can happen
with Internet Explorer.  I have not seen these types of exploits with Firefox or



On 05/23/2011 04:08 PM, Stephen Slaughter wrote:
> What do you folks think about this article?
> Is it true that open source code is reviewed by many fewer eyes than we might think?
> I'm dubious about the opinion of this article (i.e. proprietary code from
> Microsoft is more secure) considering it was written by a Microsoft developer;
> however, people who think Linux is more secure are usually Linux developers and
> enthusiasts.
> Can anyone point me to an impartial opinion on this subject?
> Thanks,
> Stephen
> -- 
> "We can only see a short distance ahead, but we can see plenty there that needs
> to be done.”
> - Alan Turing
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --
> Announcements -
> General Discussion  --

- -- 
#  Eric Lucas
#                "Oh, I have slipped the surly bond of earth
#                 And danced the skies on laughter-silvered wings...
#                                        -- John Gillespie Magee Jr
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla -

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --