Study Finds Windows More Secure Than Linux

cfelde writes "A Windows Web server is more secure than a similarly set-up Linux server, according to a study presented yesterday by two Florida researchers." In addition to the Seattle Times article, there is also coverage on VNUnet. From the article: "The researchers, appearing at the RSA Conference of computer-security professionals, discussed the findings in an event, 'Security Showdown: Windows vs. Linux.' One of them, a Linux fan, runs an open-source server at home; the other is a Microsoft enthusiast. They wanted to cut through the near-religious arguments about which system is better from a security standpoint."

Another study

[suso]

Study finds Slashdot as repetitive as Philip Glass

Sigh...

[Anonymous Coward]

Let the self-rightious defensiveness begin!

Enthusiast?!

[Vollernurd]

How the hell can anyone claim to be a "Microsoft enthusiast"?! It's hardly a hobby.

RTFA then talk

[digitalgimpus]

Read it for yourself. It reads:

"Believe it or not, a Windows Web server is more secure than a [i]similarly set-up[/i] Linux server, according to a study presented yesterday by two Florida researchers."

So when you load a linux server with software that has known security holes....they are both equally as secure.

It's not groundbreaking news.

In other news . . .

[Leroy_Brown242]

. . . 2 florida researchers were seen speeding away from thier work places in new ferarri's wearing armani suits. . .

Re:More FUD

[Otter]

Ummm, Florida isn't in Washington. Or if it is, we have bigger problems going on than Linux or Windows vulnerabilities.

And, to the grandparent -- if you read your own link, the previous study was not sponsored by Microsoft.

Re:Hardly scientific isn't it?

[EvilTwinSkippy]

No, on the Internet the plural of anecdote is fact.

/sarcasm

Also in the news...

[NoMoreNicksLeft]

cfelde writes "Satanism is less evil than a christianity, according to a study presented yesterday by two Florida researchers." In addition to the Seattle Times article, there is also coverage on VNUnet. From the article: "The researchers, appearing at the RSA Conference of philosophers, discussed the findings in an event, 'Religion Showdown: Good vs. Evil.' One of them, a satanist, performs perverse human sacrifice rituals; the other volunteers at the local homeless shelter. They wanted to cut through the near-political arguments about which religion is less evil from a morality standpoint."

Knock Knock Joke

[R2.0]

Knock Knock.
Who's there?
Knock Knock.
Who's there?
Knock Knock.
Who's there?
Knock Knock.
Who's there?
Knock Knock.
Who's there?
Knock Knock.
Who's there?
Knock Knock.
Who's there?

Phillip Glass

My 8 year old daughter, a great afficionado of knock knock jokes, didn't appreciate it.

Re:These studies are pointless. Both can be secure

[Black Parrot]

> unless the website designers were deligent in using valid charecter checking I can use sql injection on ms sql server (mysql?) and have the server ftp out to my system and download any software I want....

Even Duke Nukem Forever?

Re:From the website of the sponsor

[_Sprocket_]

I'll allow you to jump to your own conclusions.

Whew. For a second there, I was worried I'd have to get out the mat.

Re:Hardly scientific isn't it?

[ackthpt]

Did you notice that this was a study aimed at IT administrators, not home users?

I dunno if that qualifies it as scientific or not, but I've found trying to run servers and scripts on Windows to be a great joy after installing their anti-spyware, which interefers with my scripts. It's so secure even *I* can't get very far.

Re:Not again...

[Anonymous Coward]

This isn't a popularity contest, right?

This entire thread is about an article that attempts to make it a popularity contest. In short, it's your dream thread, bonch. I expect to see at least 50 "But I'm just playing devil's advocate" posts from you today. Now go!

My God They're Right!!!!

[ObsessiveMathsFreak]

I'm going to dump my Fedora Installation(TCO $0.00)
and run to the store and buy me Server 2003(TCO $599-$3522 + Licencing).

Definitly not going for RHEL(TCO $349-$2499 + Licencing) because no matter how hard I try, I could never get as secure with up2date, SELinux, Pax and Firefox as I could be with Windows Update, Third party antivirus, Windows Firewall and Security Center. NEVER!

And I shouldn't even be comparing Fedora to Server 2003 because Fedora could never be used as a server of any kind. Neither could Slackware(TCO $0.00), Suse(TCO ~$100.00), Mandrake(TCO ~$100.00), Debian(TC0 $0.00) or any other of those insecure Linux distros! They're not SOLD as servers so they absolutely cannot be compared to server 2003. No way, never, uh-uh.

Wow! This study has really opened my eyes to the lie. Why did I abandon my XP installation(TCO $200.00) after only a few dozen major worm outbreaks? I could have done anything on XP that I can do in Linux. It would only have cost be a few thousand dollars, but I could have!

These researchers have really opened my eyes to the lies. I believe everything they say, even without the data to prove it they..... .....

Ok here my sarcasm must crack under the sheer enormity of the following statement.
The pair said that they lacked the funding to test other operating systems, such as the Apple OSX kernel(TCO $100.00), although they thought it was "amazingly" stable.
WTF!? Are these guys for real? Is this study just a troll? I mean... WTF!!?

I will however take a wild guess that their next server security study will have OpenBSD mysteriously absent.

Knocking music

[starwed]

Hmm:
Who's there?
Knock Knock.
Who's there?
nock Knock.K
Who's there?
ock Knock.Kn
Who's there?
ck Knock.Kno
Who's there?
kKnock. Knoc
Who's there?
Knock. Knock
Who's there?
Steve Reich

She probably wouldn't like that one any better. :(

No, I'm New Here

[New Here]

No, I'm New Here

Re:Another study

[Anonymous Coward]

You think Philip Glass is "classical music?"

Everyone > You.

Were forced to conclude...

[noidentity]

In an academic study due to be released next month Dr Richard Ford, from the Florida Institute of Technology, and Dr Herbert Thompson, from application security firm Security Innovation, analysed vulnerabilities and patching and were forced to conclude that Windows Server 2003 is more secure than Red Hat Linux.

I see.

Re:Quality Research

[QMO]

Ah, but very flexible.

Any curve shape you like can be made to pass through all the point(s), if you only have one.

Re:Hardly scientific isn't it?

[gelfling]

Oh sure I did. Do you even bother to think about what you say? Lemme ask you a question oh keeper of the 20-sided die.

How easy do you think it is to unpak a windows machine 2003 or other, plug it in and have it be relatively secure w/o doing much of anything at all? Compare that to whatever the normal effort is in getting a Linux box up and running with the barest amount of bit twiddling that the install proc makes you do. For the most part - at 400+ distros there are always a few that really suck at this.

At any rate Transformicon Master+200, Given the reality of say .....the fact that your average Win server deployed in a commercial environment has >12 accounts in the admin group just to get the basic work done and that the restrictions imposed by those accounts.......

Now I know... oh wizard of the volcano of half assed wisdom.. this is going to shock you right out ya jammies.......

How does that fact, that essentially busted windows security model protect the system from one another of the admins. You see in the real, non-basement dwelling R0xx0R world, the largest number of threats are from the INSIDE.

So unless you have enviroment that isolates and manages the system at least as well as Unix or RACF then you will have a system, no matter how harded from the tools @ Un-Root that is still profoundly broken.

There, was that thought out enough for you or do I need a new magic sword and 2 bags of fairy dust?

makes sense to me

[dougnaka]

This is why I have lots of secure Windows servers that are chock full of logs of hax0red Linux servers attacking them.

Re:The Real Truth...

[Emperor Igor]

That's not really how evolution works. Not unless these Windows users die or become sterile due to lack of security...

If anything, it works the opposite way, with people who don't care to get too deeply into computers and technical stuff having far more sex.

Re:Another study

[Anonymous Coward]

In other news...Coke tastes better than Pepsi...The Big Mac tastes better than the Whopper...

te biggest FUD is when...

[l3v1]

...when we read something like They wanted to cut through the near-religious arguments

I do not believe that security evaluation has anything to do with religious beliefs. However, wishing that Windows (including server applications like IIS) is superior in security than Linux counterparts does indeed require a somewhat meditational deep religious vocation.

20000 worms have studied windows

[Anonymous Coward]

and independently concluded that it has a lower cost of 0wn3r5h1p.

Knock Knock Joke Revisted

[Hoi Polloi]

Knock Knock.
Who's there?
Who's there?
Is anyone there?
Who's there?!

- John Cage

Is that too obscure?