[CentOS] Lies wide open ...!
mouss at netoyen.net
Sat Aug 23 17:51:38 UTC 2008
ABBAS KHAN wrote:
> Being as a Windows geek tho, I consider Linux as a more powerful server
> operating system than Windows. When I saw OS comparison at
> http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I
> was shocked! Showed it to a friend and he felt like being brainwashed :D
> What do you fellows think about this?
windows has only one vulnerability:
- windows is vulnerable to attacks
other systems and programs have millions of vulnerabilities:
- foo program allows an attacker in 10.1.2.3 to access /etc/hosts
- foo program allows an attacker in 10.1.2.3 to access /etc/aliases
now repeat this for every possible file and for the 2^32 IP addresses,
and you get as many vulnerabilities as you can count.
and think of it. windows is 100% by default. you need to power the
system before it gets owned. and did you read the ULA? you paid to use
the system, but what makes you believe you will be the only one? it is a
shared system. anyone on the internet can use it. it's not a
vulnerability, it's a feature.
and windows is "user friendly". if a vulnerability is found, why fix it
and annoy the user? just issue a dialog box "this may be unsafe. do you
really want to...?". after all, the user paid. no?
more seriously, using vulnerability count as a security measure is
childish at best. Are 5 cents more than 1 euro (dollar|...)? do 10
rabbits eat a lion?
but in this particular case, there is no child play. it is intentional:
Reliance on a single metrics is a major feature of Microsoft's Get the
Facts campaign, and this is perhaps understandable if we consider what
the campaign is. It is essentially a marketing-driven campaign intended
More information about the CentOS