ABBAS KHAN wrote: > Being as a Windows geek tho, I consider Linux as a more powerful server > operating system than Windows. When I saw OS comparison at > http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I > was shocked! Showed it to a friend and he felt like being brainwashed :D > lol. > What do you fellows think about this? windows has only one vulnerability: - windows is vulnerable to attacks other systems and programs have millions of vulnerabilities: - foo program allows an attacker in 10.1.2.3 to access /etc/hosts - foo program allows an attacker in 10.1.2.3 to access /etc/aliases now repeat this for every possible file and for the 2^32 IP addresses, and you get as many vulnerabilities as you can count. and think of it. windows is 100% by default. you need to power the system before it gets owned. and did you read the ULA? you paid to use the system, but what makes you believe you will be the only one? it is a shared system. anyone on the internet can use it. it's not a vulnerability, it's a feature. and windows is "user friendly". if a vulnerability is found, why fix it and annoy the user? just issue a dialog box "this may be unsafe. do you really want to...?". after all, the user paid. no? more seriously, using vulnerability count as a security measure is childish at best. Are 5 cents more than 1 euro (dollar|...)? do 10 rabbits eat a lion? but in this particular case, there is no child play. it is intentional: " Reliance on a single metrics is a major feature of Microsoft's Get the Facts campaign, and this is perhaps understandable if we consider what the campaign is. It is essentially a marketing-driven campaign intended to .... " Source: http://www.theregister.co.uk/2004/10/22/linux_v_windows_security/