Langa Letter: Linux Has Bugs: Get Over It
Fred Langa contends that some Linux proponents harm their cause by hiding from the facts--it's just as buggy as Windows XP.
I made a private bet with myself when I ran an item in my newsletter called "Linux Hacks On The Rise". It cited a study of software problems reported by CERT--the Computer Emergency Response Team that impartially tracks computing security threats. (CERT is part of a federally funded research and development center at Carnegie Mellon University in Pittsburgh.)
- IBM index reveals key indicators of business continuity exposure and maturity
- Leveraging The Cloud For Business Resilience
- Strategy: Heading Off Advanced Social Engineering Attacks
- Best Practices: 6 Security Services Every Small Business Must Have
Among other things, the article said: "...more than 50% of all [CERT] security advisories ... in the first 10 months of 2002 were for Linux and other open-source software solutions."
My only point in bringing up this issue was to show that no operating system is immune to bugs and security issues: As Linux grows in popularity, it will have its own full share of problems.
It's hard to imagine a less inflammatory or more obvious assertion--that all operating systems have bugs and security issues--but I won my bet: Linux and open-source fans thought I was attacking them or their preferred operating system. They deluged me with E-mails, many irate, claiming that CERT (and I) were dead wrong.
The two most-common arguments against the report were:
1) There really aren't that many Linux/open source bugs, especially compared with, say, Microsoft Windows. Many readers argued further that CERT erred by counting the same bugs multiple times in different distributions and versions of Linux or other open-source software; these repeated bugs should have been counted as one meta-bug.
2) Open source bugs, when they do occur, aren't that big a deal anyway because they can be fixed far faster than Windows bugs.
Trouble is, these arguments are based on old information: Yes, there once was a time when both of the above statements were true, but in a moment I'll show you some very current, non-CERT stats and info that illustrate why both statements are now emphatically false. (We'll get to the specifics in a moment.)
But this isn't a bad thing. Rather, I take it as a very positive sign of the growing maturity and mainstream appeal of Linux and open source software. Let me explain: