Langa Letter: Linux Has Bugs: Get Over It - InformationWeek
IoT
IoT
Software // Enterprise Applications
Commentary
1/23/2003
08:20 AM
Fred Langa
Fred Langa
Commentary
50%
50%
RELATED EVENTS
7 Key Cloud Security Trends Shaping 2017 & Beyond
Dec 15, 2016
Cloud computing is enabling business transformation as organizations accelerate time to market and ...Read More>>

Langa Letter: Linux Has Bugs: Get Over It

Fred Langa contends that some Linux proponents harm their cause by hiding from the facts--it's just as buggy as Windows XP.

I made a private bet with myself when I ran an item in my newsletter called "Linux Hacks On The Rise". It cited a study of software problems reported by CERT--the Computer Emergency Response Team that impartially tracks computing security threats. (CERT is part of a federally funded research and development center at Carnegie Mellon University in Pittsburgh.)

Among other things, the article said: "...more than 50% of all [CERT] security advisories ... in the first 10 months of 2002 were for Linux and other open-source software solutions."

My only point in bringing up this issue was to show that no operating system is immune to bugs and security issues: As Linux grows in popularity, it will have its own full share of problems.

It's hard to imagine a less inflammatory or more obvious assertion--that all operating systems have bugs and security issues--but I won my bet: Linux and open-source fans thought I was attacking them or their preferred operating system. They deluged me with E-mails, many irate, claiming that CERT (and I) were dead wrong.

The two most-common arguments against the report were:

1) There really aren't that many Linux/open source bugs, especially compared with, say, Microsoft Windows. Many readers argued further that CERT erred by counting the same bugs multiple times in different distributions and versions of Linux or other open-source software; these repeated bugs should have been counted as one meta-bug.

2) Open source bugs, when they do occur, aren't that big a deal anyway because they can be fixed far faster than Windows bugs.

Trouble is, these arguments are based on old information: Yes, there once was a time when both of the above statements were true, but in a moment I'll show you some very current, non-CERT stats and info that illustrate why both statements are now emphatically false. (We'll get to the specifics in a moment.)

But this isn't a bad thing. Rather, I take it as a very positive sign of the growing maturity and mainstream appeal of Linux and open source software. Let me explain:

Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll