Evans Data recently provided more proof that Linux is more secure than Windows. The researchers surveyed 500 Linux developers and found that 92
percent had never had a machine affected by malicious code. Fewer than 7 percent said they'd been victims of three or more hacker intrusions.
Only 22 percent said their systems had ever been hacked.
By comparison, last spring Evans did a study that found that 60 percent of
non-Linux developers had been victimized by security breaches, and 32
percent said they'd been hit three or more times.
There's a reason that Linux developers get hacked less. It's not entirely,
as Windows advocates say, because Windows is a more attractive target for
Oh, that's part of the reason, sure. Windows is a bigger target, it's easier
to hit. It has more users which means attackers can do more damage. Also,
many hackers just don't like Microsoft, and target the company's products as
a means of hurting the company.
But, really, who cares why Linux is more secure, so long as it is? Windows
will continue to be a more attractive target for attackers for a few years
at least, and a few years is about as far ahead as any IT manager can plan a
And Linux isn't secure only because it presents a small target. Linux is
inherently more secure than Windows. While Microsoft is working hard on
making Windows more secure, it remains to be seen whether the company will
When compared with proprietary software, the open source process is an
advantage to developers looking to write secure code. This doesn't make
sense to advocates of proprietary software, who note that distributing the
source code to software allows crooks to examine the code for security
The error in that argument is the assumption that, with proprietary code,
the crooks don't have access to the code. With proprietary code, crooks can
find security holes by examining illicitly obtained source code - Microsoft
source code has been leaked many times. And with either proprietary code or
open source code, crooks can examine the behavior of running binaries.
But where open source is different from proprietary code is that open source
encourages honest people to access source code, and find security holes and
patch them fast. The large open source community can find and patch security
holes faster than teams of proprietary developers - even when those
developers work for Microsoft - simply because the proprietary developers
are hobbled by their need to keep secrets.
Another reason for Linux's inherent security is its user model. End-users
run with limited privileges; only systems administrators have access to the
all-powerful root account. Mostly even systems administrators run as
limited-privilege users, unless they absolutely need root access. By
limiting users' access to systems, Linux limits the amount of damage a user
Linux's lower vulnerability, compared with Windows, isn't just a function of
its smaller popularity. Linux is breached less often because it's more
secure. Microsoft has a lot of catching up to do.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.