Windows vs. Linux vs. Mac OS X

Sidebar Sidebar
Atif

Atif

Ancient Philosopher
Jan 18, 2007
4,222
6
43
41
From Mars

Enlarge picture
There has been a consistent amount of “ink” spilled over comparing Windows, Linux and Mac OS X this month. The reports have generated some controversy, because they point out that Windows

delivers a more secure platform than Linux and Mac OS X. For some, this simply appears to defy the “logic” that has been proliferated by marketing campaigns from Linux and Apple. Microsoft's own marketing campaigns always tout the latest Windows version as the most secure Windows platform to date, Linux and Apple just top that by offering an even more secure operating systems than Windows.

There is the general customer perception that Linux and Mac OS X are not affected by bugs, or security vulnerabilities, that they are impervious and deliver absolute protection to their users. On more than one occasion, I have seen Linux and Mac OS X users claim that they never had to implement an anti-virus with their operating systems. This is the case of one of my friends, which never installed anything even remote to a security solution on her Mac OS X Tiger. So the fact that Linux and Mac OS X users feel safer than Windows users reflects a reality and not just a marketing doctrine.

But at the same time you have to look at the statistics. On March 13, the Redmond Company released no security updates for any of its products. And while Microsoft was skipping a monthly patch cycle, the first time since 2005, on the very same day, Apple plugged a total of 45 security vulnerabilities in its operating system and in third party programs. The majority of security patches addressed issues reveled in January 2007 via the Month of the Apple Bugs. In January, no less than 31 security vulnerabilities were disclosed for Apple products, at the rate of one per day.

Has this scarred Apple's products in any way? I don't think so. Has it impacted Apple's reputation as a standard and an apex for security? Not even in the least. In fact, I have found that the majority of Mac OS X users remain unaware of this issue or even downplay it. And despite announcing their intention to contribute to the perfecting of Apple products, the two researchers behind the project, Kevin Finisterre of Digital Munition and L.M.H. from Month of Kernel Bugs, have been gratuitously attacked by Apple supporters.

And we are down to the issue of patch development time. Symantec has looked into this issue and concluded that Microsoft Windows has a much shorter average patch development time than Red Hat Linux and Mac OS X. Symantec comprised statistics for 2006. Microsoft spent an average of 21 days on building updates for 39 security vulnerabilities in Windows, 12 of which were considered high severity in the last six months of the past year in comparison with the 13 days it took to deliver patches for 22 flaws in the first half of 2006, only five of which were labeled high severity.

Red Hat Linux is runner up in the context of the shorter development time, taking almost three times as much as Microsoft to patch a sample set of 208 vulnerabilities from July to December 2006, only two of which were considered high severity. In the first six months of 2006, 42 vulnerabilities have been patched in Red Hat Linux, only one was considered high severity, and an average patch development time of 13 days was spent on delivering the fixes.

43 vulnerabilities plagued Mac OS X in the second half of 2006, one of which highly severe, and Apple took no less than an average patch development time of 66 days to resolve the issues. In the first six months of the past year, Apple had an average patch development time of 37 days for 21 vulnerabilities, three of which were considered high severity.

In terms of the most critical vulnerabilities, Windows is clearly a more exposed platform with 17 high severity flaws in 2006. But since we are talking code quality, Windows had a total of 61 vulnerabilities in 2006, Red Hat Linux had 250, and Mac OS X 64.

“The risk of exploitation in the wild is a major driving force in the development of patches. As with previous periods, Microsoft Windows was the operating system that had the most vulnerabilities with associated exploit code and exploit activity in the wild. This may have pressured Microsoft to develop and issue patches more quickly than other vendors. Another pressure that may have influenced Microsoft’s relatively short patch development time is the development of unofficial patches by third parties in response to high-profile vulnerabilities,” Symantec explained in the Symantec Internet Security Threat Report - Trends for July–December 06 -Volume XI, Published March 2007.

Jeff Jones, Security Strategy Director in Microsoft’s Trustworthy Computing group has compared the performances of Windows Vista, Windows XP, Red Hat Linux and Mac OS X Tiger in the first 90 days of commercial availability it terms of resolved vulnerabilities.

Mac OS X v10.4 had 10 vulnerabilities disclosed prior to the April 29, 2005 launch, four of which high severity. In the first 90 days Apple patched 20 vulnerabilities in Mac OS X Tiger, eight of which, counting the four already mentioned were considered high severity. After the first 90 days there were still 17 issues expecting to be addressed in Mac OS X.

Red Hat Enterprise Linux 4 Workstation shipped on February 15 2005, with 129 vulnerabilities publicly disclosed, no less than 40 high severity flaws. In the first 90 days of general availability Red Hat addressed a total of 181 vulnerabilities, 58 of which had a level of high severity.

Microsoft resolved three vulnerabilities affecting Internet Explorer before it shipped Windows XP SP2. Including these three, Microsoft plugged a total of 14 holes, out of which eight were high severity.

Windows Vista delivered a superior performance to Windows XP SP2 with only five vulnerability disclosures in the first 90 days since November 30, 2006. “5 total vulnerability disclosures in the first 90 days, with one of them fixed and one High severity one pending, along with 2 Mediums and a Low severity vulnerability. Is that good, bad or indifferent? Let’s look at other operating systems and see if they can provide some context for these numbers,” Jones revealed.

(SOURCE)
 
You must log in or register to reply here.

New posts

General chit-chat
Help Users
We have disabled traderscore and are working on a fix. There was a bug with the plugin | Click for Discord
  • No one is chatting at the moment.
  • Necrokiller Necrokiller:
    MS: Hold my trillion dollars
    Link
  • Necrokiller Necrokiller:
    Sony: We can f**k up a totally good situation.
    Link
  • Necrokiller Necrokiller:
    https://twitter.com/i/web/status/1788728698184540355
    Link
  • XPremiuM XPremiuM:
    Started Dead Island 2, and i find it pretty lame. The story is shit. The characters are either cringe or bland (all 6 of them), The gameplay isn't fun. Even the goddamn zombies don't behave like proper zombies. They're all fast & intelligent unlike how zombies are supposed to be like. Any fan of "zombie" genre cannot possibly like this shitfest of a game. Dying Light 2 was million times better than this shit.
    Link
  • NaNoW NaNoW:
    so Baldurs Gate 3 is pretty great!"
    Link
  • faraany3k faraany3k:
    So who here is waiting for Senua Hellblade 2. Prequel was a true mind fuck experience.
    Link
  • GloriousChicken GloriousChicken:
    Sad indeed
    Link
  • NaNoW NaNoW:
    what a sad day
    Link
  • faraany3k faraany3k:
    Necrokiller said:
    MS one upping Sony in catching the biggest L in gaming
    Click to expand...
    tbh gaming industry as a whole is failing much like tech industry. They have buckled down too much to Corporate suites then relying on passionate and innovative people. A corporate only believes in financial growth and shareholders.
    Link
  • Necrokiller Necrokiller:
    MS one upping Sony in catching the biggest L in gaming
    Link
  • Necrokiller Necrokiller:
    https://twitter.com/i/web/status/1787835350745842153
    Link
  • NaNoW NaNoW:
    oh
    Link
  • StrikerX StrikerX:
    Still not available back on Steam though
    Link
  • C chamir44:
    My withdraw
    Link
  • Necrokiller Necrokiller:
    Reminds me of the time MS tried to charge PC gamers for online play
    Link
  • Necrokiller Necrokiller:
    When will console companies realize this sh*t doesn't work on PC
    Link
  • SolitarySoldier SolitarySoldier:
    doesn't change the fact that sony is extra chu this gen
    Link
  • SolitarySoldier SolitarySoldier:
    they took it back: https://x.com/PlayStation/status/1787331667616829929
    Link
  • StrikerX StrikerX:
    Mofos sharpened a spear and shoved it up theirs and Arrowhead's ass
    Link
  • StrikerX StrikerX:
    Sony <3
    Link
  • Necrokiller Necrokiller:
    Jeez, throwing all those sales away for the sake of PsN accounts. What a mess.
    Link
  • Necrokiller Necrokiller:
    https://twitter.com/i/web/status/1785696137804210201
    Link
  • Chandoo Chandoo:
    faraany3k said:
    I have heard that it is now unplayable in countries which do not support handful of third world countries not recognized by Sony like Pakistan. Steam is a true global platform.Then they cry that console gaming is dying.
    Click to expand...
    170 + countries where Steam sells but PSN doesn't will lose access unless they use VPN
    Link
  • Chandoo Chandoo:
    It has a worst rating on Steam than last years MW3 now. Jeese Sony, how can you fuck it up THIS BAD
    Link
  • faraany3k faraany3k:
    I have heard that it is now unplayable in countries which do not support handful of third world countries not recognized by Sony like Pakistan. Steam is a true global platform.Then they cry that console gaming is dying.
    Link
    Necrokiller Necrokiller: MS: Hold my trillion dollars
    Top Bottom