[kwlug-disc] given enough eyeballs, all bugs are shallow?
unsolicited at swiz.ca
Sat Jan 9 16:41:03 EST 2010
john at netdirect.ca wrote, On 01/09/2010 10:08 AM:
> -----kwlug-disc-bounces at kwlug.org wrote: -----
>> From: unsolicited <unsolicited at swiz.ca>
>> I get irritated when it is claimed Linux is more secure than
>> Windows because it doesn't get viruses. When we cannot possibly
>> know that.
>> Particularly when the reality is, if Linux were as popular as
>> Windows, it would be a much greater target than it is today, and
>> get a correspondingly larger level of viruses (which are
>> essentially bugs / security holes).
> Compare it to neighbourhoods. Despite houses being generally alike
> in how they can be broken into, would you rather live in a
> neighbourhood that has a high rate of break-ins or lower rate?
You misunderstand me.
I'm not saying Linux isn't better, I'm saying Linux has a patina on
it that will eventually be rubbed off as more and more use it
(eyeballs), and for people to claim that Linux will always be malware
free is snake oil.
And it's the snake oil that I get irritated at. Only. Full stop.
To use your analogy - to blame more breakins in inner city houses than
rural houses on the contractor, solely, is ludicrous. Inner city has
more people around, some percentage of any population is nefarious, so
there are more people around, some of whom are interested in breaking
in, so more breakins will happen.
I don't disagree that lots of factors make the Linux situation far
better than Windows - but it's not zero. And it's those claiming that
it's zero that bother me.
In this thread of hard numbers and eyeballs.
> I pick Linux. It has a lower rate of break-ins and I don't have to
> do very much to keep it that way.
Today. But you will in time have to do some things, probably in some
correlated proportion to the number of eyeballs beating on it. I think
it unreasonable to claim otherwise. And, granted, always less than
what Windows puts you through. Aside from being less vulnerable, the
community will also respond with less onerous protection mechanisms.
But a bad open office writer download will take out your documents
just as fast as a bad Word download with macros in it.
Obscurity is not a viable defense.
To claim otherwise is snake oil. Please note - I am not saying anybody
here is making this claim. I'm saying, to Lori's point, it's urban
legend not backed up by anything. And can't be until there are as many
Linux desktops as Windows desktops. [Further complicated that by the
time we get there, better strategies will be put in place to better
More information about the kwlug-disc