I do think that part of the question should be:

How much do you, as a obscure consumer, care about strong security.
I believe that security is available for those who seek it, and it is
rather simple to obtain.
For complete security never own a computer, apply for a credit card,
leave home, or even be born, for that matter.

But, as that is obviously unreasonable, each person must decide how much
security is reasonable for them.  There is an inverse relationship
between security and usability.  As you close yourself off to things
that make you vulnerable you intrinsically do the same to opportunities
and capabilities that you might benefit from.

I would argue that windows is less secure, but that may be one of it's
advantages.  Things like NetBIOS, Windows Update, Outlook, and ActiveX
are easily exploitable.  But their presence allows the potential for
greater service to the end-user.  I use Linux almost exclusively (with
the exception of one computer dedicated to MPLab :( ) and I can assure
you that I notice the occasion that the structure of Linux makes
something-or-other difficult.  But converse to that, I also notice when
I have to spend 3 hours cleaning some rather determined Ad-Ware off my
wifes computer.

So, in closing, the issue is not whether Linux or Windows is better, but
which is better for you.

- Will

William Chops Westfield wrote:

> On Friday, Apr 30, 2004, at 18:44 US/Pacific, Carey Fisher - NCS wrote:
>
>> A major aspect of the "better security" claim is that Linux is "open
>> source" meaning the source code is available for anyone to look at.
>
>
> Unfortunately, this is probably largely bullshit.  While anyone can
> look at it, the number of people looking at it that are qualified to
> evaluate complex security issues is probably similar to the number of
> such people looking (internally) at microsoft code.  And the crackers
> get to look at it too, and they have more free time than secure
> programming experts.
>
> Meanwhile, the fact that joe user can look at the source code probably
> does him no good at all.  The world is luck if he's got enough brains
> to watch for announcements of security fixes, and install them.  God
> knows a larger percentage of the "hits" on windows are on bugs that
> have already been fixed...
>
> I do feel SLIGHTLY warm and fuzzy that given a unix flaw (security or
> otherwise), I DO have the option of modifying the source code myself to
> provide a fix, rather than having to wait for a vendor to run it
> through their qualification and release program.  That "patch" can be
> provided by myself, the community, or vendors, asynchronously to
> "release process."  (Go ahead; ask me how much I've learned about how
> NOT to run release processed.)
>
> BillW
>
> --
> http://www.piclist.com hint: To leave the PICList
> mailto:piclist-unsubscribe-request@mitvma.mit.edu

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics