On Wed, Oct 3, 2012 at 7:39 PM, Tamas Rudnai wrote= : > You do not need to tell me security issues, I work on this field for 20+ > years (on the good side before you ask me :-) ). > > However, saying that something is more secure just because it was written > by someone else is wrong -- sorry to say that, but that's the naked truth= .. > Our ThreatSeeker Network for example catches hunders of thousands of > compromised websites every day, and I can't even remember if any of them > was running on a customized web server. You need a different approach for > security measurements than just trust on a code based solely on who writt= en > it or the size of the customer base. > I wonder what versions of server software is being used. There will always be security vulnerabilities. The key is that they're found and patched quickly. That's the whole point of using something like Apache. There are thousands of people who are working on it and constantly fixing bugs and vulnerabilities. Microsoft, on the other hand, is not known for good practices such as this. Am I wrong? Oh, and btw2: Linux has just as many or even more vulnerabilities then > Microsoft has, which may or may not be targeted by the cyber criminals. O= n > the server-wise Linux is probably more on the highlight for the attackers > as that is used most for hosting. On mobile platform you are in a much > higher danger if you use Android (which is technically a Linux system), o= r > a custom OS like BlackBerry or Symbian, than you had a Windows CE or > Windows Mobile device. In the other hand on the desktop field Microsoft > Windows is definitely under the siege. Having said that, Microsoft now ha= s > a much better program on monitoring and patching the code as well as > consulting with the security experts on this field than any of the > Linux distribution or the kernel guys does. I am saying all of these even > though I am a Linux/Unix and Mac fan. > "Having said that, Microsoft now has a much better program on monitoring and patching the code as well as consulting with the security experts on this field than any of the Linux distribution or the kernel guys does." Haha. Good one. Somehow I highly doubt anything that comes out of Microsoft is of better quality (including security) than something from the OpenBSD distribution. The majority of the web agrees. Much Linux server software comes from the OpenBSD codebase, by the way. --=20 http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .