So I have been an avid Ubuntu user and have loved converting from Windows to Linux. I have been trying to convince my boss at work to switch some of the Windows workstations to Ubuntu, and although he says he'd like to be convinced that Ubuntu is better than XP, he remains unconvinced about several issues.

1) Security is a top priority for us, what advantages are of Ubuntu over Windows? Because Ubuntu is open source, doesn't it make it all the more easy for expert hackers to find a flaw in the code and exploit that? Sure there are a lot of people watching the code too, but there is so much code that surely something could slip by.

2) With commercial software there is inherently support and accountability to the company, what support would there be if something in Ubuntu goes wrong? (I'd like to believe that there is good paid support for Ubuntu and community support, hence me testing out the forums to see how good the feedback is :) )

1. http://www.psychocats.net/ubuntu/security google for some more.

2. Canonical provides support. http://www.ubuntu.com/support/services

http://blogs.computerworld.com/canonical_to_offer_ubuntu_desktop_support

Linux security is better than windows in practically every way. Windows still remains basically a single user DOS shell that should never be employed in a networked environment due to its multiple security vulnerabilities inherent in it's poorly coded structure. Running the graphical display interface at kernel level? letting anything be executed by any user (remote or local) and have it default to root access? Windows is just a huge clusterfuck of obtuse maldesigned garbage (the registry, ntfs, DCOM, WMI, CIM, etc).

When a critical vulnerability is discovered in Windows, it can take weeks, to months, before a fix is released, if it ever is released. When a critical vulnerability in Linux is discovered, it can take hours to days before a patch is released. Sure 'hackers' can see the source code, but so can everyone else. It is not reliant upon a corporate conglomeration to officially fix their broken product (just look at the history, over nine thousand windows viruses compared to zero linux viruses). Not to mention that Linux was designed to be networked from the very beginning.

Linux is not some nerd's hobby OS developed by basement dwelling neckbeards. A lot of the kernel is developed by major companies, with paid staff working on improving Linux every day (Red Hat, Novell, IBM, Intel, Oracle, etc). There is a reason the majority of the world's servers and supercomputers run Linux.

Microsoft's tech support is something one would resort to if ALL HOPE IS LOST. Canonical does provide support for Ubuntu, but community support is often the most helpful.

1) Security is a top priority for us, what advantages are of Ubuntu over Windows? Because Ubuntu is open source, doesn't it make it all the more easy for expert hackers to find a flaw in the code and exploit that? Sure there are a lot of people watching the code too, but there is so much code that surely something could slip by. Firefox is open source and Internet Explorer is closed source. Guess which gets exploited more. Apache is open source and IIS is closed source. Guess which gets exploited more.

I know it sounds insane, but open source isn't less secure, even though in theory it should be more difficult to find exploits and flaws if you don't have access to the source code.

If Google can use Linux for its servers and be okay, then open source can't inherently be less secure. I believe Google also uses Ubuntu internally for some workstations.

2) With commercial software there is inherently support and accountability to the company, what support would there be if something in Ubuntu goes wrong? (I'd like to believe that there is good paid support for Ubuntu and community support, hence me testing out the forums to see how good the feedback is :) ) Ubuntu has great community support for home installations. If you're going to use it for a business, though, you probably should get paid commercial support from Canonical:
http://www.ubuntu.com/support/services

Linux security is better than windows in practically every way. Windows still remains basically a single user DOS shell that should never be employed in a networked environment due to its multiple security vulnerabilities inherent in it's poorly coded structure. Running the graphical display interface at kernel level? letting anything be executed by any user (remote or local) and have it default to root access? Windows is just a huge clusterfuck of obtuse maldesigned garbage (the registry, ntfs, DCOM, WMI, CIM, etc).

When a critical vulnerability is discovered in Windows, it can take weeks, to months, before a fix is released, if it ever is released. When a critical vulnerability in Linux is discovered, it can take hours to days before a patch is released. Sure 'hackers' can see the source code, but so can everyone else. It is not reliant upon a corporate conglomeration to officially fix their broken product (just look at the history, over nine thousand windows viruses compared to zero linux viruses). Not to mention that Linux was designed to be networked from the very beginning.

Linux is not some nerd's hobby OS developed by basement dwelling neckbeards. A lot of the kernel is developed by major companies, with paid staff working on improving Linux every day (Red Hat, Novell, IBM, Intel, Oracle, etc). There is a reason the majority of the world's servers and supercomputers run Linux.

Microsoft's tech support is something one would resort to if ALL HOPE IS LOST. Canonical does provide support for Ubuntu, but community support is often the most helpful.

It's definitely apparent that Windows is a clusterfuck, Windows Vista had many bugs and it took Windows forever to fix them. From this, I would think it is logical to even assume that Windows deals poorly with serious viruses. Large mainstream corporations and organisations have to go through all that bureaucratic crap to get anything done...

LOL! I love that argument. "It's open source! Everyone can see the flaws!" Well, considering open source allows many more people to review the code and suggest improvements, I'll take open source any day. It works way better than having 8 or so developers assume they will think of every security hole that needs to be patched in their software.

Hi, lagamemnon -

I use Linux exclusively at home and am responsible for deskside support for ~3,500 Windows machines at the office.

A lot of Linux evangelists believe that spreading FUD about Windows is the best way to move the community over to Linux and what those people do is make the task a lot more difficult. I believe the way to convert folks over to Linux is to remain objective, point out Linux' strengths and *not* bash the other OS, which also has its strengths.

Anyway, to answer your questions -

1. You get your software from trusted repositories only and you deny end users the right to install software. You restrict access to to the superuser account so folks can't do oddball stuff with a corporate machine.

2. As mentioned above, Canonical offers paid support - there's your support and accountability.

Hope this helps -

LOL! I love that argument. "It's open source! Everyone can see the flaws!"

That's what my dad keeps saying, and I've shown him every link on Ubuntu's wonderful security and why and how it's much better than Windows. I can't tell if I have convinced him and he's just teasing me about it now lol.

Amy

Apache is open source and IIS is closed source. Guess which gets exploited more.

um - that would be Apache.

;)

um - that would be Apache.

;)
I mean proportionally to market share, not in absolute numbers.

Keep in mind that social engineering works everywhere. :P