Hi all. I have written a speech for one of my classes, and on the whole it turned out to be pretty decent, considering that it has to be covered in no more than 5 minutes ! My professor said that the weakest point of the argument (which is to persuade) was that Linux being free, sounds too good to be true. I did not bother to mention that there are also distros which one can pay for, as I'm focusing on the free distros and programs and such....

I also touched on Linux Vs. MS security (the basics) and she wants to see some statistics (written by a professional in the field) which back up claims of how out of the box, Linux distros are inherantly more safe/secure than an Win OS.

I'm not asking anybody to do my speech of course, but I've been looking all over and can't seem to find any substantial information/stats which have been produced by an unbiased (preferred) source to prove these claims.

In a way, I have the "free" portion covered, as I've made print outs of some GPL stuff, and the license arguments which Stallman made, along with the GNU faq's (first page anyway). But I'd love to be able to find some stats and am asking for the help of this community.

Thanks for any help. (btw, I have to give the speech tomorrow !)

Doug

Hi,

I don't think Linux has better security than Windows Per se, but I do think it's safer to run Linux.

1) Being the file structure of the OS makes it hard to exploit.

2) The Critical security flaws are resolved MUCH quicker within the Linux community. Which makes it at least a little safer.

See here;

http://www.eweek.com/article2/0,1759,1557459,00.asp

http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/

I hope this helps.

I'm not asking anybody to do my speech of course, but I've been looking all over and can't seem to find any substantial information/stats which have been produced by an unbiased (preferred) source to prove these claims.


Check out this from The Register (http://www.theregister.co.uk/security/security_report_windows_vs_linux/).


This reasoning backfires when one considers that Apache is by far the most popular web server software on the Internet. According to the September 2004 Netcraft web site survey, [1] 68% of web sites run the Apache web server. Only 21% of web sites run Microsoft IIS. If security problems boil down to the simple fact that malicious hackers target the largest installed base, it follows that we should see more worms, viruses, and other malware targeting Apache and the underlying operating systems for Apache than for Windows and IIS. Furthermore, we should see more successful attacks against Apache than against IIS, since the implication of the myth is that the problem is one of numbers, not vulnerabilities.

Yet this is precisely the opposite of what we find, historically. IIS has long been the primary target for worms and other attacks, and these attacks have been largely successful. The Code Red worm that exploited a buffer overrun in an IIS service to gain control of the web servers infected some 300,000 servers, and the number of infections only stopped because the worm was deliberately written to stop spreading. Code Red.A had an even faster rate of infection, although it too self-terminated after three weeks. Another worm, IISWorm, had a limited impact only because the worm was badly written, not because IIS successfully protected itself.

Heh, thanks Sef. I was actually just looking at that exact article on the Register, and am definitely siting Nicholas Petreley as a reference.

@Misconfiguration, yes, I know what you mean (I think) Saying that Linux employs better security features sort of misses the point of what the Linux file system was made for in the first place, right ? So you're choice of words is a better representation of why using Linux is safer overall.... Thanks for the links, and will check pronto.

Doug

Something I find interesting though, which will be lost on my fairly well aged, and techno-phobe professor, is that any article I've seen in relation to comparing MS etc.. uses distros such as Red Hat or other paid for distributions. I'm more trying to prove the worthiness of the free ones, rather than compare ones which have more financial resources.

My professor basically wanted to know how such free projects are being maintained, and are able to stay afloat amongst the myriad corporations which thrive off of consumerism. I think I have a basic idea, but my ideals may not come across in my (short) speech, let alone convey the idea of open source projects for the sake of promoting creativity and competition.

Something tells me that I should have chosen a topic such as "why you should use bio-fuels or hybrid cars" like everyone else, since it's much easier to explain ! :lolflag:

Picking an easy subject doesn't make you a better person.

Right first thing is that FLOSS projects stay afloat because the people that drive them or want to drive them can, they have access to the source code, access to tools to develop them and access to time in which to make improvements. the rationale is either one of altruism, cooperation on a common problem for companies that do not compete in the software world and a personal need or business requirement.

Not all free code is developed by volunteers, not all projects are run on fresh air. the idea of open source is to shift how we cooperate on projects so we can keep others honest using a fair and open licensing terms instead of financial risk or incentive. this includes how businesses interact with their customers and how businesses interact with their competitors where there is an advantage to creating freely available software in order to bolster their products worth or provide some worth to the business that could not have been produced without the existing open source code.

It's also worth noting that most software development is done in in-house teams for a single business, for internal use only. many of these programmers and now many of their mangers would like to see this code which is not something the business sells as a product made open source in order to shift costs and share the burden of support with other businesses that also need this kind of software for their internal operations.

There is also the distinction between root & normal user access levels etc.

This looks like a very interesting topic. I'm sorry I discovered it so late.

Being too late, by a long shot, I still want to add my two cents.

When I set-up a friends windows (2000 & XP still, Vista after SP1) computer I install the following apps:
avast-home (Free)
spybot S&D (Free)
Avast personal (Free)
and if it's a laptop
Comodo (Free)

I know how to download all the cracked / hacked **** from newsgroups, torrents, whatever, and still I go with these. Why? Why is free software better? Why do I use Frostwire as opposed to Limewire?

I think your paper would be a very interesting one. And if you could answer the questions above, you could probably also explain why free software, can be as good or better than paid for software.

My own guess, is that the software model isn't like the "car model" or "house model". That is, people can't make an amazing car for themselves and then share it easily with others. Or a house. If Holmes on Homes built a house he couldn't just upload it to the internet and then give it to you. (5 minutes up, 5 minutes down, wammo, great house.)

Your professor is making some rather poor analogies based on rules that don't necessarily apply in the computer age. If someone could upload a car they made that outperformed the Nissan Xterra and cost you the cost of a download (say, $3) how long would it be before someone actually did that. Or before 200 people decided to collaborate on a great car, which they could all then instantly use, all at the same time in different places and different ways and then easily modify to their hearts content (18 cup holders please).

I hope you did well on your paper!