Searching \ for '[OT:] Which Is Buggier - Windows or Linux?' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/index.htm?key=which+buggier+windows
Search entire site for: 'Which Is Buggier - Windows or Linux?'.

Exact match. Not showing close matches.
PICList Thread
'[OT:] Which Is Buggier - Windows or Linux?'
2003\05\28@234239 by James Newton, webmaster

face picon face
Please note, before you cry "...off with his head!", that I fully
support and hope for the best from all open source software.
Richard Stallman is probably my #1 hero in the computer world.
All hail GNU/Linix and so on... BUT, My experience has shown that
there is another side to it. Just about every Linux box I have
worked on has been hacked and I've never lost an NT server. I
have long wondered if the general opinions about Linux being more
stable / secure were wishfull thinking or if they are born out by
numbers.

http://story.news.yahoo.com/news?tmpl=story&u=/nf/20030523/bs_nf/21583

A count of the problems reported for XP Professional is available
on the Microsoft Web page that lists all of its security
bulletins. Use the pull-down menu to find the bulletins for
Windows XP Professional. The list starts in November 2001. In the
18 months since then, 27 bulletins about security flaws or other
bugs have been posted for Professional XP.

To count the fixes and bugs for Red Hat Linux 7.2, go to the
company's errata page and begin counting from November 2001. From
November 2001 until now, the company has issued 158 security
bulletins or bug fixes (not counting the enhancements listed on
that page).

Also, the Linux-Unix OS is largely in the server environment,
where the vast majority of Windows installations are in the
client environment, The difference in technical skills in those
two user bases could greatly influence perceptions of OS
stability. {i.e. Linux has smart people running it and Windows
has to do its best with idiots like me! <GRIN>}

...with Windows, there's a rather aggressive community trying to
find bugs to denigrate Microsoft and Windows.

http://story.news.yahoo.com/news?tmpl=story&cid=1093&ncid=1209&e=1&u=/pcworld/20030528/tc_pcworld/110906

For the second time in as many months, the Apache Software
Foundation released an updated version of the popular open-source
Web server software, only to warn users of a critical security
hole in previous versions of the software that the update
patches.

Among those fixes is a patch for a security hole in the mod_dav
module that could be exploited remotely, causing an Apache Web
server process to crash, according to the bulletin.

A second fix is for a denial-of-service vulnerability affecting
Apache's authentication module. By exploiting a bug in
configuration scripts used for password validation, attackers
could launch remote denial-of-service attacks that would cause
valid user names and passwords to be rejected, the bulletin said.

James Newton (webmaster, former admin #3)
http://www.piclist.com
spam_OUTjamesnewtonTakeThisOuTspampiclist.com
1-619-652-0593 VM
1-208-279-8767 FAX

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics

2003\05\29@010025 by Bob Blick

face
flavicon
face
On 28 May 2003 at 20:37, James Newton, webmaster wrote:

> Windows XP Professional. The list starts in November 2001. In the
> 18 months since then, 27 bulletins about security flaws or other
> bugs have been posted for Professional XP.
>
> To count the fixes and bugs for Red Hat Linux 7.2, go to the
> company's errata page and begin counting from November 2001. From
> November 2001 until now, the company has issued 158 security
> bulletins or bug fixes

James,

RedHat comes with a whole lot more stuff than Windows, I'd expect
there to be more fixes.

Also, there are a lot more eyes looking at Linux. After all, it's open
source.

This isn't the first time you've dragged this FUD out, why do you
continue to do it? Are you being paid to bash Linux?

Oh, when's the last time you rebooted your server? It's been three
years for me on my RedHat 5.2 mail and web server box.

-Bob

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@041525 by Alan B. Pearce

face picon face
Dear me, even the PICList Master who was so hot on introducing the tags
hasn't written the tag correctly.

Don't worry James, we all manage to do it :))))))))))))))))))))))

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@051048 by Picdude

flavicon
face
James,

I usually leave the political discussions alone, but this is near and dear to me currently since I recently made the switch to Linux.

I'll admit up front that I've not read that full article, since I feel certain that it claims Linux has many bugs, and probably more than Win___.  Even though I've mostly moved to Linux (2 of 3 machines), I don't doubt that it has its share of issues, and I've seen some already.  But I'm sure there are many surveys that will claim compelling results in either direction.  FWIW, I recently saw a MS ad f/Windows Server touting "... Linux reliability...", so even they seem convinced.

I have personally had much more bug-free computing with Linux.  3 HD crashes in the past 2 years -- 2 of which were SW related (Win2k and WinNT), and one which was a HD-controller failure.  I've abused Linux (accidentally pulling power off), and it recovers nicely.  Over months of my Win installation, it would slow down and some of my best Windows-consultant friends could not fix it.  The answer is always to re-install from scratch.  Of all the Win versions I've tried, Win2k has been the most stable, and I could get about 5 days off it before having to re-boot.  Linux ... many weeks so far.  And I'm on dual-boot here, so haven't really given it a chance to run un-rebooted for long.

The problem with Windows bugs is that there is little or no motivation or attempt to fix it.  There is no incentive for MS to do so, as the revenue comes from releasing a new product, not investing time/money into a product which has already been sold.  And it *is* all about the $$$.  Seventy-something percent bug-pass rate was considered user-deliverable quality (on one of their compiler products).  And I know this up-front as I used to work for MS.  Of course that exists in other companies, but the attitude at IBM (also worked there) for instance has been one of leaving off feature ideas so end-users have a reason to upgrade.  With Linux, when a concern arises, I know I have control over fixing/solving it.

The virus situation is another issue.  That's self-explanatory.

Now, even though the topic here is bugs, the most important problem to me is the lack of security, and MS's own spy attempts.  Other than reliability, trust has to be one of the biggest features of a piece of SW that forms the base of all of a user's computing.  If my OS mfgr is going to spy on me, then I walk.  I never went past SP2 on Win2k due to spying concerns on SP3, and I've heard its even worse on XP.  So I've never touched it.  But I get regular calls from friends asking for help with fixing Win XP crashes/bugs.

The 27 posted fixes you mention -- does that mean that there were only 27 reported bugs that were in MS'es database?  Or that only 27 of the thousands were actually fixed.  That metric needs to be clarified.

But everything has it's place, and I agree with skill-set requirement you mention.  For my non-techie friends (who have been passing on emails about the jdbmgr hoax this week, as if it were a major issue :-), I recommend Win products still.  Just cause I would hate to have to explain which libraries they need during installation for example.  Redhat helps, but is still not as brain-dead as Win2k installation.  For myself, I've learned enough about Linux in the couple months I've been using it, to have better success than Win2k so far.  I really only keep Win2k around for 2 apps ... MPLAB SIM, and my electonic-copy Audi service manual.  And also any other SW that comes my way that is Win only.

To each their own.

Cheers,
-Neil.


On Wednesday 28 May 2003 22:37, James Newton, webmaster scribbled:
{Quote hidden}

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@055659 by Alan B. Pearce

face picon face
> A count of the problems reported for XP Professional is available
> on the Microsoft Web page that lists all of its security
> bulletins. Use the pull-down menu to find the bulletins for
> Windows XP Professional. The list starts in November 2001. In the
> 18 months since then, 27 bulletins about security flaws or other
> bugs have been posted for Professional XP.

I think someone else mentioned this, and I have not looked at the Microsoft
page, but the way you have written this suggests looking at only the
operating system, without discussing the bugs in Internet Explorer, Outlook
Express and Outlook (among other products) which allow hackers to totally
bypass the security precautions which are in the operating system.

Also bear in mind that these bugs are only the ones that Microsoft is
prepared to admit to. It is evident that they do quietly fix others in some
of the patches that they produce, without telling people they have done so,
and there are others that they will not admit to until the brown stuff hits
the rotating spreader by mention of a bug being made in the press.

For an example of some of these look through the back numbers of Woodys
Watch at http://woodyswatch.com/index.asp and go through the various MS
products listed on the tabs. To keep up to date, then subscribe to the
newsletters.

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@082229 by Tal

flavicon
face
> I really only keep Win2k around for 2 apps ...
> MPLAB SIM, and
> my electonic-copy Audi service manual.

Talking about Audi CD service manual (Bentley Publishers), I wish they
would come with an hard copy version like any other normal car
manufacturer. Books are much more fun to read than screens and the copy
protection scheme make you depend on them when you switch computers.

Tal

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@092557 by Micro Eng

picon face
Does the fact that Linux is open source.....make it more attractive to hack
because its easier to find holes?  Finding holes in software where you can't
look at source line by line makes it more difficult I would imagine.


Oh...btw....the deal with SCO/Caldera suing because of the copywrite
violations.....may have come to a screaching halt.  Novell....thier neighbor
down the street....says.....huh? we still hold the copywrite to UNIX....

SCO stock took a nose dive on that news.

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@103118 by Francisco J. A. Ares

flavicon
face
In my opinion, an open source program is easier to hack, of course, but
the number of persons working on those systems around the world makes it
almost impossible for anyone with not-so-good intentions to include a
patch on the original source code CVS, and I suppose that anyone already
working with open source for a while would not accept any one else's
patch for an important program without "oficial" approval and/or testing.

Besides this, bugs are removed faster, because its existance is public
and not hidden by a costumer relations department, and the open source
comunity will start working on that bug almost imediately as its
publication.  Normally a workaround is avaliable in a few hours and a
patch in a (very) few days.

Francisco


Micro Eng escreveu:

{Quote hidden}

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@121325 by Picdude

flavicon
face
They do (for my model at least).  Since I've done over 20k miles of road tripping in the past 6 months, the CD on my laptop sounded much more useful, but I have to deal with them (for the new key) every time I re-install... and they hate me for my frequent re-installations.  My latest thought is to create a fresh Win2k install on VMWare (running on Linux host), install the CD on that and backup that VMware image.  Whenever I re-install or move machines, I can just re-load the whole VMware image.

Cheers,
-Neil.


On Thursday 29 May 2003 07:21, Tal scribbled:
{Quote hidden}

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

2003\05\29@143354 by Tal

flavicon
face
Neil,

I was not aware that they have shop manual in hard copy form. Any idea
where to get one for a TT 2002 (US version if that matters) ?

Thanks,

Tal

> {Original Message removed}

2003\05\29@151816 by Picdude

flavicon
face
Ahhhh.... the TT.  Only on CD-ROM so far, but supposedly will be available in hard-copy in the future ... not sure when.  If you contact Bentley, they will take your name & contact info and let you when they know more.

Also, during one of my re-registrations, I complained about the process, and they said they would swap my CD for a hard-copy for just the price difference.  Perhaps you could spin that as well when the time comes.

This topic is getting way OT I think.  Feel free to contact me offline.

Cheers,
-Neil.


On Thursday 29 May 2003 13:33, Tal scribbled:
> Neil,
>
> I was not aware that they have shop manual in hard copy form. Any idea
> where to get one for a TT 2002 (US version if that matters) ?
>
> Thanks,
>
> Tal
>
> > {Original Message removed}

2003\05\29@163249 by Peter L. Peres

picon face
The bug count you compare is not fair imho. Red Hat ships a server OS with
2500+ applications in the package and the bugs refer to all of them, as
they support the whole shipment. They also report ALL the bugs, even
unregistered users report everyhting, they have no reason to hide. Only a
very small fraction of the bugs affect the os proper. M$ ships an
operating system and very few bundled applications and the bugs affect
only those. Out of the 158 bugs in red hat only 10 at most are in the
kernel proper or affect the kernel directly (the kernel is the 'os' part
of linux).

The point about hacked linux boxes is taken, but one must ask with what
experience were they set up (vs nt experience). In general bleeding edge
server add-ons proliferate on linux and they are the hack doors. Things
like php packages, web interfaces, and other such add-ons to mainstream
tools. If one is not using those then the servers stay up almost
indefinitely. Running those insufficiently tested add-ons is the
equivalent of running asp and sql scripts written by amateurs on a
production nt server.

Peter

--
http://www.piclist.com hint: The PICList is archived three different
ways.  See http://www.piclist.com/#archives for details.

More... (looser matching)
- Last day of these posts
- In 2003 , 2004 only
- Today
- New search...