|
A Couple Points on the "Open Source War" |
|
|
|
Source: Ed-Tech Insider - Posted by Pax Dickinson
|
I hadn't actually noticed the Security Innovation study comparing the frequency of reported security problems in the Windows and open source web application server stacks. These kinds of surveys and tests are pretty easily manipulated. But since eSchool News has an article on the matter, I might as well weigh in.
If you're interested in this matter at all, you should go straight to the primary source material: the Red Hat and Microsoft security advisories. Your milage may vary, but my scans of the two lists shows a lot of Red Hat fixes that are mostly irrelevant to my simple web server, unless I've given lots of untrustworthy and industriously malicious people shell access to log in to the server. On the other hand, I see lots more references to "remote code execution" on the Microsoft site, which is what I'm really afraid of when I'm exposing a server to the internet.
That is, I don't want this to happen to me: An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could install then programs; view, change, or delete data; or create new accounts with full user rights.
If you still feel safer with Microsoft after reading over the actual advisories, then God bless you.
Read this full article at Ed-Tech Insider
Powered by AkoComment! |
