Re: NT vs Unix on the Internet

From: Pierre Beyssac (Pierre.Beyssacat_private)
Date: Tue May 05 1998 - 02:22:25 PDT

  • Next message: Jim Leo: "Security Related Issues"

    According to Peter Jeremy:
    > One point that has come up is along the lines of `most Internet sites
    > that have been hacked have been running Unix therefore Unix is
    > insecure'.
    The implied assumption here (sites not cracked are secure) is
    logically flawed. A secure site is one which CAN'T be cracked,
    not one which HASN'T been cracked. This is like the difference
    between security and illusion of security. If you don't know
    better, you can't know one from the other until you're cracked.
    As a side note, Unix sites are absolutely not the only ones which
    have been cracked.
    > Can anyone point me to some figures showing what sorts of
    > sites have been broken into and what they were running, compared to
    > the Internet as a whole?
    I can't provide stats, sorry. But there are some points to be made:
    	- WNT is new in the field and way behind Unix in terms
    	  of existing sites; hence it's only statistically logical
    	  that it has been cracked less;
    	- known vulnerabilities are fixed when they are discovered,
    	  generally on a case-by-case basis. This means that older
    	  systems are inherently more secure. Even more so if they
    	  have been developed in an "open" way (their source is
    	  available) because this allows code review by third
    There would be lots more to say, of course.

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:22 PDT