Rich wrote:
[...]

Perhaps, but this does not mean that most users know about, or update
their systems. Even unix sys admins don't do a reliable job, as the
last worm demonstrated.

Which worm? The one great internet worm of the 1980's, or something more recent?

Note that all the recent mass worms have been MS specific worms/viruses.

The need for updates is going to be on-going for some time yet. At least in Linux there is no or little pressure to add extra features in an update that then adds extra bugs over the ones supposedly being fixed...


[...]

And no central planning or control, which makes what gets done
somewhat hit or miss.

Possibly so, but there is also a lot of cohesion for getting the 'important' bits together. There are some major worldwide voluntary efforts that surpass the efforts of Redmond. Then there is the Linux kernel itself!

You also have a security model that has survived 30+ years of very thorough testing!

I believe that by default, most linux's come with the ftpd running,
etc..., and as a result they are mostly open to attack, especially for
uninformed users. Unix was designed more for an open environment than
security, although of course it's still much better than Windows.

All very dependant on the distribution. With Linux you have choice! You can have the least secure version in the form of 'Lindows', through a spectrum to some very secure distributions. The Mandrake 9.1 distribution I'm using now has various 'security levels' depending on your paranoia. You have a choice.

But I've seen many security problems on unix systems over the years,
usually of the buffer overflow variety that allows a root shell to
be obtained. Unix is no more secure than it's system admin. Now for
home systems this is rarely a big problem. But how many companies have
had credit card numbers stolen by a hacker, from unix based systems?
How many govt agencies have had sensitive information stolen, from
unix systems, by hackers? Check out "The Cuckoo's Egg".

Its all a case of 'significance'. The examples quoted above are often due to '3rd parties' being 'entrusted' with data for it to be then intercepted or just lost. The phone and billing details of a few million Russians getting 'lost' last year or so is just one of many examples. I'm certainly not going to use any 'online passport' type system REGARDLESS of what OS supports it!

I'd strongly suggest that you don't just assume that linux is safe.

[...]

That's a point in favour of Linux. The user's tend to get more aware of what the system is rather than be kept in the dark with the 'trust me blindly' world of MS Windows...


And then there is the Mac OS X version of unix on Macs which makes a very good compromise that is very useable.

This Linux stuff is a lot more productive for s@h in just avoiding all the foul-ups with MS. You can get an MS system to work well, but it always remains very fragile.


Regards,
Martin