Rich wrote:

In infinite wisdom Martin answered:

Rich wrote:
[...]

Perhaps, but this does not mean that most users know about, or update
their systems. Even unix sys admins don't do a reliable job, as the
last worm demonstrated.

Which worm? The one great internet worm of the 1980's, or something more recent?

Was it that long ago?

    Which one are you talking about?

    That is a serious question as you are posting like a major stockholder in MS.

Note that all the recent mass worms have been MS specific worms/viruses.

I have, my point remains.

    When you address which worm you are talking about you will have made a point. Until then you have not made a point.

The need for updates is going to be on-going for some time yet. At least in Linux there is no or little pressure to add extra features in an update that then adds extra bugs over the ones supposedly being fixed...

That's always been a problem with patches and updates, they tend to
break other things and other patches and updates. It's not a pretty picture.

    With the incompetant MS design patches and updates can and do break other parts of the OS. In linux they do not. They can only affect the application not the OS or its operation. The OS and applications are completely separate in linux while in MS they are deliberately intermingled.

As a general rule, I don't update unless I need something I don't have.
And I don't patch unless I something is broken or won't install, except
possibly for security patches.

    In Windows a security patch can disable applications including MS applications.

[...]

And no central planning or control, which makes what gets done
somewhat hit or miss.

Possibly so, but there is also a lot of cohesion for getting the 'important' bits together. There are some major worldwide voluntary efforts that surpass the efforts of Redmond. Then there is the Linux kernel itself!

The Chinese choice. Not sure if this is a good thing or not.

    It is certainly an insane (or your favorite adjective) to mix applications with the OS. Just on best design practice the choice is linux.

You also have a security model that has survived 30+ years of very thorough testing!

I believe that by default, most linux's come with the ftpd running,
etc..., and as a result they are mostly open to attack, especially for
uninformed users. Unix was designed more for an open environment than
security, although of course it's still much better than Windows.

All very dependant on the distribution. With Linux you have choice!

You have choice period. Linux is a choice, your sentence does not parse.

    There are many different distributions of linux and variations within distributions.

You can have the least secure version in the form of 'Lindows', through a spectrum to some very secure distributions. The Mandrake 9.1 distribution I'm using now has various 'security levels' depending on your paranoia. You have a choice.

If you know your way round unix you can make anything secure (short of
bugs and undiscovered security holes). You can also make windows pretty
secure, just by a router with a NAT firewall and/or install one of the
many PC based firewalls ( I don't care to argue whether it's a firewall
or not). With reasonable and cheap security measures ( Zonealarm is free)
you can eliminate or reduce most external security threats. But same
as with Linux, you need experience and some platform specific knowledge.

    Having used both I can say with linux it is just a matter of learning how things are done and what software does what. That may be a daunting task to some because it requires reading the docs and occasionally the source code. With Windows I got this leaflet on how to push keys and click a mouse and that was about it. Being the curious type I developed several methods of dealing with the enforced ignorance imposed upon my by MS. So tell me, how does one learn their way around Windows with that uninformative leaflet?

But I've seen many security problems on unix systems over the years,
usually of the buffer overflow variety that allows a root shell to
be obtained. Unix is no more secure than it's system admin. Now for
home systems this is rarely a big problem. But how many companies have
had credit card numbers stolen by a hacker, from unix based systems?
How many govt agencies have had sensitive information stolen, from
unix systems, by hackers? Check out "The Cuckoo's Egg".

Its all a case of 'significance'. The examples quoted above are often due to '3rd parties' being 'entrusted' with data for it to be then intercepted or just lost.

No, not at all, the cases I'm talking about were a result of hacker
breakin to the sites. Surely you heard about the govt sites that were
turned into porn sites at least. And this compromises not only data
sent via the internet, but info you phone in or mail in as they get
stored in the same computers.

    Which is why DOD and the NSA have developed high security patches for linux and then installed it in place of those compromised MS machines.