Wednesday, October 11, 2006

Windows vs Linux pt 3

Español | Deutsche | Français | Italiano | Português

Viruses, Trojans, adware, spyware... Windows lets all these enter your computer easily. The average period of time before a Windows PC that is connected to the Internet and with a default "Service Pack 2" installation gets infected is 40 minutes and it sometimes takes as little time as 30 seconds.

So you can either install a firewall, an antivirus program, an Adware/Spyware scanner program, stop using of Internet Explorer and Outlook (you can’t remove them) replacing them with Firefox and Thunderbird, and pray that pirates aren't smart enough to overcome these protections and, if a security flaw is discovered, Microsoft will take less than a month to make an update available which hardly ever happens. Or you can install Linux and sleep soundly, or at least stop worrying about it.

As we have already said in the previous posting, Open Source software (e.g. Linux) has more eyes to check the code. Any programmer on Planet Earth can download the code, have a look, and see and repair any security flaws. On the other hand, the only people allowed to look at the Windows source code are people working for Microsoft. That's hundreds of thousands of people (maybe millions) versus a few thousand. That makes a big difference. Also, on top of that, where the Microsoft developers are dedicated to helping the company make money and not necessarily a better product, the developers of Open Source Software are dedicated to the product. They want to make the software better for the joy of it.

In actuality, it isn't matter of how many flaws a system has, compared to the other systems. If there are undiscovered flaws of a serious nature or are minor in that they don't compromise an important part of the system, pirates won't do much damage until they find them. It is really a matter of how fast a security flaw can be solved once it has been discovered. If a security flaw is discovered in an open source program, anyone in the open source community can have a look and help solve it. The solution and the update usually appear within a few days, sometimes even a few hours. In the case of Linux, security patches usually get released and applied before anyone really notices. And, due to the amount of testing, checking, and even more testing the software goes through, the patches are infrequent. Most of the time, any updates applied are for the addition of new features to the various effected software packages.

Microsoft doesn't have that much manpower, and usually releases a flock of security patches a month or more after flaws have been discovered and sometimes published. A lot of the time, updates to Microsoft products don’t fix the flaws. That gives more than enough for pirates to do whatever they want with your computer.