I'm interested in your comment that Windows (95,98,NT,2K?) has poor security design. I have a few questions for you:

1. What specific version are you talking about?
2. If you are talking about W2K/XP, I would be very interested if you could define exactly what you mean by "poor design". What can you do in Linux that cannot be done in 2K through the use of Active Directory Policies? (please, think of something good, because I don't want to have to reply and prove you wrong).

If you mean buffer overflows and the such, I would argue that the various linux distributions are far far more buggy. All one needs to do is look at the advisories section of secfocus to see that. There is a common misconception in the open source community that Windows releases "batches" of patches instead of one at a time, that's why there are less alerts... well, this is not true... windows released "cumulative" patches which are groups of previous patches released - NOT new patches.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/144/18340#18340