Uhm, even if W2K3 did end up having a big security hole in IIS or something that wouldn't make it a insecure OS - just like a bug in sendmail or BIND or Apache doesn't make Linux an insecure OS (although, open sorce is a menace to security imo). If a bad admin in the NSA configures his mail server as open relay, or opens r commands to the internet, does that make the OS insecure? No, but it sure makes headlines. Microsoft has provided the tools to secure Windows, its up to people to use them properly.

If you fanatics are going to jump at the first sign of a vulnerability in W2K3 (i.e. see "TheRegister") and start b*tching about how insecure it is then you obviously are not security professionals. Also, keep in mind that vulnerabilities in MS software are greatly magnified in scale simply because of the pure market dominance - nobody really cares about a hole in Linux. Actually, who really cares about linux period - its a dying OS - keep your eyes on netcraft boys, you'll be seeing some big changes over the next year - mark my words.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/157/19627#19627