I think you miss the point entirely. Linux and all *X variants each have had and likely do have ooodles and ooodles of exploitable vulnerabilities just waiting there. Ya run Sendmail? BIND? Well, you know what I mean, then. Up until now, the perceived or actual difficulty in using, acquiring, or even hearing about these OS's for the average joe user has protected the OS by raising the bar for the user. The apple OSX argument falls flat; search for security vulns at sec-focus affecting macintosh and you will see they are already out there.

No, my too-cool-for-microsoft haXOR friend, Mr. Mullen happens to be correct in this case: as soon as the same fools who got suckered by MS's claims that Windoze is a better OS than all other OS's for everybody and for ever start using Linux because of some ill-conceived quixotic government mandate for OS diversity, those fools will simply do stupid things on new OS's, and believe me, you can. And an administrator can stop them, but it takes thorough knowledge of best practices in the OS in question (regardless of what that is) to run a secure network.

Agencies, government or otherwise, should make OS choices based entirely on the expertise they possess or can acquire and the needs of their function. Any other basis for decision is unholy, and unnatural, and ultimately counter-productive.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/190/23180#23180