This was a terrible article.

If you want to flame about BSD and Linux, you can always post on Slashdot, but if you're going to write an article for Security Focus, I would have hoped that you would include a few facts.

The article swings between extreme arguments for and against homogeneity, confuses the debate over command-line vs. graphical administration with the choice of OS (Linux and BSD both stem from and support a strong UNIX tradition of non-graphical administration), OS complexity, end-user complexity and application choice. It even drops the GPL vs BSD license issue with a quick nod to the complexity of the GPL, but no indication of why that should be a problem, and especially why that should be a problem with respect to security!

I don't even know what to say... it's just bad. I'm sorry to Mr. Miller. I know I'm being quite harsh, but I feel I must. I'm a BSD user from the 80s and though I use Linux today for just about everything, I have a strong fondness for BSD still. This kind of bad writing in its defense churns my stomach.

You want a defense of BSD with respect to security? Here it is: BSD is not Linux (though some of the parts are in common). BSD is not System V UNIX or its derivatives (though some of the parts are in common. This means that the continued use and strength of BSD and its approach to system software represents a diversity of operating systems that thwarts one-size-fits-all attacks and provides an alternate medium in which to cultivate the best security practices.

Notice that I was able to make a strong argument for BSD without having to be divisive or paint some other open source OS as a villain.


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/252/27382#27382