No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS.
The Microsoft apologists next cry about how if these alternative operating systems or open-source programs were as popular as Microsoft programs were, their users would be in just as much trouble.
Really? Lets look at the latest security news about Internet Explorer and Mozilla Firefox. Microsofts fix for one of the latest Internet Explorer holes was to deactivate the broken part, ADODB.Stream. Some fix.
The folks in Redmond still dont have solutions to IEs other problems, and they cant even give users a straight answer on when you can expect a fix.
Yes, it appears that XP SP2 will take care of this set of problems, but what about people using other versions of Windows? Will there be a similar broad-ranging patch for them? They sure wont be getting an updated version of Internet Explorer, since Microsoft has made it clear that there will no future standalone versions of IE because IE is now part of the operating system.
That, of course, is part of the problem and an example of the kind of fundamentally flawed thinking that ensures that Windows will never be a truly secure operating system. A browser, which has no other purpose in life than to be a window to the world outside the local computer, should never be part of the operating system.
Now, lets look at the latest Mozilla bug. This bug affects the Mozilla suite, the Firefox browser and the Thunderbird e-mail client. Just like the IE ones, it enabled crackers to run remote programs on Windows computers—no others—and it had been described in theory long before anyone demonstrated an exploit for it.
In early July, a way was shown on how to exploit the problem. By July 7, it was fixed. IE bugs? Still unfixed.
You know there might be something to this whole notion that open source speeds up security development.
What I find especially funny about this, though, is that the problem really wasnt with Mozilla in the first place. Mozilla simply revealed an XP hole—that Web pages could invoke the "shell:" program, which in turn would let a cracker run pretty much any program they wanted. Not good.
Yes, other browsers wouldnt let you get at this hole, but my point is that while Mozilla did provide a key—since destroyed—Microsoft put the keyhole there in the first place. Heck, Microsoft knew there were problems with "shell:" a year ago and its still not patched. Now, Microsoft plans to close this hole in SP2.
Hmmm ... let me see now. It took open-source programmers less than a day to fix it, Microsoft programmers still havent fixed the real problem, and its been more than a year. I know which record Im more impressed by!
Want to stop the Windows security and patch management madness for good? Its simple: Get a good Linux desktop.