[Promotion] key features

[Martijn Klingens]

On Wednesday 25 January 2006 20:44, Santiago Roza wrote:
> but there are strong arguments to say unix-like systems are more secure:

I know. From a software engineering point of view they are quite true.

However, security is the sum of several parts and the quality of the software 
is only part of the equation. The competence of the sysadmin is a lot more 
important.

Having administered both Windows and Linux systems for a living I will 
wholeheartedly agree that Linux is the more pleasurable platform to secure. 
That doesn't mean you can't reasonably secure Windows networks. Moreover, it 
doesn't mean that Linux systems are inherently secure. They are just easier 
to secure.

At this very moment there are several worms going round targeting various PHP 
flaws, and there have been several advisories over the past weeks that are 
potentially dangerous as well.

What saves our ass so far is that the small user base is not attractive enough 
to target (cost vs benefit) and that typical Linux users are more 
security-conscious.

If we start hyping a security, people will perceive us as infallible, and that 
is simply untrue. If you know a way to bring across the message of "MORE 
secure" without having the result that people neglect security and end up 
being almost as vulnerable then by all means do tell me. In all other cases, 
try to stay clear of this subject, it's a can of worms.

> and the fact is that there are no viruses or spyware for (let's say)
> linux, and i don't see why we shouldn't promote that.

The word "YET" is missing here. There *will* be viruses and spyware. It's only 
a matter of enough installed systems to make it commercially viable. (Yes, 
commercially, remember that almost all current malware is commercially 
exploited by botnet operators for sending out spam, phishing and other 
activities. Malware is big business these days.)

-- 
Martijn