Fred Moody Says Linux Worst Operating System Ever 661
I avoided posting this because it really is pretty lame, but its getting submitted a lot. Basically
Fred Moody says Linux Sucks on ABC. He calls it the worst operating system ever based on the fact that bug traq lists more bugs for it then any other operating system. Stories like this just make me roll my eyes: the thing will get tons of traffic from you guys and his editor will say "Good Job Fred" because they got to sell lots of banner ads on it. *sigh*
False Survey (Score:2)
Re:Fred Moody's opinion of himself (Score:2)
_Nobody_ puts that much effort into pre-emptively defending their integrity unless they're a con :)
Were it not for that comment I might think he was simply a fool- but fools are less self-aware. Moody's a _con_. He's like a 'mole', can't possibly be saying these things out of genuine sincerity. There's got to be some heavy secrets in there somewhere- though I doubt many people would care. "Fred Moody turned out to be a paid Microsoft employee working undercover!" "Fred who?"
The most touchingly pathetic bit is this- both Moody, and many Slashdotters being alarmed by him, seem to believe that non computer geeks, the un-tech-savvy, have NEVER EXPERIENCED a con before. Um, used car dealers have been around for many years guys- before then you had real estate cons selling you beachfront properties in Florida. Cons are NOT NEW.
A surprisingly large percentage of nongeeks of all ages and walks of life will look at this guy, this 'one journalist, at least, in whom readers could trust absolutely', and _automatically_ go 'shyeeeah right'... correctly spotting the CON of him without even having a technical background to rebut his claims.
Of course, I'm reminded of another phrase by all this: "Then they fight you,"
You know what comes next ;)
Re:Don't bother calling him a moron (Score:2)
Re:Curious about something... (Score:3)
My first observation is that this is at least partially true, just because of the makeup of the slashdot community. Face it, we do have quite a few linux zealots and quite a few micros~1 haters.
However, I also believe that this has a great deal to do with some flaws in the moderation system.
The first problem I see is that the first posts to an article are the most likely to be modded up. Moderators tend to hang around the couple most recently posted stories.
Not everybody refreshes Slashdot every two hours. The people that do, are the ones that agree most with the stereotypical slashdot agenda.
Insightful posts take time. It could easily take an hour to *read the article*, do some other research, and post some meaningful commentary. Those who post fast seem more likely to spout out their gut feelings.
To sum up: The people who post first are likely to be avid slashdot readers and more zealotous. Posts that are made soon after the article goes up are not as likely to be based on facts.
On hot trigger issues such as this one, I have read comments soon, then comments later and been pleasantly suprised by a couple better posts that get moderated later. Often on looking further, I notice that there are several more that I would have modded higher than the ones that are modded higher.
Let me try to illustrate this with a graph:
Post Quality vs Time: ;+---+ ;+---------------
|high
|
|+---+
|+++--+
|+-+&nbs p;+---+
|++ 
|++ 
|++
|+-+
|++
++
|
|low
+-----------------------------------------
time--->
Sum of moderation done
|more+-------------- -----------
|+-----+
|+--+
|++
|+
|++
|+
|+
|+
|+
||
|
|less
+-----------------------------------------
time---> As you can see from the graphs, I think there are a lot of good comments posted later that don't get moderated, while a lot of earlier comments that might not be quite so good, do.
I suggest the golden moderation system.
You get 5 moderator points.
2 of the are gold.
2 of them are silver.
1 of them is bronze.
gold points can be used on any post at any time. Silver points can be used on posts attached to articles that are more than 2 hours old. Bronze points can be used on posts attached to stories that are more than 1 day old.
I think this would really do wonders for Slashdot.
the statistics are meaningless (Score:2)
For building a web server, for example, it's easy to strip down a Linux system to just a web server and ssh for remote administration, with no other exposures.. Then, the only vulnerabilities you are concerned with are those in the packet filtering code, the web server, and sshd. It's considerably harder to strip down NT to that degree, in particular if you want to keep some kind remote administrability.
Moody is either simply clueless, or he writes deliberately biased pieces. Which leaves me wondering: can't ABC get people with a sense of ethics and some competence anymore?
Re:I don't know if I can agree... (Score:2)
I am his linux friend and I'm not so biased that I can't "see the forest for the trees," so to speak. I have windows computers, linux computers, macintosh computers, and various other unixen from time to time.
I can do of that stuff you say I can't do on Windows while drinking root bear through my nose and whistling dixie. All of it. Installable filesystems, multiple sessions, multiuser environments, multiple users simeotaneously, multiple versions of IE, even shell replacements - basally the equivalent of WM's on Win32 simply because it's structured differently than X. If you want to know how do do any of it (which is all really quite irrelevant in the real world anyway) then just e-mail me and I'll tell you how.
Why do I know this stuff? Know thy competition. My suggestion to you is to go out and read the Linux-Advocacy-HOWTO
~GoRK
Re:Isn't this how non-geeks decide? (Score:3)
Mayhap, but in this case he actually did us a favor. He misrepresents the numbers so badly that even a PHB can understand it (well, at least after you point it out). Once your PHB understands that high profile pundits can so gratuitously misrepresent the facts, the seeds of doubt will be sown.
But it won't be the seeds of doubt Mr. Moody intended to sow. It will be seeds of doubt about all the Old Guard's desperate attempts to discredit the newcomer.
Thank you, Mr. Moody.
--
Re:honest opinions will be moderated flamebait (Score:2)
my email to him... (Score:2)
"Linux Sux Redux"
First off, that title is purely flaimbait, surely not something a writer of your skill level would sink to.
Second, you have no clue what you're talking about, Linux didn't do too bad on bugtraq, much better than windows. You must have been referring to the aggregate results, which obviously consisted of a total of bugs from several distributions, as Redhat's, and Suse's numbers were much lower. Obviously, the aggregate results don't mean much, as you won't be running every distribution on the same machine at the same time. Surely someone as smart as you would realize this.
Third, someone who writes about technical issues would surely understand what these numbers mean. If not, let me tell you. Virtually NOTHING! Yes, that's correct, they mean next to nothing. These are reported bugs, so they are most likely fixed almost right away. They may also be insignificant bugs that don't really matter in most situations, as they don't distinguish between the severity of bugs. Also, since they are only reported bugs, there's probably plenty that are not known. For example, MacOS X has 1 reported bug! Surely MacOS X has WAY more than that, as it's still in development, and everyone who has a clue knows that it's just not possible for there to be ONLY 1 BUG in an OS in development!
So I think I understand. There are only three possibilities.
1. This article is pure flaimbait meant to create traffic, hence, more banner revenue! This is the most likely scenario. Job well done, you made an ass of yourself and it paid off.
2. This is a joke! Haha, pretty funny, I'm dyin! But seriously, that's really not a very good joke, I don't think many people will get it.
3. You are a complete moron and should be fired from your job immediately!
If 1 or 2 is correct, then I hope you are happy being a completely worthless human being! That must bring you great joy!
If 2 is correct... oh wait, same thing.
Thanks for you time,
Ryan
Where are our big commercial allies now? (Score:2)
So where are our big commercial allies now? IBM purports to be basing a big chunk of its strategy on Linux, so why isn't an IBM marketroid out there in front to deflate MS (and MS-shill) FUD? I'm sure we'll hear from the various distros on this point, but what about the big guns?
It would be one thing if a major like Big Blue just talked and spent no money, but they're spending millions yet remaining strangely silent. What gives?
Re:Sent to abcnews.com in reply to Moody's tripe (Score:2)
First, you did start out with such a statement. My point is that even if you go on to argue facts, editors, who get great, huge, steaming piles of cranky feedback, won't even read the rest of it!
I also take issue with equating bad reasoning with a lack of ethics. He is in error, but that doesn't necessarily mean he has no integrity. He could, for example, simply be stupid. You need more evidence when you make a charge like this.
Seriously, nothing personal, but I think your letter takes the absolute wrong approach, and I highly doubt it will be read. Most feedback on this sort of thing is too long, and tries to bring up too many issues. Short and sweet does the trick. The sentence
I would also appreciate it if one of your editors would have a chat with him about journalistic integrity and how even a columnist shouldn't misrepresent statistics to further an agenda.
is just plain bad. Can you imagine an editor saying, "Gee, this guy's right. Let's sit Fred down and talk about his journalistic integrity." I guarantee you the editor will have no more interest in the rest of your comments if you make officious and condescending remarks like this.
ChuckleBug
Re:I wrote to abcnews... (Score:2)
For instance, the apache server is included in the Linux numbers, but the IIS web servers numbers are split apart from the NT numbers and Mr. Moody didn't trouble himself to add them into the list of NT vulnerabilities.
WRONG. Here is a quote from the SecurityFocus.com article [securityfocus.com]:
We consider a vulnerability to affect an application or operating system if the vulnerability affects a component that is part of the application or operating system when brought or downloaded. For example, this means that a vulnerability in IIS will also be considered a vulnerability in Windows NT at the later ships with the former.
So... (Score:2)
DOS! (Score:5)
What do you expect with a name like that :) (Score:3)
a bad day today
Heh... that page had banner ads?? (Score:2)
Adzap for Squid:
http://www.zip.com.au/~cs/adzap/index.html
The script also blocks Slashdot ads, but Rob's probably got all of The Who's CD's by now...
Here is my letter to ABC News.com: (Score:2)
Don't be shy! Write ABC News.com at:
http://abcnews.go.com/service/Help/abc_contactus.
Here is my letter to ABC News.com:
Category: Factual Error
Regarding the article: Linux Sux Redux
Mr. Moody shows no understanding of operating systems.
An article like this does huge damage to your entire company and the ABC trademark. When an article that discusses things that I understand is completely uninformed, it makes me wonder if the other articles, that I can't check independently, are also completely uninformed.
In my opinion, the Microsoft Windows operating systems are buggy and quirky. They show a lack of caring for the users. More accurately, they show abusiveness toward the users.
I have found many, many bugs in Windows OSs. I don't report them because I would have to pay Microsoft to do so.
If I am already talking to a Microsoft tech. support person (and therefore would not have to pay extra to report a bug), I have found that many times MS tech. support will not accept a report! Apparently this has something to do with creating a hassle for the tech. support department.
Regards,
Michael Jennings
Jennings _ Michael @ hotmail . com
(Futurepower is a trademark.)
Or... (Score:2)
- Moody on MS employees newly hosed due to stock corrections: "The best you can say for them is that they made a deal with the Devil, and the Devil reneged".
- Moody wrote about how status for management at Microsoft had become a matter of _not_ answering your email, to appear more busy. This is a screaming red flashing warning sign of complacency and corporate rot, and Moody blithely did a column exposing it.
- Moody raked IE 4.0 over the coals, pointing out things such as the bug with Compaq Presarios that caused the installation to make the windows desktop a blank. He painted IE4 as an absolute betrayal.
The bottom line isn't simple, but people seldom are when they're as strange as Moody. This is a man who can go to great lengths to persuade the reader that (for instance) Linux needs to put a LOT OF WORK in before it can run for 24 hours at a time without crashing- a concept that is strikingly at variance with reality (as boring as the reality of a Xless webserver might unfortunately be...) And yet he's also capable of exposing some very damaging realities about Microsoft- I'd entirely forgetten that the "MS management intentionally not answering internal emails" story was his. The one consistent line to take through it all is this- Moody is a fanatic, a fanatic Microsoft supporter, but NOT necessarily of the real Microsoft company. He is a fanatic for the ideal Microsoft which he believes once existed, which he feels Bill Gates still personally represents, MS coders still represent. This is his fanaticism.As such, it's impossible to persuade him otherwise- if you show him that MS management are far gone in corporate rot, he writes a column about that and laments how MS 'lost its way' from the REAL Microsoft which he strongly suggests is still in there plugging away but unaware of all the nastiness. If you show him that IE 4 shipped buggy as hell and caused major problems with top-selling Compaqs, he laments this, wonders what happened to what he describes as the best, most rigorous testing operation anybody's ever had, and in the end blames Netscape for enticing MS marketers to release IE4 too soon- and again, the _ideal_ of Microsoft stays intact, and it's the suits' fault- his hero Microsoft coders and testers can do no wrong.
This is dangerous and quite frustrating, because it's impossible to contend with. You are never going up against Microsoft, in Moody's eyes- instead you are going up against the Ideal Microsoft, the one that delivers on all its promises and works really hard and benefits the consumer and is as tireless as an old-school Ma Bell employee. The one that doesn't exist, and never did...
So it's impossible for anyone to live up to that standard- it's an imaginary standard, and that is why nothing will ever sway Moody from his MS loyalty and determination to spin everything MSwards. Yet MS itself cannot live up to that standard, never could- it was a hype, a fake. So Moody periodically flames Microsoft itself- and proceeds to spin the flame MSwards, too, and this is why on the one hand he can expose shocking cynicism, contempt for consumers, and rot at the core of Microsoft, and on the other hand keep an unshakable faith that nevertheless, Microsoft is The One Answer. He's not actually hired- if he was he would certainly not expose some of the very embarrassing realities he's exposed. He's a fanatic- he fights for the _ideal_ Microsoft, so his fury is all the more obvious when he sees Microsoft failing to live up to what he sees as their true heart and soul. He blames marketing, Netscape, anyone other than the real coders at MS, the real brain trust, Gates- those he sees as keepers of the faith.
Unfortunately, those are exactly the people who have intentionally done all the things that break his heart. Moody cannot handle the truth- the heart of Microsoft is, and always was, mean, treacherous, and fraudulent. It's always been about the money and never about delivering a quality product. It's always been conflict with the rest of the industry (all the way back to Altair Basic) and dirty tricks and strongarm tactics worthy of Mafiosi. That is how they won. Cheaters do sometimes win, when they aren't punished. Otherwise, why cheat?
In the end, Moody is more to be pitied than censured. A thousand slashdot readers madly rebutting him will not shake his illusions. Not even the failure of his seeming idol will shake his illusions, because they are built on mirages, and you can't tear down a fantasy with real-world arguments.
The reason to pity him is this- the fantasy is all he has.
How not to feed corporate trolls (Score:2)
Or just post the thing on deja and post the link, I'd much rather load deja ads.
Not that most slashdotters load ads in the first place, ad blocking files (mail me if you want mine) and junkbuster help.
Severity of Exploits (Score:2)
Well, I recall two MAJOR remote root exploits in RedHat within the last year: bind and wu_ftpd.
I agree with you in principle... but I don't think RedHat is much better off than Windows is.
Re:More bugs (Score:2)
It looks like he added the numbers of Linux (aggr) and RedHat.
-- Abigail
Re:WRONG (Score:3)
NT : 22
SQL Serv: 6
IIS : 12
IE : 6
Outlook : 5
------------
total : 51
And this is only for Microsoft software. You add in all the third party bugs and the total number of NT bugs quadruples.
The 51 number seems a little higher than the 34 that the site claims for the total number of NT bugs, or does NT not come with Outlook, IE, IIS and SQL server?
And W2K adds in 10 brand new bugs. And Office adds a couple more yet.
The grand total is around 218 with all NT bugs (excluding 98 and 2000 entries.) The total number of all Redhat bugs is only 71.
I got this information from this page: http://www.securityfocus.com/frames/?content=/vdb
Maybe you need to look closer next time and not take someone elses word for things? Don't take my work for it, look for yourself.
Re:This guy is not only a fool, he's tainted... (Score:2)
Close enough. I wonder how much corporate tax the state of WA gets from Herr Gates? Remember, state taxes are spent throughout the state, not just in the locality in which they're received... Or am I writing to another tool?
Shit, maybe WA doesn't collect corporate taxes! If that were the case tho, every corporation on this planet would HQ there...
That's like me saying that New Jersey makes New York City do its bidding.
Heh heh, in some ways it does.. Can you say Port Authority? Can you say 'giving tax breaks to prevent luring'? Can you say 'Ellis Island bridge'? Where do you think the folks who work in NYC live? Why do you think there's an hour of traffic to drive ~1 mile across the Hudson River at 3 separate points in the morning? And that's _with_ one of the largest public transportation networks on the PLANET?
And we haven't even mentioned the northern and eastern suburbs, which are actually more apropos as they're in the same state...
But I digress. Moody is still a twit, and a partial one at that. Find me evidence otherwise.
Or not.
Your Working Boy,
Example of Anti-Linux sentiment (Score:2)
Just imagine a mac freak with an anti-linux attitude and you'll get a good mental image of what these guys are like.
Moody is trying to mislead people who simply don't know any better. Moody's lying, and anyone with half a clue knows it. Sadly most people don't have a clue at all, so BS like this gets repeated as truth, especially by suits and suit-like individuals.
But in the end you've got to see it as a good sign. If M$ biased stooges have to stoop to lying and misleading, well we've already won.
Lee
Here's a comparison for you (Score:2)
So what do you call a website that puts up a huge, fuck-off headline saying that a major web-based email provider is about to collapse, then takes it back in a tiny print comment saying "from-the-well-it-could-happen dept"?
Slashdot wants to move out of that glass house before it starts throwing stones.
If we're talking about libel (Score:2)
Re:The bugtraq statistics (Score:2)
Re:What I Am About To Tell You Is Going To Shock Y (Score:2)
ROTFLMAO
Re:Isn't this how non-geeks decide? (Score:2)
Re:Curious about something... (Score:2)
Besides, I think we have had lots of articles saying that Linux/UNIX sucks as well--but there seems to be some agreement that it sucks less.
Re:Curious about something... (Score:2)
Is it perchance because the article had absolutely nothing to recommend it?
Yes, there's a big difference between the way we (most of us) respond to an article critical of Linux and an article critical of Windows. But there's also a big difference in what we have seen while using the two systems over the years. For the most part that experience has been that Linux has been functional and reliable while Windows has been marketable and crash-prone. But the media tend to publish the opposite: Windows is Wonderful, Linux {is a toy, is insecure, sux, etc.}.
Maybe when the media start publishing opinions that more or less jibe with what we've seen with our own eyes, rather than with what the highest bidding advertiser wants consumers to see,
Of course, if you think the article was a reasonable analysis of credible data, you should jump in and defend the unfair bashing we've been giving it. Meanwhile, pointing out the statistical patterns of our responses, without looking at the veracity patterns of the material we are responding to, is useless.
--
Remarq mirror (Score:2)
http://www.remarq.com/read/34668
Marketing Applied Operating Systems Truthfully (Score:3)
That aside, I'll agree the vulnerabilities in Linux are more visible than in the past due to deployments, but, most of us who've been doing it for several years, have enjoyed some key features that have helped us make this Operating System and it's applications the treasure to administer that it is today and has been for quite some time:
The list goes on. This is why I have 40 different servers out there in the wild supporting several thousand end-users in education, business, and, of course, entertainment. [dedserius.com]
I'm chalking this one up to a victory. I suggest all others do the same and keep at it. I still believe this is the greatest Operating System that ever existed. And, I do love my AIX and other UNIXes. But, there's really one word that makes the difference: free >:).
Linux rocks!!! www.dedserius.com [dedserius.com]
Re:he was put in his place by.... (Score:2)
Many people propagate a claim that the media is "liberal". The simple truth is, what the media actually is is pro-controversy. Even before the days of flame baiting e-pundits and banner ad click counts, the media's prime interest was in generating controversy (followed closely by purient interest).
Sadly, there's nothing they love more than an airplane crash or a school shooting (particularly if they can start arguments about whose fault it was), a political scandal, a conspiracy theory, or a "revelation" that the OS that is taking the world by storm on its own merits is actually a piece of junk whose inferior qualities have somehow escaped the notice of the millions of techies who use it by choice.
--
Worst Os ever? (Score:2)
People who bash Windows generally don't call it the worst "EVER!"...
I occasionally brag that "I" wrote the wrost operating system ever. I know it's not true. I wrote a horrific OS and anything that ever made it to market could beat it bloody. But theres the software that NEVER made it to market to account for.
My system would fuction for about 30 min to an hour... scramble it's command structure and ignore all input. Thats pritty nasty. But then in prototypes there were operating systems that would scramble data on the disk. Reboot mine and your ok. Reboot a system with a scrambled disk and your dead forever.
It is posable for an operating system to distory hardware in some cases (this allows for both bad software and hardware defects.. this isn't hard to imagin).
Now those are the operating systems that never made it to market. The worst "EVER".
Let's move on to operating systems that did make it to market. I remember using a mainframe with the wonderful defect of occasionally sending data to THE WRONG USER. Ohhh great security guys MY PASSWORD ON SOMEONE ELSES SCREEN. This was a combonation of hacked hardware and an operating system that wasn't designed for it.
Then we have that wonderful security defect where valuable information is stored in memory can be grabbed up by clever crackers. This small problem (a way crackers went for low security accounts to high security accounts) has sence been fixed by.. get ready.... Amiga, Apple, Intel, Microsoft, Linux, IBM, etc etc etc etc etc Hover, Black and Decker, Toys R Us, Little Timmy, the guy working the fast food drive by window.... you get the idea...
[Disclamer.. Accually some of the above listed didn't.. I'm sure Little Timmy had no hand in fixing any such defect]
This defect is pritty well gone today but back 20 years ago big big security defect.
We have had many problems over the years making computers do what we want them to do and found many soltions to those problems. We use the cheapest most effective solutions and now they are history.
Nothing on the market today is anywhere near as bad as operating systems once were...
For the worst ever you need to look in trash bins of psycopath programmers still trying to fit Unix on Commodore 64s....
Or you can use this guys standard for best/worst... I sereously doupt the worlds worst would EVER get a bugtrap report... I mean I wrote the most second most secure operating system ever... 30 min to an hour and NO ONE has access.. yeah but the most secure is the one that makes the mother board explode....
Libel (was Re:More bugs) (Score:5)
The SecurityFocus stats page [securityfocus.com] clearly shows RedHat's '99 vulnerabilities as 38 - less than 40% of WinNT's.
So where did the 122 come from? Moody added RedHat's 38 to the Linux Aggregate of 84. He's done the same for this year's numbers (RedHat's count for this year is 17, and the total for Linux is 30 not 47). But the Linux Aggregate already includes the 38 RedHat vulnerabilities and it clearly states that in the preface on the page - Moody is either an incompetent researcher or he is deliberately counting vulnerabilities twice in order to discredit RedHat. I'd be consulting a lawyer about the possibility of a libel suit if I were them.
Re:honest opinions will be moderated flamebait (Score:2)
Somebody's gotta go first. With a lead in installations and a tendency to be an early adopter, bugs in a component that's used in all three will tend to be reported against RH. If you break down the bugs against the actual programs and match that to the distros that use them, it looks different.
Don't Forget Moody's "Charge of the Linux Brigade" (Score:2)
"linux isnt secure and it isnt stable, its a moving target that never really gets out of beta. sure people run production sites on linux. i know alot of these people. they dont get much sleep and have grown opaque from the lack of sunlight. i have admin'd large linux shops. they require huge amounts of admin overhead, and if you want shit to really work you are going to spend alot of time manually fixing things. the number of outstanding security holes and lack of stable functionality is monumental."
Yup, that's the source of his article. He couldn't get anybody to go on the record saying these things, because they're grossly inaccurate. Moody concludes by saying:
"It will be a cold day at the equator before L. Torvalds sets aside his ego for the sake of someone else's better ideas."
What a foolish, inflammatory asshole. There are few reporters that disgust me as much as this man.
-Waldo
-------------------
Link (Score:2)
-Waldo
-------------------
Fred Moody: "Microsoft's Greed is Good" (Score:2)
- "Gates is fighting for the consumer and against the businessman, while most of his competitors, from Apple to Sun to Netscape, are fighting for the businessman at the expense of the consumer."
- "[Microsoft] is the most misunderstood company in the history of American commerce"
- "Microsoft...is driven by the need to make computers...cheaper and easier to use for consumers, rather than as profitable as possible for as many software and hardware companies as possible"
He's such a sycophant.-Waldo
-------------------
Such links should go through a junkbuster proxy (Score:2)
It shouldn't be too hard to hack together a link via a junkbuster proxy, such that anyone, with or without ad-busting software, could click on the link and read the story, sans advertising.
That would be the responsible thing for slashdot to do, but I doubt their employers would hear of it (legal liability fears would rule the nest, most likely).
flame (Score:2)
Re:He's actually _almost_ right (read before flami (Score:3)
More likely:
You're a home NT user. Same scenario, only the bug wasn't reported. One fourteen year old who's spent half his life in a debugger has it. The entire internet is now screwed, because the kid released a worm that spread through those legions of "mainstream" MS boxen like wildfire. A bunch of Unix geeks spend a few hours developing filters to protect the world's MS boxen and post the filters to Bugtraq, reducing the load on the network enough that everyone can get back to their pr0n. A few days later MS releases a hotfix that does who-knows-what and may or may not work right on your machine. A few days after that it's discovered that the hotfix re-enables a vulnerable activex control, and another worm is released, but doesn't go anywhere because not many people installed the hotfix anyway...
Duplicate programs (Score:2)
You cannot add up the total number of Linux bugs by summing the individual ones form each distribution. Each distribution has a lot of the same programs. For example, when the wu-ftpd exploit was found, that is a common package. Almost every distribution has that, and thus that package was probably counted in Moody's "bug list" 5 or 6 times! I can't imagine how many times he must have covered the suid exploit in kernels < 2.2.16.
Besides a lot of the packages have version numbers < 1!! If you don't want to risk buggy software, don't install those! Most packages I've seen with version numbers > 1 are quite stable and effective, it's just the 0.x packages that are somewhat dangerous, and in some distributions this isn't true because they fix bugs independently but keep the version number the same! For example nano 0.8.6 (free pico clone) in Debian is as stable as the latest devel. releases, now a 0.9.14, but just without the other features. If you go download nano 0.8.6 from the developer, it will be full of bugs and probably will crash if you try to mark text.
If you want to find out how many Linux bugs there are in all the packages (which isn't fair anyway since MS has lots of bugs in the products that don't ship with windows) you have to keep a count of what packages are common to multiple distributions, and also unique bugs (which should probably be thrown out since they're insignificant to the OS as a whole, like a typo in the intaller). If you did this you would find surprisingly fewer bugs in Linux.
Also NT doesn't come with three mainstream text editors (vi, emacs, pico, maybe also joe, ae, etc.), two or three desktop environments still somewhat in development (GNOEM, KDE, xfce), three or four graphical shells/file managers (GNOME's, KDE's, Midnight Commander). The point is that when you give people this much choice and flexibility you increase the chance of bugs, okay. If NT gives you one of each of those and that one is buggy, there is reason to complain. In Linux, if GNOME crashes too much for you (I don't think so for the record) or is too slow, you can always switch to KDE. If vi is too cryptic, use emacs. If pine can't refresh that top blank row on the screen, use mutt.
Re:WRONG (Score:2)
Redhat ships with some ludicrous number of packages that do everything from running the OS (kernel packages) to OMFG playing games! and SOFTWARE THAT IS STILL UNDER DEVELOPMENT
71 bugtraq announcements in all that hubub? I think that's a testament to greatness there. I would also imagine that a number of the bugs counted as "linux" (and probably added to the redhat total #) were for development kernels and stuff that doesn't even affect "stable" code.
Just because RedHat issues a security alert doesnt mean that it's redhat's fault for distributing an (optional) aplication with it's OS!
If so then everytime I find a bug in a microsoft or third party software program that microsoft endorses for its OS then i should count it as a microsoft windows bug and put it on MS's damn total.
How many core OS security problems in windows vs in the linux kernel? Way way more!
Still taking some kind of statistic from bugtraq is really pointless. Why dont i just go post all the shitty vulnerabilities in that really crappy release of apple system 7.something that totally sucked and call it the worst os ever?
Maybe i should add to the total by posting random windows bugs to bugtraq... like
"Tampered registry settings allow users to cheat in Microsoft Hearts! Your network play may be compromised!"
~GoRK
Re:Libel (was Re:More bugs) (Score:2)
SecurityFocus: BUGTRAQ VulDB Stats [securityfocus.com]
I really find it hard to believe that ABC is letting him post that stuff up on their site. What that sounds like is a troll post from slashdot, backing nothing up, and coming up with numbers from nowhere. If you look at the pretty charts they made, look who is at the top of the list for vulnerabilites for the year 2000.. And even better yet, 1999. Lets see, in 1999:
Windows NT had 96 vulnerabilities
Windows 98 with 44
Windows 95 with 40
And wait, then they have a section for:
NT w/ sp3 at 32
NT w/ sp1 at 31
NT w/ sp2 at 30
NT w/ sp4 at 29
The next few entries are dealing with Internet Explorer (which I think should be just added in with Windows 98, but thats just my opinion). And then look at the bottom of the list, we have Red Hat 5.2 at 21, and Red Hat 6 at 19. At least with linux cut down the vulnerabilites with the later release, its only by one, but it is less. On this chart, it shows that SP1 had less vulnerabilities then SP3. Hey now, they told me it was going to fix problems, not create more. I was hoping this guy provided an email address to send comments to, but I fail to see one. I dont know if ive read an editorial without a way to send your comments in at all, he's probably sick of being flamed. I feel this guy has some sort of stake in the windows franchise, and doens't want to see his money maker start losing money when people open their eyes a bit. I feel that anything that can be opened up and studied by the general public is going to be more secure then something that is done within a closed enviorment. This may not always be true, but if you look at cryptography, it is studied and tested for many many years, trying to find vulnerabilities, weakness's, whatever it may be that could cause security/privacy/etc concerns in the future. You take a closed system, with a certain amount of people who can study it, they wont find everything out, and with a system like that, if they do find something, which may take a lot longer to get fixed then normal, they can still release the product, not tell anyone about it, hopefully it doesn't become an issue until a service pack can be released. They dont fix bugs unless its cost-effective, or will give them good PR. Well enough rambling, time for bed..
Or how about... (Score:2)
With still enough power to run Wordperfect at a reasonable speed.
It's a shame that as computers get more powerful, the software gets more bloated. My dad bought an eMachine recently, and the amount of crap on it slowing it down is boggling. You'd think people would want to optimize every last cycle in that new machine to make it go as fast as possible.
-legolas
i've looked at love from both sides now. from win and lose, and still somehow...
Re:Here's a comparison for you (Score:2)
I would call it a funny and irreverent news-oriented discussion forum that doesn't take itself too seriously.
I got a huge laugh out of that headline.
Considering the history of struggle that Microsoft has had with Hotmail, I would be willing to bet that there are even techies working for Microsoft that saw the /. headline and were amused by it.
Are the findings any surprise... (Score:2)
If you want to hear another view on linux, why don't you hop on over to Fox News [foxnews.com] which has some superior tech reporting. (Warning: site is java intensive)
Oh, hah hah (Score:4)
He's actually _almost_ right (read before flaming) (Score:5)
"If you look this list over, and measure each system's number of vulnerabilities against the number of its customers, Linux is arguably the worst operating-system product in history, and Microsoft's the best."
True. IF. Obviously, if you accept that criteria, he's right. He correctly notes earlier that NetBSD has just over one tenth the number of bugs as Windows. But, for whatever reason, it has a much smaller market share.
If you are a home user-- he may be right. Let's analyze a case: You are a home linux user. A vulnerability is reported Friday afternoon. Being a non-nerd computer geek, you spend your friday night at a bar. Saturday morning, you have a hangover. Saturday afternoon, you log on, and voila, a patch has been released! (Wow: an fast vendor response). But something else has happened. A lamer with no life rooted your box while you were out partying. Compare that to the following: You're a home NT user. Same scenario, only the bug wasn't reported. One super criminal has it... and maybe the Fortune 500 company is now screwed (which is why they need 24/7 sysadmins on a patchable OS), but there are no script kiddies around to attack you.
What Fred Moody forgets is that Windows is just as complicated an OS as Linux, and therefore, probably had just as many programming "mistakes" made which resulted in bugs. They're hidden... and he assumes they therefore don't exist. Oops. Obviously, in a high security case, this is absurd, and therefore for any serious target, they need an OS like *BSD (or Linux). But for the home user-- is full disclosure really the best choice?
Open Source + More Eyes = More Bug Reports (Score:2)
If Linux were more insecure.. (Score:2)
See attrition.org statistics [attrition.org]
Re:More bugs (Score:5)
Look at the chart [securityfocus.com] for your self. I have no idea where Moody is drawing his figures from but it certainly is not the chart which shows Windows to be head and shoulders above everyone else's bug count. I would have expected it to do a lot better given the inavailability of their source code.
Re:Short answer: no (Score:2)
The cookies are part of the anti-spam system, as you would see if you read the now GPL'd Slashcode.
Re:So... (Score:5)
But, it's business, right? "Nothing personal" to quote many a mobster while their victim bleeds to death...
Bugtrack should point out very clearly that it's Linux Open nature that causes such bugs to be openly exposed for the sake of fixing. We hide nothing and make no excuses - if there's a bug then we make sure we know about it and it gets fixed. No commercial OS like Microsoft or Solaris will sit there and publish every bug they find. 37 bugs for Win2000??? Last I heard it was over 65,000. Quite a site more than our measily 47...
Missing the major problem with the story... (Score:2)
Of course, he didn't combine Win9X and WinNT scores. In fact, he skillfully ignored Win9X completely. Last time I checked, WinNT had like 150% the market share of Linux, while Win9X had some overwhelmingly huge market share.
Based on his assumption (and it's a gross assumption for sure) that detected-vulnerabilities-per-user is a measure of security, well then WinNT is at best a little more secure than the worst possible combination of Linux systems, while Win9X is overwhelmingly more secure than either. Of course, he couldn't mention this, because while he could pretend to pull the wool over everyone's eyes with some numbers that show WinNT is more secure than Linux, he couldn't possibly convince people that Win9X was more secure than WinNT. I guess he was afraid to demonstrate how insanse his assumptions were.
Not until people can learn (So, no) (Score:2)
Gnome and KDE are great, and I'm sure StarOffice and KOffice will be great too. But they don't take away from the need to understand that there are fundamental differences between Unix and Windows. Linux will not be ready for the mainstream until you can hand it to a neophyte and they can succeed without having a friend or relative that is a guru that can field hundreds of questions.
Re:Isn't this how non-geeks decide? (Score:2)
Quanity versus quality. (Score:5)
That's where the difference lies. Microsoft security holes on bugtraq are almost guaranteed to be worse than Linux holes. Why? Because, without the source, someone has already encountered the bug in day-to-day use. A lot of these Linux bugs are things like, "Wow, this wasn't coded exactly right; in theory, although I don't know how it could be done, this could be exploited.". Microsoft bugs are likely to be along the lines of, "Ha, ha, I just exploited your OS again!"
Belaboring the obvious (Score:2)
I guess those are obvious points to most of us.. But the point has to be made, open source is open dirty laundry. But perhaps after all you got to be a rocketscientist to understand that. Abc news bad bad research! bad bad generalization!
Him Again? (Score:4)
I Sing the Body Electronic: A Year with Microsoft on the Multimedia Frontier [amazon.com] . His partisan pro-MS credentials are impeccable.
This would be a good time to check out the Linux Advocacy HOWTO [unc.edu], before lighting up those flamethrowers.
Wow. (Score:4)
The best-known competitor is Red Hat, but others - notably TurboLinux and Mission Critical Linux - are in the market as well.
Notably? Am I the only one who has NEVER heard of "Mission Critical Linux"? (I'm NOT saying it's bad, but it's pretty much an unknown, and he ranks it up there as "notable." How about Slackware? Debian? Those aren't notable, but "Mission Critical Linux" is. He hasn't done his research.
Linux zealots for years have insisted that the operating system is an invulnerable perpetual motion machine, incapable of crashing or being infested by the kinds of worms and viruses that hackers are constantly sending Microsoft-powered servers.
Can I ask who has ever said that Linux is "Invulnerable", or "incapable of crashing"? I've *NEVER* heard those claims. This guy is an Asshole! Seems to me, he's overexaggerating this crap just to start up the FUD machine.
This looks like an alarmingly high number in comparison with Solaris' 34 or NetBSD's 10, but it is significantly less than the 122 racked up by Red Hat...
For the 800 BILLIONTH TIME: Red Hat is NOT Linux! [redhatisnotlinux.org] This idiot is taking a select few distros, and catagorizing them all as "Linux." Someone smack this moron.
If you look this list over, and measure each system's number of vulnerabilities against the number of its customers, Linux is arguably the worst operating-system product in history, and Microsoft's the best. As Linux zealots are beginning to find out, it's a lot easier to
masquerade as a better product than it is to go out and be one.
I could tear this entire paragraph up, but we all know it to simply be FUD. This jackass is trying to generate hits, and he's probably doing a good job.
Oh, did you happen to notice the bottom of the article? Look:
Fred Moody is the author of I Sing the Body Electronic: A Year with Microsoft on the Multimedia Frontier
-- THIS ARTICLE IS A PAID ADVERTISEMENT FOR MICROSOFT CORPORATION. --
-- Give him Head? Be a Beacon?
OpenBSD (Score:2)
Of course, I'm justing preaching to the choir here...
You are more than the sum of what you consume.
Dishonest, too (Score:4)
Not only is his claim that Linux has the most bugs disengenuous because he admits that no attempt is made to grade the bugs on severity or whether or not their fixed, but he's patently dishonest. An important part of his claim is that:
This is a bogus claim, though, because he's getting that number by adding up the count for each different version of Linux. That means that, for example, a kernel exploit being discovered will result in not just one but several vulnerabilities on his list- one for each version of Linux that uses that kernel.
To account for this, in fact, Bugtrax has its own Linux aggregate that avoids such double counting and has 84 total Linux bugs last year and 30 this year. (Actually, even that 122 figure seems a bit odd, since if you add up the figures separately you still only reach 98 for all of the distributions listed. It appears that he got it by adding the Linux(aggregate) figure to that of Red Hat, which is totally ridiculous.) Of course someone who uses only one version of Linux would experience only a fraction of these, but an honest count shows that even if you used Debian, Red Hat, Slackware, and SuSe in a heterogeneous network you'd still have fewer vulnerabilities than NT.
I've got a moderation... (Score:4)
Score: -1 (Troll)
-- iCEBaLM
Worse than that (Score:4)
All this is well-covered over on LinuxToday [linuxtoday.com], btw.
Suck says Moody sucks for saying Linux sucks . . . (Score:2)
Re:Not all Linux, just Red Hat mostly. (Score:5)
the size of the set that results from the union of all vulnerabilities for the components
without duplication. Vulnerabilities are not counted twice.
(quoted from the introduction at the top of the stats page he used http://www.securityfocus.com/vdb/stats. html [securityfocus.com])
Okay, lets for a moment assume that we want to go distro for distro... and most people believe that RedHat is one of the more insecure of them...
Vendor, Bugs in 1997, 1998, 1999, 2000 (so far)
LINUX (all), 10, 23, 84, 30
RedHat, 5, 10, 38, 17
WinNT, 4, 6, 99, 37
Geee... despite a minor problem at the beginning the numbers look a little different... don't they? In fact evem the agregate Linux numbers come up better then NT (while not a benchmark I would like to use, its the one he seems to be using). To compare the Unix agregate number properly to Windows, we would have to include the Win9x statistics also... right? Somehow I doubt he'd want to do that.
Short answer: no (Score:3)
Jamie McCarthy
It's an issue of misinformation (Score:2)
They don't get it, and they're spreading that ignorance to all their readers. This is bad.
"...and Microsoft's the best." (Score:2)
OK, he's saying Linux is the worst OS, because it has the most security holes listed on BugTraq. But he also noted "Solaris' 34 or NetBSD's 10", less than Windows' 37. How can that make Windows the best OS?
Also, how many of those 122 security holes apply to non-RedHat distributions?
--
Curious about something... (Score:3)
Re:Don't bother calling him a moron (Score:4)
>Moody's "editorial" be removed from the story...
>why should we do this bastard the favor of
>slashdotting his pile of BS?
Because then everybody will go to the ABC site anyway, only to get at the story they will have to sift through many more ad-infested sites.
When
Re:What an undeniable idiot (Score:2)
Check that chart and you will see Slack, Debian, Suse and Redhat plus a 'total number'. This is what moody uses. Look at the breakdown and it becomes clear what we all know: avoid Bughat.
However, even Bughat by itself only has about half as many issues as NT5.
Whereas all the other distros are in the low single digits and compare well with the commercial unixen and BSDs.
Try reading NTBugtraq instead (Score:5)
If an article were ever posted that said Windows is insecure because a lot of applications that run under Windows are buggy, Microsoft's army of lawyers would cause the page to be taken down in an instant. It's too bad there's no one to look out for Linux and other "free" OSes. Besides, to anyone with a clue, bugtraq specializes in bugs relating to UNIX type environments. There's a mailing list called "NTBugtraq" (www.ntbugtraq.com) which deals with all the bugs in Windows.
I'm sure I could ramble on longer if I actually read the article past the initial sentence..
Re:Telling last statement (Score:2)
Anyone else catch the double meaning of that statement? I'm sure he didn't intend it, but I am for sure going to take it that way!
No, the best OS is NullOS(tm) (Score:4)
Re:Why? (Score:5)
In part, probably because he is published.
One can always peruse the reviews posted for and against his book, I Sing the Body Electronic [amazon.com], or The Visionary Position [amazon.com].
Of course, I should warn that these link to amazon.com -- but the reviews seem pretty split on the merits of his book-length work, too -- some are even a bit witty.
Or, I guess one could simply write him [204.202.137.110] and ask.
I wrote to abcnews... (Score:5)
Dear Sir,
I was suprised to read a news article on your site that was so clearly biased against Linux and so clearly biased in favor of Microsoft.
In the above article, Mr. Moody's conclusions are suspect and his methods are questionable.
Some of the mistakes that he makes are the following:
The totals for Linux includes many more software packages than does NT. For instance, the apache server is included in the Linux numbers, but the IIS web servers numbers are split apart from the NT numbers and Mr. Moody didn't trouble himself to add them into the list of NT vulnerabilities.
Since Linux distributions include several times the number of servers, clients and other software than an NT distribution, it hardly seems fair to directly compare the two OS'es in this manner. For a valid comparision Mr Moody should probably add in the mail, web browser, and other commonly installed server and client software vulnerablities for say the top three Windows packages in several different catagories to the number of vulnerabilites found in NT.
Since Linux is used as a desktop machine by 4% of the worlds computer users it has a lot of non-server software installed. It is possible to install only server software, turn off the services that you don't actually need and only have to update packages for security reasons 1-2 times a year. It is also possible to run Bastile software against a Redhat box and close numeous security holes before they are even a problem.
Because Bug Track is the primary method of tracking bugs in open source distributions nearly all the bugs will be reported here. Microsoft often hides its bugs in a security through obscurity method that rarely works.
It appears that if a single package has a vulnerablity in Linux then the Bug track list includes the vulnerablity for each affected distribution. Thus, a sendmail report will be counted once for each distribution that uses that version of sendmail. This will tend to artificially inflate the Linux numbers.
Mr. Moody also doesn't take into account how long it takes any given OS to fix each know vulnerablity. Linux will often post the fix with the bug report, or within a couple of hours, while NT products will often go many days or even weeks until a hot patch is released. An example of this is the current vbs vulnerablity that exists in the MS mail client. This is clearly a well known problem, but windows clients are hit again and again by the exact same mail worm.
A final point to make is the fact that even though NT is only used on a third of the web servers on the internet, nearly half the page defacements are against NT boxes.
I am not saying that any OS is more or less vulnerable than any other OS. All OS'es have vulnerabilities and need constant monitoring by well trained security personnel. But some OS'es are much more open and honest about their problems than others.
Thank You!
Re:Isn't this how non-geeks decide? (Score:3)
Yes and No. "Release early, release often." The very nature of how things get done encourages bugs to get out. That's how they get found. It's also the reason that it won't ever improve -- current versions of Linux will always be a bit buggy.
You can have stability, but you have to go back a few versions and you lose a lot of flash that way.
I'm messing with Mandrake 7.1 at home, and this Fred Moody guy is actually right about it. It really does suck. I hate it. But it's also has all the [buggy] stuff that I want included. It's flashy and flakey and adminned by a rather poor-quality sysadmin (me) and I can play games on it. That sounds pretty mainstream to me. ;-)
If someone's idea of mainstream is reliability (?!), then here's how to get a pretty bug-free Linux, like the Caldera box I have hidden away under a desk at the office: Get an old outdated distro from a year or so ago, and then apply all the updates. You can build a damn solid box that way, just don't expect Heavy Gear 2 to run on it.
Less bugs than what? As soon as the specify a specific distro release, they set themselves up for a counter-punch.
But there are so many ways of measuring bugginess and vulnerability, Bugtraq items is just one. Mention ILOVEYOU infection rates to the sheep, and the herd may run the other way. It's all just a game of words, and if the Dozers decide to play dirty by quoting meaningless numbers, the zealots in the penguin suits can do it too. BFD.
---
Don't bother calling him a moron (Score:5)
SecruityPortal : same data = opposite conclusion (Score:5)
It seems obvious that ABC is full of crap and has fabricated their results by deliberately misrepresenting factual data.
Now why would ABC (A Bunch of Crap) News do such a thing?
Why? (Score:5)
Re:Wow. (Score:3)
Does that mean he's right about Linux? Of course not. He's totally wrong. But the fact that he wrote a book with the word "Microsoft" in the title doesn't make him anybody's patsy but his own.
Not all Linux, just Red Hat mostly. (Score:4)
"Other Linuxes" (sic) total 47 bugs, which means that any one distribution has fewer reported vulnerabilities than the 99 in Windows NT. Aren't numbers fun?
[Kinda OT] Re:Quanity versus quality. (Score:5)
I'm glad someone mentioned this. Remember when Slashdot reported [slashdot.org] that Windows 2000 had 63,000 bugs in it? Of course, everyone here jumped at it and said, "See, that's why Open Source reigns supreme!" However, a bunch of people replied to that story, saying that Debian and Red Hat were comparatively just as bad.
So what's the point with this?
A bug isn't necessarily a design flaw that's going to take down your program (that bug could just be some complaint of a nitpicky programmer)
Quoting raw statistics without further elaboration is misleading
Just my two cents.
--
Re:he was put in his place by.... (Score:5)
Sent to abcnews.com in reply to Moody's tripe (Score:5)
I would appreciate if, for the benefit of your readers, you would note that Fred Moody is a former Microsoft employee. I would also appreciate it if one of your editors would have a chat with him about journalistic integrity and how even a columnist shouldn't misrepresent statistics to further an agenda.
I refer to his column on Linux vulnerabilities, where he "uses" statistics from SecurityFocus to claim Linux is the "worst" OS of all time and Microsoft is the "best". SF states in the first paragraph of their vulnerability statistics page that the stats shouldn't be used to judge how secure an OS is, yet that's exactly what Moody proceeds to do. He then flagrantly fakes a total of "122" vulnerabilities for Linux in 1999, taking Red Hat's 38 and adding that to the aggregate (meaning all distributions, including Red Hat) total of 84. In effect, he counts Red Hat vulnerabilities twice to inflate Linux vulnerability numbers. He also fails to note that each individual distribution has fewer vulnerabilities than either Windows NT or 95/98. Were one to aggregate the Windows numbers, the total would come to 146. Windows NT alone racked up 99 vulnerabilities - higher than the Linux aggregate total.
He also glosses over the "package vulnerabilities" statistics near the bottom of the page. Microsoft products claim the first 12 spots. In 2000, MS products claim 7 of the first 12 - the various Red Hat products (which are known among Linux users as not focused on closing obvious holes) take the other 5. Only TurboLinux gets mentioned in the 2000 list, with 6 vulnerabilities in each of hte two packages mentioned at the bottom of the list.
It is clear that Moody is abusing available statistics, ignoring others, and using his pulpit to push a pro-Microsoft agenda. It is disheartening that ABC would give Moody credibility by posting his columns while they contain such falsifications and omissions. At the very least, a disclaimer noting Moody's past employment would help readers put his writing in perspective. At the most, I would like to see someone technically knowledgable review his columns before publication to ensure he can't twist facts and numbers like he did in this one.
Regards,
Mark Bialkowski
If you decide to feed the troll and read the article, send a comment to ABCnews.com through the aforementioned contact page [go.com]. A flood of comments questioning Moody's "integrity" might prompt action on ABC's part. Or not. Either way, take the opportunity to call out Moody on this one.
Oh, and make your comment civil. Don't flame, swear, or threaten to "fucking kill" someone. Just explain your reaction to the column and what you feel should be done.
Using this paradigm... (Score:5)
A recent study announced that American president Bill Clinton coughs more than any other American citizen. Clinton has been seen coughing in public and on television over ten times this year, compared to three for actress Julia Roberts, one for celebrity Regis Philbin, and an average of 0.0000001 for every other citizen.
Re:Service Pack (Score:3)
I've bought 2 blank CDR's in the past few weeks that I wouldn't have if I hadn't heard the MP3s first.
honest opinions will be moderated flamebait (Score:4)
Basically, I think the issue is one cramming too much stuff in the distro and rushing things out the door.
Am I wrong here? I'm not a security expert, but these bugs seem to be due to overly fast releases.
I think it's a warning sign when a system goes from version 2.x to 7.x in a year. It means that marketing is in control and that's never a goodness.
--Shoeboy
Re:Don't bother calling him a moron (Score:5)
A story on how biased the judge was [go.com] "Virtually since the beginning of the trial, though, Jackson has brushed aside every request and argument made by Microsoft, and sided enthusiastically with the U.S. Department of Justice"
How nice those poor Microsofties are [go.com] "I keep hearing Microsoft-employee-misfortune stories so powerful that they tug not only at the human heart, but at the journalist's, too."
Gates is nicer than Allen [go.com] "...Gates is emerging as a man with his heart in the right place"
How well Gates handled stepping down as CEO "... Gates neatly avoids a massive pitfall..." [go.com]
Can anyone out there take this guy seriously?
Torrey Hoffman (Azog)
Re:Isn't this how non-geeks decide? (Score:5)
As for the article, yes, people will be concerned with how buggy Linux is. However, Moody inflated the numbers to make Linux look bad. He added the Red Hat 1999 total of 38 to the aggregate total of 84 (which I assume would include Red Hat) to get 122 vulnerabilities. In short, he counted Red Hat twice. After doing that, he didn't mention a word about Windows' own stats - 99 for NT, 47 for 95/98. The Linux aggregate is less than NT alone.
Also, if you add the separate distro numbers, you come up with 98. I think this means vulnerabilities present across distributions were only counted once, though the page isn't too clear on that. The individual distro numbers are interesting - Red Hat is the worst at 38, Debian next at 29, yet both are lower than Win9x's total of 47.
Any way you slice it, Moody's screwing with the stats to promote his agenda.
Linux can be limited like anything else. (Score:3)
Nonsense! Linux could very easily be converted into very simple system.
A distro designed to come pre-installed and configured (or be installed and configured by a technician), go directly from the logon screen into a non-user-configurable GUI, install only new software packaged in a certain way from a central server, and never let the user see a shell, would be perhaps even simpler and easier to use than a Mac.
Why doesn't one exist already? Two reasons: you can't sell support for a system that just works (no commercial motive), and nobody who programs computers cares about a system like that (no "I'll write it to use it myself" motive). Currently, free software development optimizes for: minimal effort of development, stability, power, and "coolness". Ease of use for the new user is barely a consideration, except in distro installation programs.
Can you really see a bunch of Linux hackers sitting around trying to write a "toaster" distro in their spare time?
Mass market busking [boswa.com] might provide the solution to this kind of problem, but it'll be tough to make people understand why giving their money away is in their best interests.
---
Despite rumors to the contrary, I am not a turnip.
LOL! (Score:5)
The best-known competitor is Red Hat, but others - notably TurboLinux and Mission Critical Linux
Hands up - how many of you never heard of Mission Critical Linux until this? How many of you have never heard of Debian, Caldera or SuSE? And TurboLinux is major?
Linux is arguably the worst operating-system product in history, and Microsoft's the best
I don't think that there's one vulnerability in there for BeOS. I doubt there are any for AtheOS [atheos.cx]. Therefore, they're even better than Microsoft's platforms.
This boast[linux isn't vulnerable to worms/viruses] has been easy to make, since until 1999 Linux was too much of a fringe product to stand up to the kind of abuse more widely used systems endure.
Actually, it's because Linux is a true multi-user operating system, something not even NT can claim. Solaris is also immune to those kinds of things. If I try to delete every file on my system right now (I'm on Solaris) I will fail, except for wiping out some of my own data. The backups will remain. The system will still boot. Other users will be unaffected.
Isn't this how non-geeks decide? (Score:5)
If Linux is ever going to make it into mainstream, the mainstream will be looking at things just like that. Microsoft will come out with an ad campaign: "We've got less bugs than
So again it raises the question. Should Linux be mainstream? Is it even close to being ready for mainstream? I know a lot of zealots will start flaming away on this one, but when it comes to the general public, they are like sheep. Large numbers (unless it's their salery) frighten the sheep...
Does anyone out there have Moody's email address? Maybe someone could explain NICELY how he completely missed the boat on the bugs.
My letter to ABCNEWS.com (Score:3)
==============================
I'd like to inform you of a gross error in an article posted today on ABCNews.com:
http://abcnews.go.com/sections/tech/FredMoody/m
Quote:
"This looks like an alarmingly high number in comparison with Solaris' 34 or NetBSD's 10, but it is significantly less than the 122 racked up by Red Hat and the other Linuxes (their 2000 count stands at 47)"
Truth:
As Mr. Moody explained earlier, there exist different vendors who distribute Linux. Examples include Red Hat, SuSE, Debian, and Slackware. BugTraq counts security holes in each Linux distribution independently. In 1999 they counted 38 holes in Red Hat, 10 in Slackware, 21 in SuSE, and 29 in the Debian distribution [1].
Some security holes only affect a specific Linux distibution, and some security holes affect many distributions. For example, Red Hat might suffer from hole "A", but SuSE users might not be effected. SuSE might suffer from security hole "B" while Red Hat does not. Both SuSE and Red Hat distributions might suffer from security hole "C". This is very similar to the way sometimes Windows 2000, NT, 98, and 95 suffer from the same security holes, while other times the holes are dependent to a particular version
BugTraq also counts the total number of security holes in all Linux distributions. This means that in the previous case, we would have holes "A", "B", and "C" for a total of three security holes. Hole "C" would not be counted twice even though it is found in two distributions. This is where Mr. Moody did not bother to get his facts straight. He takes the total number of security holes found in all Linux distributions (84), adds them to the total number of security holes found in Red Hat (38, which were already counted in the previous number, 84), and comes up with the figure 122.
Therefore, the statement that there are "122 [security holes] racked up by Red Hat and the other Linuxes" is completely inaccurate. Minimally, the number 122 should be corrected to the real value, 84. I understand that this will completely undermine Mr. Moody's thesis that "Linux is... the worst operating system", since it clearly shows that all Linux distributions -- taken collectively -- have fewer security holes than Windows NT (99).
However, it is misleading to use the collective statistic of 84 security bugs for all Linux distributions. A user installs a single Linux distribution at a time. Thus, even if a user chose install the Linux distribution with the most security holes (RedHat, with 38), that user would be susceptable to less than 40% of the security vulnerabilities to which a user with Windows NT would be susceptable, speaking quantitatively.
Ironically, the very report to which Mr. Moody refers [1] clearly identifies Windows NT as the most vulernable operating system for both 2000 and 1999. In 2000, it has nearly three times the number of secutiry vulnerabilities as the nearest non-Microsoft operating system.
I believe that the article's gross inaccuracies and Mr. Moody's flagerantly misleading statements warrant a full retraction of the article.
References:
[1] "BUGTRAQ Vulnerability Database Statistics"
http://www.securityfocus.com/vdb/stats.html
Distribution (Score:3)
The only times I'm aware of ABC.com news.com msnbc.com suck.com slate.com salon.com etc are when Slashdot talks about them. Why should we pay them ANY mind at all? Why not have an article that says "Michael Low thinks that Windows 98 should have a different backgoround color"?
CT: your first instinct was right: don't bother with this crap. Don't bother ME witht his crap.
Fred Moody's Blues (Score:3)
Different Shades of Blue
"Fred Moody is the author of I Sing the Body Electronic: A Year with Microsoft on the Multimedia Frontier and of The Visionary Position: The Inside Story of the Digital Dreamers Who Made Virtual Reality a Reality." is the tagline that follows Fred Moody's well throught out and researched works of literature--a sort of "in your face" style bio. Just so he knows that you know that he knows what he's talking about.
After all, if he wasn't in the digital know, he wouldn't be published, or would he? News from Amazon's sales rank, a service of Online Book Giant Amazon.com tells a completely different story.
Amazon Sales Stats
Amazon.com keeps a running tally of their most popular books, from the worst in trash romance, to the best in literature, Amazon serves as the ultimate resource in determining how your favorite author rates among his peers.
Take, for instance, "The Official Three Stooges Encyclopedia : The Ultimate Knuckleheads Guide to
Stoogedom", it sold 3.75 as many copies as Moody's "I Sing the Body Electronic". That means it's 3.75 times better.
Techical books can't compare with madcap hijinx? "Using MS-DOS 6.22" has is supporting 4.67 more wobbly desks than Moody's "The Visionary Position", and DOS is better than "I Sing the Body Electronic" by a whopping multiple of 17.5.
Somone thought there wasn't enough idiots freefalling to their death or being rescued by National Guardsmen, and "The Complete Idiot's Gude to Rock Climbing" was born. Guess what Moody? That author is almost 10 times as talented as you.
All that aside, though, one conclusion is inescapable: A book which prompted my English Lit professor to laugh a girl out of class, "Jonathan Livingston Seagull : A Story", is 258 times as good as the year Moody spent with Microsoft. Drag Harry Potter into this and his ranking quickly approaches infinity.
As Fred Moody is finding out, it's a lot easier to masquerade as a great writer than it is to go out there and be one.