undefined | Better HN

0 pointspowertower13y ago0 comments

> And yet, Unix/Linux had and has a much larger portion of the Internet-connected server market share but without the constant stream of critical vulnerabilities that Windows servers endured in the early 2000s.

A couple of things...

1. I really don't know what the Linux server market share was in 2000 in comparison to NT server. Nor what the break-down of kernel vs user-space patches and vulnerabilities are. It also makes things much more complicated when you consider that the two were used pretty much in different situations and for different purposes.

2. That quote was in relation to the desktop/home-user market.

So I'm not going to go there as I don't want to compare apples to oranges, and on limited knowledge.

> By your logic, Windows should have been a safer server choice because Unix servers were constantly falling to new attacks.

How you're getting that from what I said makes no sense to me.

0 comments

rbanffy13y ago

Just counting kernel security patches will give the wrong numbers. The "kernel" includes device drivers for every imaginable hardware component you can possibly run Linux with. In any real server, the security exposure is a fraction of that. If AMD processors require a patch, my Intel boxes will be safe. If there is an exploitable bug in my 3COM NIC, my Broadcom ones will be fine. In any running Linux machine only a tiny fraction of the kernel codebase is active and running.

It's really like adding all the vulnerabilities in the Windows kernel to the vulnerabilities of every device driver ever shipped in a box or made available on the web for every conceivable device you can buy.

j / k navigate · click thread line to collapse