Linux hacked more often than Windows
Interesting new stats being reported on hacks against Linux. I've also read these reports in Slashdot recently. What I'm most interested in understanding is: who are these people who are hacking Linux and what is their motivation? I can kind of understand people wanting to hack Microsoft stuff just to feel like they are a 733t rebel or something. But Linux?
From ZDNET:
“While Linux has long enjoyed a reputation for being more secure than closed source operating systems such as Windows, its rise in popularity has also made it a far more common target for hackers, a new study suggests. An analysis of hacker attacks on online servers in January by security consultancy mi2g found that Linux servers were the most frequently violated, accounting for 13,654 successful attacks, or 80 per cent of the survey total. Windows ran a distant second with 2,005 attacks. A more specific analysis of government servers also found Linux more susceptible, accounting for 57 per cent of all breaches.“
Comments
- Anonymous
February 20, 2004
Perhaps the wide availability of source lures more active minds into figuring out some vulnerabilities just by analyzing the static code. - Anonymous
February 20, 2004
Maybe the major servers are on Linux platforms... - Anonymous
February 20, 2004
Stefano, I don't think the Netcraft stats confirm that, but, even if it were so, why would the haxors want to destabilize Linux's security rep? I'm sure there is a rationale here (and I'm sure if I read /. enough someone's probably explaining it already), I just don't get it at the moment... - Anonymous
February 20, 2004
FUD
FACT: Everybody dresses up the truth to sell theyre story. Every body adds theyre own little twist or inuendo. - Anonymous
February 20, 2004
While I believe that if a product is used on enough servers, it'll be hacked, mi2g don't have a particularly fantastic reputation in the security business; at least going by a google search on their name. - Anonymous
February 20, 2004
The comment has been removed - Anonymous
February 20, 2004
Your comment is interesting and very Microsoftish (IMHO) in that you attribute their motives to supporting an organization. I don't think it matters what system they target, I doubt these guys care about Window's reputation or even Linux's security reputation. You're attributing a desire to [not] support Linux or [not] support MS to their motives and I highly doubt that comes into it.
I have a feeling the higher attack rate has everything to do with being able to search for the vulnerabilities in the source code rather than having the spend the time to discover them by reverse engineering. I run both Linux and Windows and I feel more secure with Linux only because the MS exploits receive more attention and the patch rate on Linux seems higher and faster. (Whenever I hear about a Linux exploit there is almost always a patch for it within hours. With MS I have no idea how long its been sitting there before the information about the exploit has been release along with a patch.) Might not be rational or reasonable but thats the way it is.