To:"Mike Swier" <mswier@YAHOO.COM>
Date: Tue, 3 Aug 2004 13:37:55 -0400 (EDT)
From:"Linux Pipeline Newsletter" <linuxed@techwire.com>
Subject: [LPN] Linux Pipeline Newsletter - 8.03.2004 - Security
LINUX PIPELINE NEWSLETTER
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1302x19650&
Tuesday, Aug. 3, 2004

1. Editor's Note: Linux Is More Secure Than Windows. It Just Is.
2. Top Linux News
3. The Week's Best Stories
   - Study Identifies Potential Patent Threats Against Linux Users
   - Windows-To-Linux Migration Hits Speed Bump In Munich
   - Value Judgment: Comparing Open-Source To Commercial Software
   - LinuxWorld Expo Will Be 'Open' For Business
   - Survey Finds Linux Hacks Rare
   - Opinion: Open Source Intellectual Property Has Protection
4. Voting Booth: Cast Your Vote On User Interfaces
5. Get More Out Of Linux Pipeline

------- Advertisement -------------------

Blades can significantly lower your total cost of
ownership by reducing space utilization, improving
efficiency, increasing system availability, and reducing
management costs. Now get started affordably,
with 33% savings on HP BL20p Blade Server bundles.
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1303x19650&

-----------------------------------------

1. EDITOR'S NOTE: Linux Is More Secure Than Windows. It Just Is.

Evans Data recently provided more proof that Linux is more secure 
than Windows. The researchers surveyed 500 Linux developers and 
found that 92 percent had never had a machine affected by 
malicious code. Fewer than 7 percent said they'd been victims of 
three or more hacker intrusions.
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1304x19650&

Only 22 percent said their systems had EVER been hacked. 

By comparison, last spring Evans did a study that found that 60 
percent of non-Linux developers had been victimized by security 
breaches, and 32 percent said they'd been hit three or more times. 

There's a reason that Linux developers get hacked less. It's not 
entirely, as Windows advocates say, because Windows is a more 
attractive target for hackers. 

Oh, that's part of the reason, sure. Windows is a bigger target, 
it's easier to hit. It has more users which means attackers can 
do more damage. Also, many hackers just don't like Microsoft, and 
target the company's products as a means of hurting the company. 

But, really, who cares why Linux is more secure, so long as it 
is? Windows will continue to be a more attractive target for 
attackers for a few years at least, and a few years is about as 
far ahead as any IT manager can plan a deployment. 

And Linux isn't secure only because it presents a small target. 
Linux is inherently more secure than Windows. While Microsoft is 
working hard on making Windows more secure, it remains to be seen 
whether the company will be successful. 

When compared with proprietary software, the open-source process 
is an advantage to developers looking to write secure code. This 
doesn't make sense to advocates of proprietary software, who note 
that distributing the source code to software allows crooks to 
examine the code for security holes. 

The error in that argument is the assumption that, with 
proprietary code, the crooks don't have access to the code. With 
proprietary code, crooks can find security holes by examining 
illicitly obtained source code - Microsoft source code has been 
leaked many times. And with either proprietary code or 
open-source code, crooks can examine the behavior of running binaries. 

But where open source is different from proprietary code is that 
open source encourages honest people to access source code, and 
find security holes and patch them fast. The large open-source 
community can find and patch security holes faster than teams of 
proprietary developers - even when those developers work for 
Microsoft - simply because the proprietary developers are hobbled 
by their need to keep secrets. 

Another reason for Linux's inherent security is its user model. 
End-users run with limited privileges; only systems 
administrators have access to the all-powerful root account. 
Mostly even systems administrators run as limited-privilege 
users, unless they absolutely need root access. By limiting 
users' access to systems, Linux limits the amount of damage a 
user can do. 

Linux's lower vulnerability, compared with Windows, isn't just a 
function of its smaller popularity. Linux is breached less often 
because it's more secure. Microsoft has a lot of catching up to do. 

Mitch Wagner
mwagner@cmp.com
Linux Pipeline
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1302x19650&

2. TOP LINUX NEWS

SCO Turns Focus Away From Legal Battles
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1305x19650& 
President and CEO Darl McBride focused his speech at SCO Forum on 
the company's strategy for getting its Unix-based products back 
on the map.

Unisys Offers Linux On ES7000 Servers
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1306x19650& 

Wyse Takes Linux Kernel 2.6 To Thin Client
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1307x19650&

Linux Vendors Target CRM For Enterprises
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1308x19650& 

3. THE WEEK'S BEST STORIES

Study Identifies Potential Patent Threats Against Linux Users
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1309x19650& 

Windows-To-Linux Migration Hits Speed Bump In Munich
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130ax19650& 

Value Judgment: Comparing Open-Source To Commercial Software
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130bx19650& 

LinuxWorld Expo Will Be 'Open' For Business
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130cx19650& 

Survey Finds Linux Hacks Rare
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1304x19650& 

Opinion: Open Source Intellectual Property Has Protection
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130dx19650& 

4. VOTING BOOTH: Cast Your Vote On User Interfaces
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130ex19650&
Best user interface: KDE, GNOME, Command line, other?

-- THE RESULTS SO FAR --

KDE: 55%, 835 votes out of 1510
GNOME: 22%, 329 votes
Command line: 15%, 228 votes
Other: 8%, 118 votes

5. GET MORE OUT OF LINUX PIPELINE

-- Check Out Our Linux Product Finder --
Don't reinvent the wheel. Find the right off-the-shelf product to 
do the job. How do you find the right one? Two words ... Product 
Finder:

Desktop Applications:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax130fx19650&

Application Servers:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1310x19650&

Commercial Linux Distributions:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1311x19650&

Network Management:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1312x19650&

Web Servers:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1313x19650&

-- Try Linux Pipeline's RSS Feed --
Linux Pipeline's content is available as an RSS feed. Just copy 
this link and paste into an RSS Reader:

http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1314x19650&

You need specialized software (or a Web-based service) called a 
news aggregator or RSS reader to view an RSS feed. This link does 
not work in most Web browsers or e-mail packages!


-- Discover The Other Pipelines --
Linux Pipeline is part of a large series of specialized IT sites 
from the TechWeb Network. Find out more about the Pipelines on 
the TechWeb Network Pipeline Publications page:

http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax12fex19650&

Every Pipeline site has its own newsletter. Give them a try!


-- Recommend This Newsletter To A Friend --
If you have a colleague or friend who might enjoy this 
newsletter, please forward it to him or her and point out the 
subscription page:

http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1315x19650& 


------- Advertisement -------------------

Blades can significantly lower your total cost of
ownership by reducing space utilization, improving
efficiency, increasing system availability, and reducing
management costs. Now get started affordably,
with 33% savings on HP BL20p Blade Server bundles.
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1303x19650&

--------------------------------------------

We take your privacy very seriously. Please review our Privacy Policy:
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1300x19650&

The Linux Pipeline Newsletter
A free service of Linux Pipeline and the TechWeb Network.
http://dclsmtp1.techwire.com/trk/click?ref=zp7waa8wo_0-aax1316x19650&
Copyright (c) 2003-2004 CMP Media LLC
600 Community Drive
Manhasset, NY 11030