Their criteria included the number of reported vulnerabilities and their severity, as well as the number of patches issued and days of risk — the period from when a vulnerability is first reported to when a patch is issued.

On average, the Windows setup had just over 30 days of risk versus 71 days for the Red Hat setup, their study found.


71 days? Wow.

Story here. (http://seattletimes.nwsource.com/html/businesstechnology/2002182315_security17.html)

Redhat isnt all that secure, i would like to see that test done with gentoo. Or perhaps also have a Windows vs. OpenBSD = ). Another factor is also that there are less linux hackers then there are windows hackers. Alot more script kiddies have trojans and exploits to use on windows machines, and if any of them ran into a linux machine they wouldnt know wtf to do. So despite the fact that there are more days vulnerable, less hackers would try to gain access to the linux machines because simply there are less in number compared to windows.

Maybe Constantly patched Windows is more secure than Linux would be a better title?

I encourage you to read some of the comments here (http://linux.slashdot.org/article.pl?sid=05/02/17/1616232&from=rss).

My opinion is that a Windows server can be more secure than a Linux server. A Linux server can be more secure than a Windows server. And they can be equally secure, or insecure.

The operating system doesn't play as much of a role in security as most people think. It's the responsibility of the Administrator, regardless of operating system, to secure the machine beyond the default configuration.

71 days? Wow.

Story here. (http://seattletimes.nwsource.com/html/businesstechnology/2002182315_security17.html)
It would also be a valid point that "reported" and "known" aren't the same thing. Microsoft may know about a vulnerability before it's publicized...

Statistics are the best way to lie.

Don't get me wrong, I <3 Linux, but overall, I'm starting to think that Windows might be more secure then Linux - in theory, at least.

The main reason being Microsoft's current push for security - with recient updates such as SP2, their constant patch release cycle, and the fact that there's just more information about Windows security (since it's used more then Linux).

In practice, however, I feel Linux is more secure, simply by security through obsecurity. The fact is people just aren't targeting Linux systems, especially with viruses and spyware, meaning currently, it's safer. However, as it gains popularity, it's going to lose that edge - but at least it'll be interesting to see how the open-source community deals with this.