In the last hours, certain security information published by thebestvpn.com: Linux it is the "operating system", in quotes because it is a kernel, the most vulnerable in the world. Is this true? What does it mean? Is there something to clarify? Probably yes and, reading the information, there is something that attracts a lot of attention: the time they have used to analyze an operating system and others, such as Microsoft's Windows. Let's go first with the data.
An analysis by the National Institute of Standards and Technology's National Vulnerability Database has followed the existing vulnerabilities in operating systems from 1999 to 2019. The worst of all, the one that has had the most vulnerabilities in this time, has been Debian, with a total of 3067 vulnerabilities. Behind, Android has had 2563, closing the podium the Linux kernel with a total of 2357 vulnerabilities. The top 5 would be closed by macOS (previously Mac OS X) with 2212 and Ubuntu with 2007 vulnerabilities.
Linux has more vulnerabilities, but in more time
Many of you are probably wondering «What about Windows? Wasn't he supposed to be more vulnerable? And this is where I think the injustice is: Windows 7 had 1283 vulnerabilities and Windows 10 1111, which adds up to 2394. A simple glance will tell us that 2394 are less than Debian's 3067 (more than Ubuntu's 2007), but from Microsoft have only picked up two operating systems released in the last decade, and not in twenty years as they have done with Debian. They have probably done the same with macOS, so it seems that the study is not all that one would expect.
On the other hand, we also have to bear in mind that more is not always worse. Many of the vulnerabilities found in Linux are minor bugs and are fixed in hours, while many of the vulnerabilities found in Windows are more serious and go longer without being fixed. In any case, one thing is clear: they have only analyzed two Microsoft systems (They don't mention Windows 8.x) and yet they have found more vulnerabilities than on systems like Ubuntu.
Windows 10 and Debian, almost the same number of vulnerabilities in 2019
Another curious fact is that, analyzing only 2019, Android would have been the most vulnerable (414), followed by Debian (360) and Windows 10 (357), which implies that yes, that Debian is buggy, but that they are very few less than the Microsoft system even taking into account that Windows has been a Rolling Release for a long time and Debian releases new operating systems every year. To complete the news, Firefox and Chrome also appear on the list, with 1873 and 1858 vulnerabilities respectively. They have not mentioned the exact time, but they have probably analyzed browsers since their first version.
In any case, it has always been said that there is no perfect operating system or software, so it is worth having everything always well updated ... even if we use the "safe" Windows of which only half are told.
"Even if we use the" safe "Windows of which they only tell us half."
Yes, the same thing happens in Linux, only what matters is counted. When a news item appears on a web page about a vulnerability, not even a comment is seen. It must be a coincidence.
Security patches that are installed regularly must be a myth.
They should have compared debian for 20 years with windows from the 2000 version for it to be more valid I think
What a BAD JOKE
I do not know a MS WOS user whose computer has NOT been infected with a virus
I do not know a LiGNUx user whose computer has been infected with a virus.
One thing is POTENTIAL problems detected on time, and solved on time always in the case of LiGNUx, and almost always in MS WOS - which we remember Google put in a lot of trouble with its policy of publishing those that were not solved in time - , and quite another, the REAL SECURITY of the EQUIPMENT.
Which multinational company trusts its SECURITY in MS OSs ?: None
Why are all corporate security tools LiGNUx?
In SECURITY there is only one OS that those who know trust and that is LiGNUx, the rest is PROPAGANDA.
... I think: this story is one more to create preferences between one or the other OS.
If we are going to compare, let's compare the latest versions of the OS under discussion; because it is assumed that the previous versions do not count since the current ones replace them by eradicating their vulnerabilities.
I continue: one or the other OS is not better, but either one is the best as decided by the end user, do not believe.
… The problems that exist in the world would not be so many, if humanity did not pay so much interest to differences and if it contributed to their solutions.
No, GNU / Linux is by no means the safest OS of all, there are other rather better and more secure ones like FreeBSD, NetBSD and OpenBSD.
PS: In security, the safest operating system in the world (as installed by default) is OpenBSD.
I assume that all that is shown are corrected errors, that is, more errors are found and corrected in linux than in windows. That is logical given that for example there is a strong testing in debian, this probably causes problems that are inherited from previous versions which are also corrected (LTS versions). Also what about what is not found (or never corrected). ? If I build an Operating System and never correct it, for this report it would have fewer errors and therefore less vulnerable?
Of all the comments I've read, yours is the most accurate:
In GNU / Linux there are more errors, because there are more people watching and correcting those errors; while in a closed OS such as Windows the errors are "hidden under braces" and those that are published are extremely serious and are already known by "half the world" at the moment of admitting it ... whatever they say, I'm still with Debian KDE.
I don't care, windows stresses me out and always breaks down and slower than the bad guy's horse, with a half-ton fat baddie on top ... I don't change linux or drunk.
Starting because the writer screwed up when he said that Linux is an "operating system."
Both (Win and GNU / Linux) have spent time and versions to get where they are. But while the Debian timeline reports a system in constant development and improvement from the 7 I started with to the 10 I currently use, Windows only leaves a trail of shit along the way.
At the end of the day Win 10 is only the return to Win 7, and they have tried with it to fix all the shits committed with 8 and 8.1. Including those of the 10 that has only been a headache for users and for Microsoft.
Another problem that Debian does not have but if it haunts Windows 10 is fragmentation. There are currently about 7 versions of Win 10 and perhaps that is the cause of the constant problems that Win 10 users enjoy when it comes to updates.
Seriously? ... I've been using GNU / Linux for more than 20 years, without any antivirus, for example, I don't understand how those companies that are dedicated to making antivirus have not taken advantage of these "vulnerabilities" to sell an antivirus for gnu / linux, weird
There are two problems: The percentage of use of Linux, and home users accommodated to free, whether with Win or Linux. There is no business.
I think it is clear that the manger who has done this study eat. I appreciate your articles, although in some cases from the point of view of a novice user I see them a little extreme. Thanks
https://www.fayerwayer.com/2020/03/windows-10-borrar-actualizacion-kb4535996/
and complain about Debian….
The study is not really reliable because the variables used for its development are totally subjective. We do not know the type of vulnerability, if it is critical, at what level it can be exploited, if it has been corrected in later versions, etc. Debian is taken as a system in which there have been no versions while in windows different versions are taken ignoring others and ignoring that many of the vulnerabilities of windows are treated as zero knowledge, that is, they are only publicized when they are patched, so we do not know the actual number of vulnerabilities and their current status. Windows versions are missing in the study as well as the time chosen for their accounting is not statistically correct for comparison. This study sounds more like false advertising to me since it tries to hide that yesterday was a Super Tuesday in the Microsoft updates. 115 updates and many of them extremely serious.
Anyway, and although we are already used to these falsehoods, it is not advisable to fall into the trap of feeling safe when using GNU / Linux. No system is 100 percent secure.
Windows Vista beats them all together.
Well yes.
The "experts" are sponsored by Microsoft Windows, to praise the product; to allow it to remain embedded in most of the world's new PCs.
And the infinity of tasks that it executes in the background is never mentioned, without the user being informed of what it does, for what purpose, or what information the user exchanges with its manufacturer.
Windows has NEVER created anything; from its own interface, to office, internet explorer and its tabs, sql server, nt, bing, tabs ...
Everything has been a copy of previous ideas and original projects.