Oliver Jones wrote:
/Strip back the FUD; apply the standard "there are security holes in Linux applications fixed all the time, but Gartner Group rarely complains about them, and if they do, it gets written off as anti-MS propaganda"/
This is entirely true. Linux does have security problems. Just today RedHat released two fixes for bugs in CVS and Cadaver.
I'm not sure if I've seen any "Linux" or related security flaws that have been known about and no patch provided for 6 months [1]. Security flaws happen, it's how they are dealt with that's the issue. Ignoring the lazy/ignorant sysadmin problem for now, a 6 month lead time from notification of a critical security flaw in software to the vendor providing a fix for it is pretty shocking. I don't think this is FUD at all. If patches were ready in a timely fashion, and didn't have complicated dependancy issues, then you could start talking about market share and pointing out that if Linux had a bigger install base it'd be a bigger problem. But don't be too quick to discount as FUD a very valid point. [1] I would link to the right place within www.eeye.com however it seems to kill Mozilla 1.7b without even thinking about it. I've had to re-write this email because of this...