• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
home / opinions / Debian vs Windows and security, what is the truth?

Debian vs Windows and security, what is the truth?

11/03/2020 12:56 by giorgos

Dimitris from our iGuRu.gr team presented an analysis of TheBestVPN and reports that the Debian operating system has been the most vulnerable in the last two decades.

The same analysis states that in 2019 Debian was in second place.

debian - Debian vs Windows and security, what is the truth?

Below we will see some that are not mentioned in the analysis of TheBestVPN (really who are they?). The analysis, published by TheBestVPN, is based on data from the National Institute of Standards and Technology National Vulnerability Database (National Database of the National Institute of Standards and Technology) USA, but I think the way and the title that presented them is biased.

Why

Take a look at the image below and count how many different versions of Windows there are:

debianvswindows - Debian vs Windows and security, what is the truth?

You will find Windows 10, 8, 7, Windows Server in all versions 2008, 2012, 2016, 2019, while the Debian operating system is presented as one, while only one is the Linux kernel. Of course, one could say that there are some common vulnerabilities between all versions of Windows. But why not Linux?

debianvswindows 2 - Debian vs Windows and security, what is the truth?

According to the analysis, Microsoft, founded in 1975, remains a very attractive target for attacks in 2019 as 668 vulnerabilities have been reported.

As of 2009, Microsoft had 6,814 vulnerabilities, making it the company's most vulnerable operating system in recent years. Oracle (6,115), IBM (4,679), Google (4,572), and Apple (4,512) are in the top five.

Linux according to the same analysis had reports of 139.4 vulnerabilities per product (?), Because the "software company" is new and has fewer products!

What did the man say?

debianvswindows 1 - Debian vs Windows and security, what is the truth?

We quote the screenshot so that it does not change from one day to the next… Which software company is it talking about? and what does it mean that 139.4 vulnerabilities were reported per product since the "product" is one, if it talks about the Linux Kernel?

The above analysis does not seem to clarify exactly what happens to vulnerabilities, which does not make it so "scientific" and credible.

For example: In 2019 it reports 321 vulnerabilities in cPanel, a web management panel, and software. This application works on both systems (Windows and Linux). However, the total number (321) does not indicate where the vulnerabilities occurred, or whether any of them "stepped" on operating system vulnerabilities.

Respectively the vulnerabilities of Fedora and Ubuntu distribution that existed? The Linux Kernel is not mentioned anywhere in the 2019 list, have distribution vulnerabilities been measured separately while we are talking about a product?

Here we must add that the Debian distribution is one of the constants that exist. It is no coincidence that many other distributions use it as a basis to create their own. See: Ubuntu, Mint, MX Linux, antiX, elementary OS, Zorin OS, Peppermint OS, Trisquel GNU / Linux, Bodhi Linux and does not combine.

Due to the wide adoption of the distribution, the packages available to the public are many (it has more than any other distribution). A vulnerable package from an application, however, can not characterize an entire operating system as insecure. See Adobe packages for Linux and Windows.

Another point we need to make is where this analysis states what counts as a vulnerability:

“Denial-of-service (DoS) attacks were only responsible for about 10% of product vulnerabilities in 2019, but they outnumbered all other vulnerabilities in 2017. However, GitHub experienced the largest DoS attack ever seen in 2018 when its website went offline for about five minutes. Perhaps that's why there were only 919 DoS attacks in 2019 - companies took note and fit their products with necessary defenses. "

DDoS - Causes vulnerabilities: Do we know what we are writing here?

So, for better or worse, the data published by TheBestVPN seems to be missing the fine print, which would give us a more complete view of what is really going on.

More practical now: I have been using debian for years on my personal computers, without any antivirus. Each of my systems is upgraded normally, like any other operating system, and without the risk of reverting after a reboot requested by the upgrade (I do not say names, nor do I show Windows).

Debian vs Windows and security, what is the truth? was last modified: 11 March, 2020, 12: 57 mm by giorgos

Subscribe to our newsletter

no spam

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: opinionstag: debian, linux, windows, safety

You May Also Like

Kali Linux 2021.1 has just been released
MITM Attack Guide to LAN
Guide to Reverse Shell between two Linux machines

About Us giorgos

George still wonders what he's doing here ...

Previous Post: « Microsoft new levels of telemetry in Windows 10
Next Post: Patch Tuesday March 2020: fixes 115 vulnerabilities »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loadingCancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.