"No known end-users suffered a compromise as a result of these brief compromises. Only a few dozen copies of possibly compromised code were downloaded -- at least from the Debian site where statistics were provided. Compare this to the millions of end-user sites that get compromised every few months when a major Microsoft vulnerability is exploited. These far greater numbers of compromised users are the "car wrecks" of the computer security world. Nobody pays any attention to reports of traffic fatalities. They appear buried deep in the newspaper every day. Just flip today's paper open to the Obituaries. Unlike the flying public, though, most company executives finally have realized that Open Source offers far better security and reliability at a far lower cost than proprietary "solutions", such as Microsoft. Apache outnumbers IIS about five to one. Almost every large web site and many small ones run Apache on Linux or Unix rather than Bill's software." Toxen added.

What about viruses?

After an article about Linux vs. Windows viruses there's been a heated debate on how many viruses there actually are for the Linux platform and how much more secure people using Linux are than Windows users. What I've been thinking about is do Linux users really need an antivirus product?


Gagne said: "My first instinct in replying to this question was to stress the difference between viruses and trojans. Even in the Linux world, it is possible for someone to distribute a program that is actually a trojan horse. It is also possible to leave your system open to something as simple as somebody logging in through any of a variety of open network services. Exploiting too liberal an access policy (ie: no firewall), is not the same thing as a virus that infects your files because you received and opened an email attachment."

"Do Linux users need an anti-virus program? The short answer is no. Until such a time as someone can demonstrate that Linux represents as great a danger to the networked world as Windows (even on a 'per capita' basis), then it's pointless for Linux users to waste their money. Both Windows and Linux systems should be running a firewall -- that will protect you from service exploits. Linux systems, however, they do not need anti-virus programs." Gagne added.