OpenSUSE Linux Rants

OpenSUSE Linux Tips, tricks, how-tos, opinions, and news

My Resume  -  My LinkedIn Profile

January 10, 2008

$306.1 M financial group bets it all on Linux security

by @ 9:55 pm. Filed under General Linux, kernel, Linux migrations, M$ Exposed, War

The evidence is undeniable : Linux is more secure than its proprietary alternative. This should be clear enough with even the briefest review of system security news revolving around M$ and its OS in the past week. 396 stories found. For Linux? 26.

“But if you consider the install base of each one, that will account for the difference in the number of stories and the number of vulnerabilities and exploits.” That’s one I hear from a lot of Micro$ofties. What’s funny is that this isn’t even true, and it’s very easily disproven. Very easily.

It’s as simple as comparing the number of flaws that exist per thousand lines of code in each of the kernels. Coverity did a study (albeit just over 3 years ago) of the number of vulnerabilities found in the Linux kernel per thousand lines of code. That number came out to be about 0.17 flaws per 1,000 lines of code, down considerably from about 8 times that only four years previous. Imagine how much it has improved since the study was done.

On the other hand, a study of proprietary software revealed that the average number of flaws per thousand lines of code is roughly between 10 and 20. This is not a good number for the M$ camp. 0.17 for Linux versus between 10 and 20 for proprietary software on average. Since M$ won’t let anyone see their source code, it is not possible to make a definite determination. But if they were certain it was even in the same ballpark as the Linux figure, you’d bet that they would be making a huge deal about the fact. I have heard nothing from them concerning the matter. Draw your own conclusions.

A very large number of entities are noticing this same thing. Not only is Linux much cheaper to run and maintain, it is also apparently around 100 times more secure (if you take a number between 10 and 20, like say 17, and you divide it by 0.17, you get 100) than what you might have on your desktop at this very moment. There are a lot of companies who are seeing this.

You know it must be fairly accurate if even financial institutions are switching over. Today, I saw an article illustrating this point. Entitled, “Financial group trusts Linux platform to protect customers’ assets,” the company’s experience thus far has had a familiar ring. Here are a couple of excerpts:

“Western & Southern reports an 80% decrease in batch cycle times on the new database servers running Linux, as well as a 60% reduction in the number of servers needed, which further reduced both hardware and software license costs.”

“Jackson’s experience with Linux has been so good that the company is now looking at other areas in which it could use the open source operating system.”

Now… This is not one isolated instance. I have personally documented over 150 cases of major Linux migrations. Entities described in this research include all of the branches of the U.S. Military, various national governments around the world, other world-wide financial institutions, large international companies and corporations, and educational institutions.

If you would like to have this research, I have made it available as part of my “Intro to Linux” course, available from the right nav on my OpenSUSE Linux blog. It’s free and makes for an interesting read, and you can send it out to whomever you may wish to share it with. That particular part of the course is in class number 4.

In any case, for situations where you need rock-solid security, Linux is truly a viable solution.

OpenSUSE Linux Rants
Official OpenSUSE Linux Site

internal links:


SUSE Resources

search blog:


January 2008
« Dec   Feb »

59 queries. 0.834 seconds