
Windows 10 isn’t the most vulnerable operating system – it’s Linux - tomrod
https://www.techradar.com/news/windows-10-isnt-the-most-vulnerable-operating-system-its-actually-linux
======
bdcravens
> However, Linux experienced the most reported vulnerabilities per product at
> 139.4, which is likely because the software company is relatively young and
> has fewer products. However, Linux is projected to grow and may soon join
> the likes of Cisco...

Does the author realize Linux isn't a company?

------
hlieberman
This is wrong for a different reason than about Linux. The Debian
vulnerabilities include all software distributed by Debian -- that is, as of
current count, 149.009 different packages. It then compares this number to the
vulnerabilities distributed by Windows... just the operating system.

For that matter, it separately breaks out Firefox -- which receives published
vulnerabilities in Debian itself!

All told, this article is questionable, at best.

------
bdcravens
The article considers Debian Linux one item for the list, yet treats each
version of Windows as separate. In their 20 year chart, all versions of
Windows adds up to 4865 to Debian's 3067.

Otherwise, we have to split up Debian by version, or at least only count the
versions since Windows 10 was released. For example, the chart showing just
2019 shows Debian with 360 and Windows 10 with 357, essentially neck and neck.

If you look at the vendors charts, you'll see that Microsoft is clearly in the
lead.

------
drdgvhbh
This makes no mention of the severity of the vulnerabilities. More
vulnerabilities does not mean less secure.

These are also the detected vulnerabilities, but what of the actual number of
vulnerabilities? You could argue Linux has more vulnerabilities simply because
there is more people looking for them.

~~~
tomrod
All great points. I was hoping I wasn't taking crazy pills reading over this
article -- thanks for recentering the discussion outside of "count of
vulnerabilities."

To your point, if I have 3 vulnerabilities and another program has 3,000, both
counts are immaterial if vulnerability includes everything from "can observe
encrypted traffic occurs" to "wide open access."

------
aussieguy1234
Linux is open source, so of course alot of the vulnerabilities will be found
and fixed. How many more undiscovered vulnerabilities does windows have?

------
nonesuchluck
I'm curious what software they're counting as "Debian." Are they counting the
way OpenBSD reckons--"Only two remote holes in the default install, in a heck
of a long time!"\--key word being "default install." Or are they counting the
combined vulnerabilities in Debian's 59,000+ packages? Debian is a lot more
than an OS, it is a project to vet and distribute a helluva lot of free
software.

------
philipwhiuk
What a terribly click-baity titled article

------
MR4D
Clickbait.

The author (editor?) is comparing 20 years of Debian to one release of
Windows.

Not worth the waste of time to get everyone riled up about how bad this piece
is.

------
rubyn00bie
Seeing as how the list says it starts back in 1999 and Ubuntu didn't even come
out until 2006; and is fucking based on Debian... I can quite positively
state:

this article is 100% bullshit.

------
chrisMyzel
Isn't it when Windows and OSX would be ooen source we'd only be able to find
the real number of vuln.

------
bedane
a number of Win 10 vulnerabilities masquerade as features

