
Why did Netflix choose FreeBSD over Linux? (2015) - krn
https://www.quora.com/Why-did-Netflix-choose-FreeBSD-over-Linux/answer/Marcas-Neal?share=1
======
greenhouse_gas
I can't comment about speed, but I think that his security claims are a bit
off.

Now I never looked at Linux code or FreeBSD code (so it really can be that
FreeBSD has fewer bugs), but the question is if you will be hit by them.

Application code tends to be the most dangerous code - it tends to not get
stringent code review and tends to get less talented engineers relative to
kernel engineers. So, in reality, if you use WordPress plugins, Linux security
vs FreeBSD security is probably not relevant.

Now let's say you secured your webapp. You wrote it in Rust. _Now_ does it
make sense to worry about OS security? Still not necessarily. Really, if you
set things up right and apply patches as they come out, the chances of getting
hacked are quite slim - is your site worth wasting a zero-day on? And if it
is, its likely they'll find a zero-day in FreeBSD (or in nginx, or apache, or
...)

Now comes the million dollar question - where is it easier to apply patches?
Linux or FreeBSD? And this is one of Linux's big advantages - RedHat, Ubuntu,
and to some degree Debian has a multi-year "stable" track, where you get
security, _and only security_ (OK, and non-security bug fixes) upgrades.

Meaning, that its set up that once software is in "stable" (or LTS), its API
is locked. If the PHP foundation decides that the future is version 7, I don't
have to jump on the bandwagon and rewrite my code. RedHat/CentOS will continue
fixing the old release for _years_.

As a result, you can actually install upgrades unattended (yes, maybe it
shouldn't be completely unattended, but you don't have to dread upgrading).

