The London Borough of Newham got an excellent deal on its software contract renewal with Microsoft by seriously considering Linux instead. Which is fair enough; I’m more concerned that their advisors, IT consultancy CapGemini, seem to have lost all vestiges of sanity.
According to CapGemini consultant Leslie Burr, “open-source software has more security issues” than Microsoft. He also says “we established that Microsoft had invested considerable time and energy into the security of their systems”.
The second quote is true, if misleading: Microsoft does invest a great deal of time and energy attempting to fix the holes in their systems before everyone gets worm-infected. However, the idea that someone who is paid to know a lot about IT might not only believe but also *say* the first quote is a scary one.
Perhaps CapGemini assesses an IT platform’s security based on how often the supplier releases critical updates?
The main sysadmin here at work seriously belives Linux is less secure than Windows, *because* linux is open source. We develop on Linux for Linux and email/word process etc on Windows.
The usual scam with these "Linux less secure than Windows" reports is to count all of the security holes found in the Linux kernel and all the software in a typical distribution (thousands of packages, usually), and then compare this to the number of security holes found in Windows and the Windows shell (which is basically just Internet explorer). If this still doesn’t give the answer you want — and remember, Windows has a lot of security holes — you then count the security holes in Linux once for each distribution (so that a single kernel bug counts as, say, four security holes — one in each of Red Hat, Debian, Suse and Mandrake).
Basically this is a pretty transparent scam and one has to wonder why they’d bother with something so openly dishonest. Ah well….