From the author of the operating system kernel that gives us dozens of CVEs every month, that puts drivers into kernel-space, comes a condemnation about the way vulnerabilities are being presented, for “attention whoring”.
I’m looking at the statistics for macOS and Windows and the average rate of CVEs over the past few years for each is identical. In 2017 Linux had around twice as many exploits as the average, which is worrying until you notice that macOS had a similar spike in 2015. Windows is broken down by version.
More than a little ironic that you are practically proving Linus’s point about fearmongering in a post condemning his condemnation.
Comparing CVE/timeframe is not how you compare the security of software. Not even remotely.
For one, Linux has a much broader attack spectrum since it runs most of the internet out there. Attackers and researchers are probing every line of source code in Linux to get into servers.
Warning: autoplay video with sound.
It’s disappointing that this is probably going to reinforce Linus’ views about security research in general.
From the author of the operating system kernel that gives us dozens of CVEs every month, that puts drivers into kernel-space, comes a condemnation about the way vulnerabilities are being presented, for “attention whoring”.
Thanks Linus! I knew we could count on you.
I’m looking at the statistics for macOS and Windows and the average rate of CVEs over the past few years for each is identical. In 2017 Linux had around twice as many exploits as the average, which is worrying until you notice that macOS had a similar spike in 2015. Windows is broken down by version.
More than a little ironic that you are practically proving Linus’s point about fearmongering in a post condemning his condemnation.
Link? I was talking about the kernel, not a full operating system. One compares Linux to Darwin, not macOS.
Comparing CVE/timeframe is not how you compare the security of software. Not even remotely.
For one, Linux has a much broader attack spectrum since it runs most of the internet out there. Attackers and researchers are probing every line of source code in Linux to get into servers.