From: "Geo." 

"Ronnie T. Mungo, Boy Genius"  wrote in
message news:3deb85e6$1{at}w3.nls.net...

> Rather strange. Either the numbers were right or wrong.

It's all in how you count. For example I have people try to prove to me
that Linux is more secure than NT by quoting numbers for one distrib of
Linux without Apache or any other addons and then quoting numbers for NT4 +
W2K + XP + W9x + IIS + Outlook Express + Internet Explorer and when I
called them on it they claimed "they all came from MS but Apache
didn't come from the Linux distrib group".

It's far too easy to fudge the number counts without an exact description
of what exploits they are counting.

Also, do you count a trojan as an exploit? I mean if the user has to run it
I could probably code up about a million exploits and really screw up the
counts.

If you really want to discuss the Aberdeen Group's numbers, get a list of
what exploits they counted for each side and I'll be happy to review it and
leave comments to try and give a fair count. My personal opinion is that
when you compare apples to apples the numbers are probably very close to
equal between one version of NT and one distrib of Linux. Likewise if you
add some stuff, Linux/BIND/Apache probably comes close to NT/msDNS/IIS.

Geo.

--- BBBS/NT v4.01 Flag-4