In How Far Behind is Linux?, WSJ writer Lee Gomes sets up a beautiful strawman about the security of GNU/Linux versus Windows and knocks it down with its own answer. (The emphasis is mine).
Ubuntu’s claim to fame is that its developers have bundled not just Linux, but a shelf full of other important programs, such as Web browsers and word processors, into a single easy-to-install package. Once on your computer, it looks and acts much as Windows does. What’s more, Ubuntu updates itself every six months and notifies you if security updates are needed in the interim.
That last feature, incidentally, should disabuse an actual Ubuntu user of the notion that a non-Windows operating systems is security utopia, where hackers are powerless and children are all above average. I recently installed the April version of Ubuntu on my home machine and promptly was informed that more than 50 security patches to problems discovered in the interim awaited my downloading. Who does Ubuntu think it is? Windows?
I’m not sure who told Mr. Gomes that Ubuntu, for example, has never needed a security update. (If anyone actually did, I respectfully suggest that Mr. Gomes reconsider his use of that source.)
Yet I wonder how far you have to misunderstand the nice effects of free software to think that not only being able to bundle all sorts of utilities and applications through a single package manager and update them all through the same utility represents a problem.
I haven’t used Mac OS X in a while or Windows in a longer while, but I seem to recall the system updates on both completely failed to update software I’d installed myself apart from the base operating system.
It seems to me that getting regular security updates–as often as nightly–for all of the software installed on my machines is, indeed, one sign of better security. Certainly never needing security updates would be better yet, but no mainstream operating system is there yet. Until that point, I’ll stick with being able to update all of the software on my machine automatically, and consider that a tremendous improvement over the Patch Some Of Your Software Tuesday process.