Well uc50ic4more, I am not trying to argue with you. But that last vulnerability with Linux servers went undiscovered for a long period of time. I think it was something like two years but I can't remember exactly without doing some research. The new vulnerability, which is being called Shellshock by some, is even more serious and can affect Unix, Linux, BSD, and Mac OS X servers and potentially even Mac desktop computers, and even some router/modems.
You can put down Windows, Microsoft, and Bill Gates all you want to, and they are certainly far from perfect. But in the case of Linux servers I don't think there are enough people watching the store. Open Source or not, and people able to check out the software or not, the last security vulnerability went completely undiscovered for a long period of time. Sorry, but nobody was checking the software for any problems. A mistake in programming was made and it went undiscovered for a long time. And this affects all of us. It does not matter if somebody likes or dislikes Linux or whatever. Something like 66% of the servers on the internet use some version of Linux.
And I came across some articles a while back where various experts were saying that several Linux servers had not been updated to correct for that last vulnerability. I did not think I would need to have quotes available from those articles so I would now have to research it so I could find quotes for you.
Sorry, but I do not share your optimism that these problems are going to be corrected.
There are too few defenders and too many attackers. And the attackers seem to have more resources than the defenders.
If we want security on the internet there will have to be major changes. There will have to be a huge increase in funding for Linux programming if we are going to use mostly Linux servers on the internet. And somebody will actually have to be taking very good looks at all programming for any mistakes or vulnerabilities. Because these attackers have a lot of resources and they are checking everything very carefully, and we simply can't afford to continue the way we have been going.
This is no attack on Linux. These are the simple facts. I personally don't care much for Linux and Open Source Software, but we must make darn sure that the servers on the internet are secure, regardless if they are Windows servers or Linux or whatever. If the server computers can be attacked that is a much more serious issue than a personal computer somewhere being attacked.