[Raion]

https://www.techradar.com/news/windows-1...ally-linux

Ignoring the editorialized title, this is apparently true for the last decade. Windows 7 and 10 have less vulnerabilities combined compared to Debian, and on their own, less than Android, Ubuntu etc.

I'm not surprised, though I do think that Linux vulnerabilities can be mitigated to a point especially if you believe apparmor and such can protect you.

[shrek]

I use Debian (Devuan, same thing but without systemd). I've been looking into something like Slackware but Debian is just too convenient to leave. I kinda wonder if more vulnerabilities are being found because more eyes are on it or if things are just that poorly configured and maintained.

[jan-jaap]

This is the sort of fodder where everybody can find some 'facts' to support their own opinion.

So what if Windows 10 suffered 1111 vulnerabilities in the last 20 years, you might as well say it had 1111 in the last 200 years because it was introduced only 4 years ago. Debian actually existed 20 years ago and had 3067? I'll let you do the math. Then again, who even cares about 20 years ago? Impact of vulnerabilities or response time not taken into account. How many were in the 'base installation' vs. the god-knows-how-many thousand in 'contrib' that few people use, etc etc.

Pffft.

[Raion]

Jan, they apparently we're talking about for the last 10 years and combining Windows 7 and 10.

Read the actual article. Nobody's spreading FUD or lies. It's just information nested in editorialism. Editorialism is bad, but what are we gonna do?

[jpstewart]

I only skimmed the article, but it doesn't seem to make clear that "in Debian" can include add-on software such as Apache, MySQL, PHP, OpenSSL, etc.  If the Debian numbers do include those and all the other packages in the Debian repositories, then they are actually surprisingly low.  I doubt the Windows figures include any add-ons so I really hope they weren't included for Debian.  That would be very unfair.  But I can't see anything in the article that makes it clear one way or the other.

[Raion]

I would imagine it's either one of two things:

Either a debian base install

or Debian's repo as a whole. Unfortunately their methodology is muddled.