New research suggests that Linux as a platform is more secure than Microsoft's Windows and Apple's macOS. Platform security is becoming a major concern among users, with Windows and macOS often believed to be relatively safer than Linux due to the regular security patches and updates. However, the latest report now suggests that Linux could actually be faster than both.
Security vulnerabilities in operating platforms and other software is a major problem, given the growing prevalence of malware. Not only that, targeted hackings are also becoming a major issue for government agencies, politicians, journalists, and civil rights activists. Regular citizens are also often being targeted by cyber-criminals, so it is imperative for software vendors to patch security vulnerabilities in their products as soon as possible.
Over the years, the discovery of a host of vulnerabilities in Linux have led people to assume that it is inherently less safe than proprietary platforms, such as Windows and macOS. As it turns out, that may not be entirely true. According to new research by Google's Project Zero team, Linux developers do a faster job of fixing security bugs than anyone else. Interestingly, they apparently do a better job than even Google's own in-house teams that work on Chrome, Chrome OS and Android.
The Research Spanned Three Years
To study how fast various companies patched their security vulnerabilities, the researchers looked at fixed bugs that had been reported over a three-year period between January 2019 and December 2021. According to the results, open-source programmers, on average, fixed Linux issues in just 25 days. In comparison, Apple took about 69 days to fix security holes in macOS, while Microsoft took a whopping 83 days to patch security vulnerabilities in Windows. Meanwhile, Google and Mozilla fixed bugs in 44 days and 46 days, respectively. Oracle took the most time overall, taking an average of 109 days to fix each bug. Compared to the others, however, the Oracle data is based on a small sample size of just seven bugs.
The study also calculated the time taken by developers to fix security vulnerabilities in mobile operating systems. Here, the results were more along expected lines. According to the report, Apple managed to issue patches for iOS faster than Android vendors, despite receiving many more bug reports than any of the Android manufacturers. Overall, iOS received 76 bug reports and Apple fixed them in an average of 70 days. Samsung received 10 bug reports in the same time, while Google received 6, and both took an average of 72 days to fix the security flaws.
Source: Google Project Zero