Linux's reputation for security received a boost from a survey of more than 6,000 development managers, who gave the open source operating system higher ratings on security for both server and application-related attacks
Separately, Linux developers are increasingly turning to non-commercial distributions, and see less need for the technical support provided by commercial distributors, according to a survey published this week by Evans Data.
The security survey, carried out by BZ Research, polled 6,344 software development managers about the security of different enterprise operating systems. Managers consistently ranked Linux as more secure than Windows, with Linux security comparable with that of Sun Microsystems' Solaris version of Unix.
In considering attacks against operating systems, Windows Server was ranked insecure or very insecure by 58 percent of respondents, compared with 13 percent for Linux and 6 percent for Solaris. Seventy-four percent said Linux was secure or very secure, compared to 66 percent for Solaris and 38 percent for Windows Server.
For application-related security issues, Windows again came out at the bottom of the list, with 58 percent rating it insecure or very insecure, compared with 18 percent for Linux. Linux was called secure or very secure by 66 percent compared with 30 percent for Windows Server.
Open source generally was considered more secure than proprietary software in four of eight categories: client operating systems (44 percent vs 17 percent), Web servers (43 percent vs 14 percent), server operating systems (38 percent vs 22 percent) and components and libraries (34 percent vs 18 percent). Proprietary software was ranked as more secure in database servers (34 percent vs 21 percent), while the results were tied for client applications, server applications and application servers.
Linux developer preference for commercial distributions has declined steadily since 2003, when it was twice the rate for non-commercial, Evans Data's Spring 2005 Linux Development Survey found. Six months ago the preferences were roughly equal, and now 34 percent prefer non-commercial, compared with 28 percent who prefer a commercial version, the remainder having no preference.
The change is a sign that non-commercial Linux is becoming increasingly easy to use and maintain, without the need for commercial technical support, said Evans chief operating officer John Andrews. Eighty-five percent of developers said the biggest advantage of noncommercial distributions was the ease and cost of upgrades and maintenance.
At the same time, the importance of access to technical support - traditionally the major draw of a commercial distribution - is decreasing. In the past six months, the number of developers citing support as the biggest advantage of commercial distributions has dropped by 25 percent, the survey found. Twenty percent of Linux developers now say there are no advantages to a commercial over noncommercial distributions, an increase of 50 percent since six months ago. "It can be taken as another sign of the maturity of the non-commercial distributions of Linux," Andrews said in a statement.