I see the number of distros a positive thing for Linux. You can choose what you want your “Linux” to be like, each distro has its own general direction ubuntu is ease of use Gentoo speed and customization and the various Linux firewall projects lean towards security.

With windows your force fed everything MS wants you to use and a lot of the things they make are not user friendly at all compared to the FOSS alternative. Maybe that is caused by the developers using the program not just getting it done and sending it off to the boss. Also I know im a confident user don’t warn me about every little thing i do, the first thing i have to do on a new install is start removing MS software and putting my own it.

Also one thing that i think adds a lot to the Desktop security (not so much on servers) is the way you have to get software with Linux you use a online repository of programs that you can trust, with windows if you don’t know what to use for something you have to use Google and hope that its not a malicious program. with servers (i do at least) use software that i know is good or have tested on other machines first

To be fair, you should not use “Linux” as a general word. Not all distros are created equal, typically the Debian-based are very secure by default, but it’s not the case for all of them !

So, neither Windows nor Linux satisfy me.

With Windows, I like the fact that it’s ONE os, not hundreds of flavours with slightly different things. But I hate the fact that, because it’s not open source, you are tied to whatever Microsoft decides to invent to improve profits. Look at Vista… The XP/2003 tandem is mature and perfect for enterprise setups, but Ms has broken so many things with Vista.

With Linux, I like the open-source philosophy. But I believe the sheer amount of available distros just makes it too hard to master something. And, I still believe Linux lacks good centralised management tools, which makes large infrastructures hard to manage. Sure, Novell is doing well with Zen, but… Where is Novell going ? I don’t know.

And last but not least, we should never forget that security is never stronger than the weakest link. I saw today a Linux server, once proudly and carefully installed and secured, sitting in the middle of a public room, with an X desktop running under root… Oh my…

Now that I am in the server world more and more I see that both can be very secure. Securing a Windows server is slightly harder in my opinion, but that is because I’ve worked with Linux servers more than Windows.

With the proper steps both can be hardened to similar states. Linux is easier usually because most of the tools are open source. When trying to harden a Windows box it can get rather expensive to buy the correct software.

I typically avoid Windows where possible. If not, I set up a virtual machine and put Windows in there. (Make a backup image of the VM in case it falls to crap).

In terms of security, there’s a number of things you can do in Windows to better your odds, but when it comes down to it, I don’t really trust Microsoft from a security perspective.

While I notice they’re starting to improve their policies, it feels like there are still some fundamental issues they refuse to address or fix. So they end up slapping on security bandages and market them aggressively as new features. (Stuff like UAC in Vista). I rather rely on a third-party solution to help with security.

On Linux, everything you need to secure your systems is there or freely available on the web. (including docs, books, etc). Its doesn’t cost you money, but time to understand and master.

I prefer the Linux way. As like life, it is harder to get into but once you get over that initial learning curve, its highly beneficial in the long run. (Its like learning anything else in life, be patient and persistant).

One thing I notice, is that Linux forces good behaviour upon the user. Where as, in Windows, you pick up a disgusting habit of clicking on anything. (Explains why there is a high profit market in the security industry on the Windows desktop side).

The biggest advantage to the opensource approach is reporting bugs. You contact the developer directly. No red tape, no BS, no NDAs, no “keep this quiet because we don’t want our public image to be tarnished” behaviour. Straight forward, open, and trustworthy…Just like a good relationship with someone!