According to Wayne Billing:

..from Tony Wong in Architecture: A year or so ago a study showed that Windows was the most hacked OS with Linux a close 2nd and Netware/Mac way at the bottom. Here's a recent study that has some rather suprising, but expected results.

It just goes to show how security is only as strong as the weakest link.

http://maccentral.macworld.com/news/2004/02/20/osxserver/index.php?redirect=...

In this case, judging from what I've read, the weakest link would seem to be the quality mi2g's research. They don't seem to give the number of successful attacks as a percentage of installed systems, so it's pretty hard to draw any real conclusions about why the Linux numbers are now higher than for Windows. It simply may be that it's because there are now much more Linux servers deployed, not because a greater percentage of deployed systems are getting hacked. Their study also omitted all hacks involving viruses, worms and trojan horses - a pretty dubious omission, and one which obviously favours Windows systems, as this is arguably the most common attack vector for Windows.

If there is indeed any truth to the suggestion in their report that Linux systems are now being successfully attacked more than Windows, the most likely reason is probably that their adminstrators are lax about keeping them updated with recent patches. This is an area where Linux is now a tad weaker. Despite the flaws/bugs in Windows Update, it does a pretty good job in most cases of keeping a system up to date, and it makes it easy for the user/admin to do so. That and all the press in the past year about security bugs in Windows has probably prompted Windows users to do a half-decent job of keeping their systems up to date.

Linux, on the other hand, doesn't make it quite as easy. Most Linux distributions install a secure configuration right out of the box, and provide updates on a very timely basis (usually much quicker than MS or Apple), but don't usually make it as easy as Windows Update or Mac OS X Software Update to install these. Red Hat has their up2date utility, but you have to (or had to, before Fedora) subscribe to an update service which cost money after a trial period - something which I suspect a lot of Linux users didn't want to do. The alternative was to find other means of automating the process, which can be done easily and cheaply enough, but how many "casual" Linux users would bother? The problem here is probably that people don't realise the danger in taking a casual approach to installing and maintaining a server system, and don't put the effort into learning how to do this properly.

To Apple's credit, they probably find the best balance in making their OS secure out of the box, making timely updates available, and making it dead easy to install these updates. But from reading the article above, it's not at all clear whether this is the reason for the low number of attacks, or just because there were very few Mac OS X systems deployed as servers in the sectors they surveyed.