Does market share really matter in security?

I've been too busy doing other things the last few months to post much. I haven't seen this issue really addressed anywhere but it's mentioned from time to time. It's kind of a quick rationalization and it definitely has some appeal to some form of logic.

At a glance, it makes logical sense. The difference between the best engineers and the worst isn't that great (in the grand scheme of things) and the top products are usually built by good ones that all tend to kind of converge to the same quality level. So if the engineers are about the same quality then the output should have roughly the same number of defects provided that they are using similar technologies and tools. Further, the more popular product will have more eyes looking at it and so more problems will be found.

The popular context for this would be Windows vs. OS X. Is OS X any more secure than Windows? Or is it just attacked less often? Well what about OpenBSD, if it was as popular as Linux would it have the same number of security problems? I tend not to think so.

Posted by Ian S. Nelson 01/03/2007 at 08h41

Read full article no comments