Some time ago all the tech “news” headlines where “Linux is less secure than Windows, look at all the CVEs open !”, well yes Linux has tones more CVE reported because anyone can audit the code, bugs are discovered and reported, people are informed and can put mitigations in place, unlike with Windows…
Also, statistically, a lot of Linux users are more technically minded and capable of identifying and reporting issues. This will naturally lead to higher reporting numbers, skewing stats.
Of course they do, but their are not big in number and market share. Maybe « Almost all world wide deployed critical infrastructures runs on Linux » is a better statement.
Some time ago all the tech “news” headlines where “Linux is less secure than Windows, look at all the CVEs open !”, well yes Linux has tones more CVE reported because anyone can audit the code, bugs are discovered and reported, people are informed and can put mitigations in place, unlike with Windows…
Also, statistically, a lot of Linux users are more technically minded and capable of identifying and reporting issues. This will naturally lead to higher reporting numbers, skewing stats.
The other thing is companies care about CVEs as they use Linux to run their critical infrastructures.
I am sure companies care about CVEs in Windows and other proprietary SW as well. They can only wish they get found, disclosed and fixed.
Of course they do, but their are not big in number and market share. Maybe « Almost all world wide deployed critical infrastructures runs on Linux » is a better statement.