I'm training for Cyber Security and we had a live class yesterday. The instructor asks us, "What's the most vulnerable OS in the world?"
Most people say Windows (predictably), I wanted to say "Any OS which hasn't been hardened & left at default config" but I didn't wanna be a smart ass – no one likes a smart ass. That's probably what the instructor is going for anyways. Trick question and whatnot.
Nope. The man claims it "Linux" which is the most vulnerable OS in the world.
Shares this article (screenshots).
I skim through the thing – we're live, don't have much time. I raised three concerns with the "analysis".
- Debian is treated as one single OS, disregarding versions. Windows versions are treated separately.
- Desktop Windows is represented by 7 & 10, which came out in 2008 & 2015 respectively. Windows XP, Vista, 8 & 8.1 are not even mentioned. This is for the period 1999-2019.
- The analysis only considers raw No. of reported Vulns. without regard to severity.
The instructor does apologise… for offending me! Are my concerns valid? Are my objections justified? Am I thinking in the right way for a career in Cyber Security? No, it's whether or not I'm "offended" that's of top concern!
I'm a bit pissed and wanted to rant.