logoalt Hacker News

wartijn_yesterday at 6:02 PM1 replyview on HN

> This isn't anecdotal or “vague opinion” CVEs are facts

No they aren't, they're data. Your source shows the amount of Linux CVEs in 2024 are an order of magnitude higher than the amount of Linux CVEs in 2023. Does that mean Linux became way more insecure in 2024? You imply it does, but that's obviously not true. What happened is that Linux changed how they report CVEs [0].

Just like your source doesn't say anything useful about the difference in CVEs in Linux, it doesn't say anything about the difference in CVEs between Linux and OpenBSD.

Lies, damn lies and statistics.

[0] https://www.suse.com/c/linux-kernel-cve-increase-suse-explai...

Replies

nelsonicyesterday at 8:02 PM

This announcement thread really isn’t the place to discuss or debate the data.

The OP stated they couldn’t find any data to compare the relative security of Linux vs. OpenBSD.

CVEs are independently, objectively verifiable and provable data. This is the dictionary definition of a verified “fact”. It’s not anyone’s opinion. You don’t have to like it or me.

Love you all.