A storm of controversy has been whipped up in the Linux camp, following vnunet.com's article on the higher number of vulnerabilities found in Linux last year as opposed to Windows.

A number of readers wrote in to say that because the overall bugs in Linux are counted on aggregate, and all Linux distributions essentially use the same kernel, certain bugs are being counted more than once.

Which quite possibly brings the number of unique bugs in the open source OS down to below those of Windows.

"This article only proves once more that these people at SecurityFocus don't understand a thing about Linux. They count lots of errors more than once. If there's a security risk in a certain piece of software that is packaged with all major Linux distributions, you'll probably see a different vulnerability report for each distribution," said one reader, Steven Bosscher.

"He [the article] compares the aggregated number of security bugs of the major Linux distributions and the Windows ones. This is insane, indeed the major vendors ship almost the same software. Therefore if some software like a web browser has a vulnerability, it will be counted 4 times," said another reader, Guillaume Morin.

But according to SecurityFocus's breakdown of glitches by distribution, the Mandrake 7.2 distro had 33 glitches. And while there may be overlaps, Red Hat 7.0 and Debian 2.2 also had 28 and 26 vulnerabilities respectively.

According to figures released by the Linux Counter in November, Red Hat is the most popular Linux distribution, hogging a sizeable 29 per cent of the user base, followed closely by Debian with 19 per cent. Although using the same kernel, it seems that the most common installations of Linux still suffered more vulnerabilities than Windows.

Windows 2000 came in level with Solaris, which suffered 24 vulnerabilities throughout 2001. But there is some argument to suggest that more bugs are discovered in Linux because of its open source nature.

As reader Simon Gornall points out: "In the Microsoft camp, the errors we have seen are only those we know about. It would be a brave pundit to claim that those were all the issues Microsoft itself knows about," he said.

Let us know what you think. Email feedback@vnunet.com.