Independent security analysis of operating systems/applications

[Doug Poland]

Hello,

Recently some friends of mine have started to cite "studies" that
assert Unix/Linux operating systems are now the most frequently
attacked platforms.  My friends are not without bias, they work for a
training firm that almost exclusively sells training for
Microsoft-based platforms/applications.

Now my friends cannot cite the actual studies, and I am highly
skeptical of their claims.  After about an hour of goggling, I could
find nothing on the web to support such claims.  However, my friends
are not liars, and I believe they have information from "somewhere".
Is anyone aware of the existence of studies of this nature?  I would
like to examine these data in an attempt to uncover bias or other
obfuscation that may be present.  Conversely, if someone has pointers
to independent security analysis of Operating Systems/Applications
that does not clearly advocate one platform over the other, I'd like
to know about that as well.


-- 
Regards,
Doug