Full Report
Royal pingdom did a quick check on what was running at some of the more popular sites on the Internet and end up with the following table: Its intersting for a whole bunch of reasons that im currently too sleep y to write about.. (sleepy??? must be old age?)(or the flu pills im taking) The first thing that was interesting to me was the suprising lack of BSD ? i like linux and have used it as a desktop machine forever (before becoming a macfanboy) but have always defaulted to FreeBSD for servers.. im not sure what this means and ill do a little netcraft digging tomorrow to see if its a general trend..
Analysis Summary
# Industry News: Server OS Preferences in Popular Websites (2007 Snapshot)
## Summary
This piece analyzes a snapshot survey conducted by Royal Pingdom regarding the underlying operating systems powering popular internet websites, highlighting the surprisingly low presence of BSD variants and prompting a discussion about the perceived security narratives around Microsoft's IIS versus open-source alternatives like Apache/Linux.
## Key Details
- Date: 01 October 2007
- Companies Involved: Royal Pingdom, SensePost (Authoring)
- Category: Market Analysis (Infrastructure Technology)
## The Story
The author, referencing a quick check by Royal Pingdom on the server operating systems of popular websites, expresses surprise over the scarcity of BSD (specifically FreeBSD, which the author favored for servers). The piece notes the common industry practice of arguing that Windows desktops attract more security attention due to market share, yet suggests this argument is often sidestepped in the web server space where IIS competes with Apache/Linux. The author questions whether the historical security lag attributed to Microsoft technologies is still relevant today, given perceived improvements in IIS security alongside established open-source offerings.
## Business Impact
### For the Companies Involved
- **Royal Pingdom:** Gained visibility and engagement by publishing interesting, if preliminary, infrastructure findings.
- **SensePost/Author:** Used the data as a prompt for industry commentary and analysis regarding prevailing technology choices and security narratives.
### For Competitors
- **Linux/Apache Vendors:** The strong implied presence of Linux suggests continued dominance in the high-traffic server space, validating incumbent strategies.
- **Microsoft (IIS):** The commentary implicitly challenges the market perception regarding IIS security parity with open-source solutions, suggesting that widespread adoption may require overcoming legacy security narratives.
### For Customers
- Customers relying on these popular sites benefit from the underlying stability and security chosen by those entities, though the specific OS choice (Linux vs. Windows) implies differing support models and ecosystem dependencies.
### For the Market
- The data confirms the trend of mainstream acceptance of specific server stacks (likely Linux-centric, given the inverse mention of BSDs and the commentary on Microsoft), framing the market segmentation based on OS choice for critical functions.
## Technical Implications
The analysis pivots on the technological choice between *nix variants (Linux, BSD) and Windows Server (IIS). The low BSD count suggests either a rapid consolidation toward Linux or a specific preference shift among leading sites. The security discussion revolves around the maturity of OS/Web server implementations (IIS vs. Apache).
## Strategic Analysis
- Market Positioning: The established dominance implied by the data reinforces the difficult market position for alternative server operating systems (like BSDs) in the high-visibility server segment, despite technical merits.
- Competitive Advantage: Vendors promoting Linux/Apache likely possess the cost and flexibility advantage required by large-scale deployments. For Microsoft, overcoming the historical perception gap regarding server security remains a key strategic hurdle.
- Challenges: The primary challenge highlighted is overcoming established market narratives and perceptions regarding platform security maturity, irrespective of current technical realities.
## Industry Reactions
- **Analyst Opinions:** The author, acting as a self-analyst, questions prevailing assumptions about server deployment patterns and the application of market-share arguments across desktop versus server environments.
- **Expert Commentary:** The commentary highlights what SensePost perceives as a double standard in how market share impacts security analysis between desktop platforms and web server platforms.
## Future Outlook
- **Predictions and Expectations:** The author promises "Netcraft digging" to verify if the low BSD count is a general trend, suggesting that confirmation could lead to a broader industry discussion about server ecosystem health and diversity.
- **What to watch for:** Future surveys tracking the prevalence of BSD vs. Linux vs. Windows in high-traffic web environments will be key indicators of infrastructure evolution.
## For Security Professionals
Security professionals must understand the dominant platforms underpinning major web services. The discussion serves as a reminder that perceived platform insecurity (even if outdated) can influence enterprise risk modeling and vendor evaluation—the "security narrative" is as relevant as the actual security performance. Understanding the ecosystem surrounding the dominant server OS (e.g., patching cadence, common exploitations for Linux/Apache) remains paramount.