With the recent breaches at Kernel.org and the Linux Foundation several people have started asking is Linux really more secure? Our assesment of the sitution is that any OS is only as secure as the users and Admin's make it. A weak user password or failing to keep up with system patches both can end with the same result as the Kernel.org breach showed. Others like Leo Leporte's Twit Network website were caused by missed updates. So whether it's Windows, Linux or the Mac poor choices will always lead to insecurity. Protect your data and that of your fellow users and use long, safe and secure pass phrases. if your a system admin or Developer push hard to maintain your systems to a reasonable patch level for your company.
According to several reports both kernel.org and linux.org were hacked over the last few weeks. Showing that both linux isn't perfect and that users are the weakest link in any operating systems armour. In both cases nothing super secert from the users was stolen. The kernel.org attack is not an issue, as no one can update the kernel code or other software hosted at the site without a large nuber of contributors being told about the update. So with everything safe and the users passsword changed we can all breath a sigh of relief and walk away remembering that even simple things like password policies are important.
Bill Keys on LInuxSecurity.com does a really good job of both explaining what they are and some tips on how to avoid, remove, and detect them. It is a nice easy read that will help you get a good understanding of the topic. Check it out.