Why the media loves to exaggerate Linux security problems