http://www.osnews.com/story/17292/Linux_vs_Vista_How_Does_Security_Stack_Up_ Exploring the Future of Computing en-us Copyright 2001-2009, David Adams adam+nospam@osnews.com Mon, 06 Jul 2009 22:12:35 GMT http://www.osnews.com/images/osnews.gif http://www.osnews.com http://osnews.com/thread?213522 http://osnews.com/thread?213522 It's the natural order of things. :-)

The sky is blue, linux is more secure. These are the rules of life.Edited 2007-02-16 22:08 Fri, 16 Feb 2007 22:07:00 GMT donotreply@osnews.com (halfmanhalfamazing) Comments http://osnews.com/thread?213535 http://osnews.com/thread?213535 Let me make some popcorn while we wait for the Windows Defense Brigade to show up...

Joking aside, both OSes can be hacked, and both OSes can be secured. However, in a real-world scenario, you're generally less at risk when running Linux. This is due in part to some question design decisions by MS (such as the fact that you can make a file executable in Windows simply by giving it the right extension, or integrating apps such as IE or OE right into the OS), and in part because Windows is a more tempting target.

Edit: hmm...of course I meant "flamewar", not "flameware", but there's no way to edit the title. Then again, maybe "flameware" could become a new type of software... ;-)Edited 2007-02-16 22:23 Fri, 16 Feb 2007 22:22:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213545 http://osnews.com/thread?213545 Better doesn't necessarily mean good. Fri, 16 Feb 2007 22:29:00 GMT donotreply@osnews.com (JohnX) Comments http://osnews.com/thread?213548 http://osnews.com/thread?213548 This article is useless. All it offers are very small differing points of view, one of which seems logical and with at least a degree of being impartial, the other from someone who clearly has an agenda by his association with the OSDL Desktop Linux Working Group.

There was no conclusion, evidence or backing up of either case. It did however throw in a small side nugget about virtualisation which really didn't address the point of the article but did a good job at advertising a product.

To me this article authored, again by someone with an agenda, from Linux Insider it seems, was a mere grab for coverage on news sites with it's blanket statement on pro-Linux security. It's the sort of comment I'd expect from a University or College freshman.

It did nothing to address any of the other aspects of infrastructure security which are vital to security of an organisations IT assets (including information).

The very notion that this Cherry gentleman just assumes Linux is better without any analysis, surveying or studies demonstrates that his opinion is severly biased and must be called into question.

Don't waste your time on this article.. you'll get nothing out of it if you're serious about the security of your IT infrastructure and assets. Fri, 16 Feb 2007 22:32:00 GMT donotreply@osnews.com (flanque) Comments http://osnews.com/thread?213549 http://osnews.com/thread?213549 When comparing security for systems like this, people tend to leave out the human factor.

Lets's face it, the nincompoop to hacker ratio is much higher for windows users. Having people who understand and are aware of security is 95% of what makes a system secure or not. You just can't fix stupid, no matter how big of a budget you have for your OS. Fri, 16 Feb 2007 22:32:00 GMT donotreply@osnews.com (FishB8) Comments http://osnews.com/thread?213550 http://osnews.com/thread?213550 "and in part because Windows is a more tempting target"
that is the #1 reason windows gets attacked more than linux, why spend time creating a hack to hit 3% of the desktops out there when you can hit the majority by going after windows. Fri, 16 Feb 2007 22:32:00 GMT donotreply@osnews.com (Wireless) Comments http://osnews.com/thread?213551 http://osnews.com/thread?213551 Linux is going to be a big part of the computer world. I myself don't understand why this upsets the Windows people of the world. If I was a Windows users I would want a few more big targets out there to take the heat of me. Fri, 16 Feb 2007 22:33:00 GMT donotreply@osnews.com (tweakedenigma) Comments http://osnews.com/thread?213554 http://osnews.com/thread?213554 HAHA! And what would flameware be?
A software program that disagrees with you for no reason and insults you(and your mother) by calling you names? Oh man made my day seeing that. Fri, 16 Feb 2007 22:34:00 GMT donotreply@osnews.com (miserj) Comments http://osnews.com/thread?213559 http://osnews.com/thread?213559 so there should be a number of server exploits given Linux's large market share on the server correct? Fri, 16 Feb 2007 22:37:00 GMT donotreply@osnews.com (tweakedenigma) Comments http://osnews.com/thread?213560 http://osnews.com/thread?213560 Yeah, i can see it already:

"Are you sure you want to quit, you commie-loving GPL zealot?"

Mmm...I guess Firewalls could be considered flameware...
/rimshot Fri, 16 Feb 2007 22:38:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213561 http://osnews.com/thread?213561 Well said. The "popularity" argument is but one reason why Windows is more targeted.

In any case, the fact that it is used by pro-Windows advocates is puzzlingly self-defeating, as saying this is basically an admission that, as long as Windows will have a bigger market share, it will be less secure than Linux. In other words, one way to improve Windows security is to increase Linux's market share... Fri, 16 Feb 2007 22:41:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213568 http://osnews.com/thread?213568 Much of the Vista code base has been rewritten so it's not been tested, hardened, or proven. Linux has not gone through a drastic rewrite such as Vista. It's not that I like Linux and hate Vista, I don't, but that single argument means until enough time has passed for Vista to prove itself one way or another, Linux or even XP is more secure than Vista. Fri, 16 Feb 2007 22:46:00 GMT donotreply@osnews.com (2fargone) Comments http://osnews.com/thread?213570 http://osnews.com/thread?213570 Damn Windows Defense Brigade is SLOW. Always the last to the party.

The Linux Defense Brigage is ninja-quick though.

Must be because they don't have jobs, right?

;) Fri, 16 Feb 2007 22:49:00 GMT donotreply@osnews.com (sappyvcv) Comments http://osnews.com/thread?213572 http://osnews.com/thread?213572 """Let me make some popcorn while we wait for the Windows Defense Brigade to show up..."""

Funny thing. I just put some popcorn in the microwave. (It's still popping.) I brought up OSNews. And yours was the second post I read. :-)

For reference, microwave popcorn takes about 2-1/2 minutes.

-Steve Fri, 16 Feb 2007 22:50:00 GMT donotreply@osnews.com (sbergman27) Comments http://osnews.com/thread?213574 http://osnews.com/thread?213574 There used to be. There still is to some extent. Fri, 16 Feb 2007 22:52:00 GMT donotreply@osnews.com (sappyvcv) Comments http://osnews.com/thread?213578 http://osnews.com/thread?213578 probably because the Linux Defense Brigade is so quick at there jobs that they have enough time to hang out and fight the good fight when the windows users are doing Virus and Spyware scans Fri, 16 Feb 2007 22:56:00 GMT donotreply@osnews.com (tweakedenigma) Comments http://osnews.com/thread?213579 http://osnews.com/thread?213579 the key of linux security is scrutinity and reduction of surface of attack. It take a lot of effort to achieve a good level of security in linux and windows.But Linux is simply going far away as you can remove all un-needed libraries...

Linux will always win as you can recompile and remove a looooot of stuff (if You have the knowledge) Fri, 16 Feb 2007 23:01:00 GMT donotreply@osnews.com (cedric.walter) Comments http://osnews.com/thread?213580 http://osnews.com/thread?213580 The Linux Defense Brigage is ninja-quick though.

Actually it is called "The Linux Attack Brigade", since defense is already handled by the operating system Fri, 16 Feb 2007 23:06:00 GMT donotreply@osnews.com (anda_skoa) Comments http://osnews.com/thread?213592 http://osnews.com/thread?213592 Many IT managers are incorporating plans to move their niche applications to Linux, he disclosed.

I've read about this one for so long, I laugh each time I read it on the web.

It reminds me about how people plan to lose weight in the near future. Fri, 16 Feb 2007 23:30:00 GMT donotreply@osnews.com (ronaldst) Comments http://osnews.com/thread?213593 http://osnews.com/thread?213593 "The sky is blue"

Actually, it isn't. Fri, 16 Feb 2007 23:31:00 GMT donotreply@osnews.com (sbenitezb) Comments http://osnews.com/thread?213606 http://osnews.com/thread?213606 "probably because the Linux Defense Brigade is so quick at there jobs that they have enough time to hang out and fight the good fight when the windows users are doing Virus and Spyware scans"

** ENTERING SILLY MODE **

Ah... no. The Linux Defense Brigade was able to automate all their actions so no manpower is needed, because there are scripts that handle all possibilities. The "Windows" Defense Brigade actually is not able to, because someone plugged out the mouse and the Brigade cannot be restartet properly. :-)

But maybe flameware is something like this?

% make search name="flame" | grep "[PI][on]"
Port: flamerobin-0.7.2_1
Info: The GUI administration tool for firebird database
Port: xflame-1.1.1
Info: A cool animated flame
Port: wmflame-0.60_1
Info: A dockapp that shows the load average as a flame
Port: e17-module-flame-20060707_1
Info: An e17 module which draws flames on your desktop

Or it is the kind of software that makes flames coming out of the power supply. :-)

** LEAVING SILLY MODE ** Fri, 16 Feb 2007 23:49:00 GMT donotreply@osnews.com (Doc Pain) Comments http://osnews.com/thread?213607 http://osnews.com/thread?213607 I've read about this one for so long, I laugh each time I read it on the web.

It reminds me about how people plan to lose weight in the near future.

Of course; its a sad attempt to hopefully use Linux as a negotiation tool to lower prices; Microsoft isn't dumb and can see right through it.

Companies can't move until the applications they require are made available for Linux - all the tree hugging in the world won't change the fact that companies run on applications, not operating systems.

Until there is an Microsoft Office equal with all the enterprise features which businesses need, and the third party application vendors jump onboard and start producing native applications for Linux, it'll remain in that cute little niche and exploited in a pathetic attempt to get leverage with Microsoft.

The fact that neither Novell, Red Hat or Sun can be bothered creating a Microsoft alternative ecosystem with third party vendors and hardware support speaks volumes to their real drive - it has nothing to do with providing customers with choice. Fri, 16 Feb 2007 23:50:00 GMT donotreply@osnews.com (kaiwai) Comments http://osnews.com/thread?213610 http://osnews.com/thread?213610 It's the natural order of things. :-)

The sky is blue, linux is more secure. These are the rules of life.


Get it right....

It's the natural order of things. :-)

The sky is BLACK, linux is more secure. These are the rules of life. Fri, 16 Feb 2007 23:57:00 GMT donotreply@osnews.com (raver31) Comments http://osnews.com/thread?213616 http://osnews.com/thread?213616 Yawn......

same old story kaiwai, change the tune once in a while. Sat, 17 Feb 2007 00:04:00 GMT donotreply@osnews.com (raver31) Comments http://osnews.com/thread?213620 http://osnews.com/thread?213620 Everyone OS is secure in the right hands, some just need a little more tweaking than others.

Microsoft on one hand, have tried to make things as easy as possible, which means having more things running by default.

Linux on the other hand, and say OpenBSD have less things enabled by default to make it more secure, but need to be tweaked a little bit to what you want.
(Which I believe is better than the first)

That's not to say Linux Wins, or Windows Wins, because anyone with enough knowledge and common sense can run a secure OS.

If we are looking at defaults though out of the box, I'd have to say Linux/BSD/OS X win on that front. Sat, 17 Feb 2007 00:12:00 GMT donotreply@osnews.com (Finchwizard) Comments http://osnews.com/thread?213621 http://osnews.com/thread?213621 There is a solution. Make your OS too hard for stupid people to use. Sat, 17 Feb 2007 00:12:00 GMT donotreply@osnews.com (codehead78) Comments http://osnews.com/thread?213622 http://osnews.com/thread?213622 the third party application vendors jump onboard and start producing native applications for Linux

That's what John Cherry said and what the posting you replied to was quoting.

OSDL has many contacts into the software industry, especially through its members, e.g. IBM.

I find it quite likely that they have received information about vendors of niche applications who plan to or are working on Linux support.

Vendors of specialized products often have a bigger interest in customers on alternative platforms, since their markets are not as big as those of mass market application vendors.

Even just a handfull of customers can be a significant part of their customer base Sat, 17 Feb 2007 00:12:00 GMT donotreply@osnews.com (anda_skoa) Comments http://osnews.com/thread?213623 http://osnews.com/thread?213623 The security person in question, in that referring article isn't much of a security person.

I would like to see him hack my Thin client desktops of specially modified Puppy Linux I built here at work with Compact Flash/Read only file systems.

If he can hack the BIOS, he has got it made.

Good luck with the hunt for that BIOS Password too....

He is way off the Mark, citing the fact Linux needs to have its scripting Checked.

You don't start at the file level to secure workstations, you start at the lowest possible level which is the hardware itself.

I won't go into the fact that OSE principles allow the administrator enough choices, choices the designers of Windows can't even begin to concieve of with Windows.

One of which, is using the source code.

The guy doesn't know Jack.

I know Jack, and he uses open source.

Jill uses Windows.

-Hack Sat, 17 Feb 2007 00:23:00 GMT donotreply@osnews.com (hackus) Comments http://osnews.com/thread?213625 http://osnews.com/thread?213625 Not to disagree with you but it's not that hard to make a file executable in Linux either (eg. chmod +x). Other than that I whole heartedly agree with you.

BTW, I guess you could call Windows Flameware. After all it is constantly questioning you, fighting you, and bringing you to the brink of an aneurysm whenever you have to interact with it. Sat, 17 Feb 2007 00:24:00 GMT donotreply@osnews.com (brewmastre) Comments http://osnews.com/thread?213626 http://osnews.com/thread?213626 Not that I'm supporting Vista in any way, but:

It's easier to write new code with security in mind, than it is to fix old insecure code. So rewriting everything from scratch might not be a bad idea. Sat, 17 Feb 2007 00:26:00 GMT donotreply@osnews.com (Dima) Comments http://osnews.com/thread?213632 http://osnews.com/thread?213632 """It's easier to write new code with security in mind, than it is to fix old insecure code. So rewriting everything from scratch might not be a bad idea."""

Maybe. And then again... read this and consider the security implications:

http://www.joelonsoftware.com/articles/fog0000000069.html Sat, 17 Feb 2007 01:02:00 GMT donotreply@osnews.com (sbergman27) Comments http://osnews.com/thread?213664 http://osnews.com/thread?213664 I run two networks.. a windows network with security applied (active directory, group policy, etc) and a thin client Linux environment with LDAP/underprileged users/etc..

As security updates come out, I keep both networks up-to-date via central distribution of updates.

Both networks have not caused an issue. I do find I am more concerned about the Windows network and tend to have to do significant more administrative work to maintain updates and write scripts to impliment "workarounds" when a patch is unavailable.

Generally I find Linux/*nix to be more "network/multiuser friendly" in that users can install apps to their home folder (portable), applications expect non-admin level rights so use of low level tools to "fix" apps is non-existant (filemon and regmon on Windows is almost essential in this environment). Vista with the UAC seems far more intrusive than sudo/su/admin prompts on *nix or Mac OS X and "detailed" info on *why* it needs escalated privleges seems lacking.

So while I think in *theory* both can be locked down adequately with existing tools to allow for a relatively safe computing environment, the amount of work to get to that point on Windows far exceeds what is required on Linux (basically installing the system and running with it). I'm slightly interested in trying Vista in a domain to see how many Vista related tools do not operate as expected (there are quite a few "gotchas" in XP where you go in to update something as admin and regular users get prompted after-wards with no ability to turn off the messages (ie msconfig changes for one..)). Sat, 17 Feb 2007 03:40:00 GMT donotreply@osnews.com (naelurec) Comments http://osnews.com/thread?213667 http://osnews.com/thread?213667 Proactive security is the main reason Linux is more secure.

- Mandatory Access Control: The US Department of Defense is evaluating Linux for EAL 4+ LSPP. Windows has nothing remotely close.
- Hardened compiler toolchain. Things like canary based stack protection in glibc, compiling with gcc extensions like FORTIFY_SOURCE
- Kernel modules like Exec-shield to prevent buffer overflows and utilize features of modern processors such as the NX bit.
- Department of Defense funding to keep it more secure. Take a look at http://scan.coverity.com and note that the US government funds this.
- The code is open source. More people are able to easily find bugs in the code and fix it themselves.

Note that Windows has had NX support since XP Service Pack 2 and Vista has ASLR. Linux only hs ASLR with the grsecurity kernel patches. Sat, 17 Feb 2007 03:54:00 GMT donotreply@osnews.com (SEJeff) Comments http://osnews.com/thread?213671 http://osnews.com/thread?213671 They need to rename Windows Vista to 'Windows Vista ME EDITION' and it would be complete!

At least with Linux the security concept is actually thought out to where it makes sense. With Vista it is a prompt box to do anything - ANNOYING!!!

So far I have been using Linux since RedHat 6.0 and back then Linux had serious usability problems just getting it loaded was a chore. NOW Fedora Core 6 is a refined desktop OS in my opinion that actually WORKS and works perfect for me. My Mom is 64 years old and uses FC6 to, she don't know any difference from Windows and she has no problems. It runs 24/7 with no lockups or spyware/virus problems. It just works like a farm dog ready to go and get the work done on the farm.

The secret to permissions is to grant the LEAST possible access to the END USER to get the job done. You can always ADD but trying to take it away becomes a nightmare of disfunctional environment... Linux used a basic concept that works, Microsoft tried to go back and take away BIG mistake..... Sat, 17 Feb 2007 04:26:00 GMT donotreply@osnews.com (Southern.Pride) Comments http://osnews.com/thread?213684 http://osnews.com/thread?213684 The Linux Defense Brigage is ninja-quick though.

If you've seen the penguins in "Madagascar", then you you know how professional they are. :-) Sat, 17 Feb 2007 05:14:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213685 http://osnews.com/thread?213685 Not to disagree with you but it's not that hard to make a file executable in Linux either (eg. chmod +x).

Of course. You can do it from the GUI, too, by selecting the file's properties. However you do it, it still has to be done by the person who will receive/run the file, i.e. the potential victim of malware. With the file extension, that power resides in the person who creates or send the file, i.e. the propagator of malware.

BTW, I guess you could call Windows Flameware. After all it is constantly questioning you, fighting you, and bringing you to the brink of an aneurysm whenever you have to interact with it.

...or making you want to set your computer on fire. Sat, 17 Feb 2007 05:22:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213688 http://osnews.com/thread?213688 Hello, I am a Windows user and although I don't know much about computing I want to try Linux. Here are some questions to help smooth out the transition.

Does Linux allow me to run as Administrator as Windows does?

Do Linux programs require Administrative access to run like my Windows programs do?

Does Linux require Norton Systemworks to keep my OS safe?

Do I need to schedule weekly defrags on my hard disks in Linux?

Do I need to run malware cleaning utilities to keep nasty programs of Linux when I surf my fav Porn sites?

Any info to help me better understand Linux would be helpfull so I can safely try it and not worry about things like I did when I was learning Windows. Sat, 17 Feb 2007 05:26:00 GMT donotreply@osnews.com (blitze) Comments http://osnews.com/thread?213689 http://osnews.com/thread?213689 The Department of Defense does not certify operating systems, NIST, NIAP, DISA and the NSA create the standards (Protection Profiles, Security Targets (PP and ST respectively) and a vendor or interested group pays for the evaluation of software or hardware under Common Criteria by a third party laboratory. The company I work for performs Common Criteria evaluations.

For example, the certification report for RedHat Enterprise Linux 4 Update 2 was performed by the atsec Information Security Corporation and was sponsored by Hewlett Packard as listed in the Validation Report:

http://www.commoncriteriaportal.org/public/files/epfiles/ST_VID1013...

The Security Target for RedHat Enterprise Linux 4 Update 1 was sponsored by IBM:

http://www.commoncriteriaportal.org/public/files/epfiles/ST_VID1007...

The requirement for DoD approval (through NIAP and DISA) for an operating system to be used within DoD is that the OS be evaluated using approved (US) Protection Profiles, such as the Controlled Access Protection Profile (CAPP) created by the NSA:

http://www.commoncriteriaportal.org/public/files/ppfiles/capp.pdf Sat, 17 Feb 2007 05:33:00 GMT donotreply@osnews.com (Robert Escue) Comments http://osnews.com/thread?213701 http://osnews.com/thread?213701 Until there is an Microsoft Office equal with all the enterprise features which businesses need

Lotus Notes/Domino 8 will be out shortly. It runs on all three major platforms. It has all of the productivity apps that MS Office has, with ODF support. It has email, calendaring, and contact management that bests Outlook by a good margin. Plus, it has its own rich APIs for building custom collaboration applications. And the best part? The Notes UI doesn't suck anymore! It's actually really, really nice!

EDIT: It also has integrated messaging.Edited 2007-02-17 05:57 Sat, 17 Feb 2007 05:54:00 GMT donotreply@osnews.com (butters) Comments http://osnews.com/thread?213708 http://osnews.com/thread?213708 Does Linux allow me to run as Administrator as Windows does?

Yes. The administrator account is called 'root' and you can either log in as root or use the command 'su' to run just one command or program as the superuser.

Do Linux programs require Administrative access to run like my Windows programs do?

I always install my programs as administrator, but I believe you can install them only for your own account and it doesn't require administrator privileges. Basically, unlike Vista administrator privileges are only required when you're doing something that could actually mess up the system.

Does Linux require Norton Systemworks to keep my OS safe?

No.

Do I need to schedule weekly defrags on my hard disks in Linux?

No. Linux can use lots of different file system (not just FAT32 or NTFS like windows). ext3 is the most popular and I've never needed to degrag it.

Do I need to run malware cleaning utilities to keep nasty programs of Linux when I surf my fav Porn sites?

No, but you should be aware that getting .wmv files to play (windows media videos) can be a hassle. It's not impossible but it's never been easy for me. I've never had any problems with viruses or malware either. No matter what sites I visit.

Hope that helps you out. If you have any other questions, I've found irc to be really useful. Sat, 17 Feb 2007 06:33:00 GMT donotreply@osnews.com (reldruh) Comments http://osnews.com/thread?213709 http://osnews.com/thread?213709 Yes - "Your mother was a hamster and your father smelt of elderberries!" Sat, 17 Feb 2007 06:53:00 GMT donotreply@osnews.com (flywheel) Comments http://osnews.com/thread?213717 http://osnews.com/thread?213717 This is an outdated complaint. If you get a file from the Web or non-local source in SP2, it's marked with a tag (mark-of-the-web) and the loader warns you before executing it. It definitely works this way for Vista, but it was introduced in SP2. Sat, 17 Feb 2007 07:21:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213719 http://osnews.com/thread?213719 Linux + Apache was indeed a big target and did get hacked quite often.

But it's much harder to hack a server than to get a user to download and run trojan-XXX.exe.

Windows has had security problems in the past, but we're really hitting trojan-only territory right now. You've gotta actively run a file to get exploited, and in this environment OSes usually do not win. Doesn't mean one should stop trying to reduce local privilege escalation vulns. Sat, 17 Feb 2007 07:25:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213720 http://osnews.com/thread?213720 Most pro-microsoft posters on this forum (not all) don't appear to have a problem with linux being successful on its merits. And it has lots of merits.

What I have a problem with is the level of hypocrisy and lack of understanding among some of the most vocal linux supporters. And I'm not just talking about the rabid idiots, but also the more mainstream folks. Some words I see flung around this forum are simply not true, or unjust interpretations of the facts. Sat, 17 Feb 2007 07:31:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213721 http://osnews.com/thread?213721 Moot point. Linux is just a kernel. The NT kernel certainly wasn't rewritten for Vista. And most of the core OS components remain the same.

Gnome and KDE go through major changes every few years. Equivalently, Explorer and much of the graphics subsystem got ripped and replaced. There will be bugs. They will be fixed.

The thing that matters the most are security design flaws that are much harder to fix. These certainly are reduced by starting afresh on the design of some components. Sat, 17 Feb 2007 07:34:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213722 http://osnews.com/thread?213722 If you have half that knowledge, you can have a pretty secure Win2K3 server. You have to pay for it though, so it loses in a price/performance war. But if you were going to pay for an enterprise linux distro, then it might be more of a tossup. Sat, 17 Feb 2007 07:36:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213725 http://osnews.com/thread?213725 I assume you're referring to "Workplace".

I hope that the intigrated messaging includes support for AIM/MSN/Yahoo, or otherwise it would be kinda pointless and a waste of space.

Even with *that* the lack of a decent media player holds it back for starters; the inaccuracy of FreeDB brings tears to my eyes for example - the crahes of stupid things like non apha numeric characters questions where the programmers were when writing the application.

With that being said; people look at me and *assume* I hate Linux, I don't hate Linux, but in its current form, its not ready for me; but I'm sure in 2 years time, it will be.

Heck, I used it for several years (9 to be exact) before I moved to Windows XP/Vista, and have seen the big improvements made - I say 2-3 years because of this; worse case scenario Adobe sits back and plays nelly no mate, which means I'll be waiting for the opensource alternatives to catch up - for me, KOffice will be where I want it to be; Amarok will have moved and surpassed any Windows based media player, and Scribus plus Quanta+ would be at a level that can run Creative Suite into the ground.

Like I keep saying, its not if but when - it isn't ready now, but given how quickly things are advancing, and the deminishing returns as seen in software, its going to be very easy to catch up to commercial counter parts in a few years.Edited 2007-02-17 07:49 Sat, 17 Feb 2007 07:40:00 GMT donotreply@osnews.com (kaiwai) Comments http://osnews.com/thread?213727 http://osnews.com/thread?213727 That's great!

Is it going to also be sold on the consumer market, or corporate-only?

Also, is there any place to see screen-shots or direct information about the new Smartsuite components that are meant to compete with MSOffice? I couldn't find screen shots or concrete info on IBMS site. Sat, 17 Feb 2007 07:42:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?213739 http://osnews.com/thread?213739 I agree but in linux you can mount entire home partition with "noexec" option so chmod +x will not help you. But to be honest I have not seen distro which do this by default. Sat, 17 Feb 2007 08:58:00 GMT donotreply@osnews.com (minio) Comments http://osnews.com/thread?213740 http://osnews.com/thread?213740 Makes developing apps a pain in the ass. Sat, 17 Feb 2007 09:05:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?213742 http://osnews.com/thread?213742 And here we see the true meaning of flameware . Scripts to flame (Windows/Linux/OSX)-based threads in common forums.

Ah... no. The Linux Defense Brigade was able to automate all their actions so no manpower is needed, because there are scripts that handle all possibilities Sat, 17 Feb 2007 09:08:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?213744 http://osnews.com/thread?213744 Actually it is. Space may not be, but the sky is. Sat, 17 Feb 2007 09:11:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?213750 http://osnews.com/thread?213750 "Don't waste your time on this article.. you'll get nothing out of it if you're serious about the security of your IT infrastructure and assets."

Agreed, because if you are serious you're not running Windows in the first place so the point is moot. Sat, 17 Feb 2007 09:56:00 GMT donotreply@osnews.com (DevL) Comments http://osnews.com/thread?213751 http://osnews.com/thread?213751 All the warning's in Vista doen't make it more secure. Sat, 17 Feb 2007 09:56:00 GMT donotreply@osnews.com (whendrik) Comments http://osnews.com/thread?213760 http://osnews.com/thread?213760 When I said Linux I wasn't specifying the kernel. Few people today call the kernel 'Linux' and the distro stack 'GNU/Linux'. I try to use the common usage to avoid confusion but here it failed.

Now, it's to my understanding the NT kernel did have major rewrites to it, so much so they termed it NT6.0 instead of NT5.2. The way cpu's are handled, threading, processes, I/O, scheduling, memory management, security, file subsystems, task handling, etc. I mean, the list of changes is pretty significant to down right extensive. And the inclusion of DRM has added a new angle, not only in the kernel, but also in the video, audio, and networking stacks, which have had extensive changes as well.

You're right, KDE and Gnome have major changes every few years, but as it stands, they're pretty mature at the moment. Both haven't seen number releases for sometime now, just point releases. And what you said about Explorer just enforces what I was saying.

And for you last point, true enough. Starting afresh will mean they can code out some of their past mistakes, but it also means they could be coding in their future mistakes as well.

In the end, my point is the current crop of OS's are known, and Vista is unknown. So the only answer to the question is Linux and XP are definitely more secure than Vista. You can say Vista is more secure, but if you were an insurance company and there was a billion dollar policy riding on that certainty, which would you chose?Edited 2007-02-17 11:51 Sat, 17 Feb 2007 11:48:00 GMT donotreply@osnews.com (2fargone) Comments http://osnews.com/thread?213789 http://osnews.com/thread?213789 You can talk all you want about Windows being dominant and big target of hackers.

But the bottom line is that Windows, by it's design, makes it much easier to exploit (IE integration, GUI sharing the same memory space as the kernel, admin rights to regular users by default, files executable by default, the list goes on).

Sure, if Linux had a larger market share, it would get more malware. But the malware would be much less damaging, or significant, because it does not do the above things.

I've been using Linux heavily, on a daily basis, for 5 years. I've also used Windows heavily, on a daily basis (largely for the software company I work for), for 8 years, and as a regular user for 5 years prior to that.

Linux has never had a piece of malware, has never crashed. Whereas with Windows, malware, crashes, freeze-ups, etc, are almost a fact of life, unless you are very very very diligent. Sat, 17 Feb 2007 16:19:00 GMT donotreply@osnews.com (JeffS) Comments http://osnews.com/thread?213791 http://osnews.com/thread?213791 Do Linux programs require Administrative access to run like my Windows programs do?

I always install my programs as administrator, but I believe you can install them only for your own account and it doesn't require administrator privileges. Basically, unlike Vista administrator privileges are only required when you're doing something that could actually mess up the system.


Depends on the program.

- If the program is being installed in a system-wide setup for multiple users, then install the program as root (administrator) and install in the recommended system folders.

- If the program is for your personal use, then install is as you (not administrator) in your home directory.

- If the program is a system-administrator tool, then install it as root (administrator).

Typically, programs being installed via the package manager of your distribution require root (administrator) priviledge, but that's because the program/package is being installed in the system folder area so that all users have access to the program.

Again, if it's just a regular applications (like Firefox), it's only installed as root (administrator) because it needs to be installed in the system folder area to be accessible by all users who may log onto your system. It's executed (run) as the user who starts it - no root (administrator) privilege needed just to run. Sat, 17 Feb 2007 16:26:00 GMT donotreply@osnews.com (alisonken1) Comments http://osnews.com/thread?213806 http://osnews.com/thread?213806 90% percent of "niche" software is written in house. You would be surprised at the amount of software that could and is being ported.
You can still use MS office and have your actual application/data on a non-MS environment. So stop harping on Office. yeah its used a lot, but custom apps that require MS office are as few and far between as what you say with linux.
You will find that a lot of corporate america's applications run on both and are being setup for both, windows and linux and more and more OSX.
I find that more companies are making the backend *ix and the front end runs on anything. Sat, 17 Feb 2007 17:29:00 GMT donotreply@osnews.com (jakesdad) Comments http://osnews.com/thread?213807 http://osnews.com/thread?213807 "Does Linux allow me to run as Administrator as Windows does?"

- yes, as already said you can login as the administrator (root user), but this isn't recommended, or gain administrator permissions by typing 'su' from a command prompt. Most applications that need Root permissions give you a dialog box that asks for your root/administrator password. For example the program that allows you to install software.

"Do Linux programs require Administrative access to run like my Windows programs do?"
- No, but a program might ask for a password when you want to do things that can either possibly break stuff or be insecure.

"Does Linux require Norton Systemworks to keep my OS safe? "
- No

"Do I need to schedule weekly defrags on my hard disks in Linux? "

- No

"Do I need to run malware cleaning utilities to keep nasty programs of Linux when I surf my fav Porn sites?"

No. Best benefit of Linux

Seriously though, it should be safer for that purpose. And Mplayer with win32-codecs installed will play most WMV files just fine.

Good distributions to check out are Linux Mint, OpenSuSe 10.2 or PCLinuxOS. Sat, 17 Feb 2007 17:37:00 GMT donotreply@osnews.com (Darkelve) Comments http://osnews.com/thread?213813 http://osnews.com/thread?213813 In addition, Linux tends to be easy to replace. Copy /home, /etc., re-install, replace stuff, tweak a little...done. Figure a couple hours. So, even if malware got to the point of Windows where you're better off reformatting than fixing the current install, it will still be easier to manage. Windows is a couple hours with the base system and updates (and that's using Autopatcher, which speeds it up a bit). Sat, 17 Feb 2007 18:05:00 GMT donotreply@osnews.com (cerbie) Comments http://osnews.com/thread?213822 http://osnews.com/thread?213822 Neither Linux nor Windows have good security (at least not by default). Why? The main reason is that good security is a PITA to manage and use. Users don't want it. If the security actually was good, the first thing legitimate users would do would be to try to circumvent it. Managers don't want it as "PITA to use" to them translates into expensive. To the trade union it translates into invasion of privacy to their members, and so on...

What people do want, is security that is good enough, and what's good enough depends on what you have to protect.

Security is also not something that an OS have or have not. The OS may provide some technical gizmos that help you build secure systems, but that's all. Security is a process that involves everything from educating users, admins, setting up security and information policys for your organization and building loyalty among the employees to the organization.

All modern OSes have enough technical ways to create a secure system. The problem we have seen with windows over the years is very much a matter of education. To some extent this is Microsofts own fault. By having easy point and click admin interfaces, Microsoft make some people believe that everybody that can click a mouse makes a suitbable windows sysadmin which of course is very far from the truth. As Linux gets easier to admin I think Linux will see similar problems. Sat, 17 Feb 2007 18:31:00 GMT donotreply@osnews.com (unoengborg) Comments http://osnews.com/thread?213826 http://osnews.com/thread?213826 This is an outdated complaint. If you get a file from the Web or non-local source in SP2, it's marked with a tag (mark-of-the-web) and the loader warns you before executing it. It definitely works this way for Vista, but it was introduced in SP2.

The MOTW is an HTML comment that identifies a file as having been saved from the Web, yes, but it only applies to HTML files (and MHT archives) and the only program which understands it is Internet Explorer (supported from 5.x onwards).

All it does is say "I was saved from a web-site, don't view me in the Local Computer Zone [where content is ‘trusted'], treat me as though I'm in the Internet Zone". Quite why Internet Explorer lets content in the "Local Computer Zone" do things which by rights only the browser chrome should be able to do is beyond me, but it can.

If you download an executable file and save it to your desktop, nothing will stop you double-clicking and running it. On Vista, UAC will kick in if Windows (or the file's manifest) indicates that it requires administrative privileges, and if the file isn't signed the UAC message will say "An unknown program…", but if the program doesn't require administrative privileges, there's absolutely nothing stopping you double-clicking and executing a .exe file that you'd just saved from the web.

How much of a problem this actually is, I don't know. Sat, 17 Feb 2007 18:54:00 GMT donotreply@osnews.com (nevali) Comments http://osnews.com/thread?213829 http://osnews.com/thread?213829 On Windows, the problem isn't the operating system per se (a ‘limited user account' on Windows NT or 2000 is just as featureless as your average user account on a Linux machine).

The problem is that applications on Windows have been written without security in mind (because of its historical roots), and many applications simply won't work unless you're an administrative user.

Both can be secure in and of themselves, but Linux (and other Unix and Unix-like systems') applications have always had to deal with security; Windows applications haven't, and often blow a hole in any security policy you try to implement. Sat, 17 Feb 2007 18:58:00 GMT donotreply@osnews.com (nevali) Comments http://osnews.com/thread?213881 http://osnews.com/thread?213881 How much of a problem this actually is, I don't know.

Considering that this is how most Trojan Horses infect desktop PCs, I'd say the problem is quite serious. Of course, UAC will help, but the only solution is educating the user: do not execute binary files that you receive via e-mail! Sat, 17 Feb 2007 20:13:00 GMT donotreply@osnews.com (archiesteel) Comments http://osnews.com/thread?213937 http://osnews.com/thread?213937 Many claim that the popularity of windows on the desktop makes it a more attractive target for virus, malware and hacking attempts. However, I believe that this argument can only be valid for malware that seeks economical gain by stealing personal data or by promoting spam. There are plenty of exposed linux servers hosting web sites. Hacking such a server would not only give bragging rights but can also be used to send spam.

In a biological population the lack of genetic diversity (a small gene pool) can make the population susceptible to disease. This is a fundamental truth that applies to software as well. In the case with computers when most of the world is running exactly the same software on their desktop computers, they are at risk of being victims of an epidemic. As with the well tested human design (better tested than than any computer system), HIV exploits a hole in our defense causing an epidemic. I do not want Windows to die and everyone to run Linux. Neither do I want everyone to run Firefox. However, I am a proponent of software diversity.Edited 2007-02-17 22:17 Sat, 17 Feb 2007 22:14:00 GMT donotreply@osnews.com (TechniCookie) Comments http://osnews.com/thread?213959 http://osnews.com/thread?213959 Thankyou for the clarification, I bookmarked and modded up your comment. Sat, 17 Feb 2007 23:31:00 GMT donotreply@osnews.com (SEJeff) Comments http://osnews.com/thread?213971 http://osnews.com/thread?213971 IE integration

In Vista IE runs in low-rights protected mode (security sandbox).

GUI sharing the same memory space as the kernel.

That's irrelevant since there were no vulnerabilites found in win32.sys (only in csrss.exe, but that's user-mode process which can't access kernel space). In addition, Vista GUI layer is separated from kernel.

admin rights to regular users by default,

Not in case with Vista.

files executable by default

???

Whereas with Windows, malware, crashes, freeze-ups, etc, are almost a fact of life, unless you are very very very diligent.

If you experience crashes and freeze-ups that means something wrong with hardware or/and drivers. Malware? Do not use IE and do not run annakournikova.exe email attachments.

Sure, if Linux had a larger market share, it would get more malware. But the malware would be much less damaging, or significant, because it does not do the above things.

Wrong, there is already sophisticated and harmful Linux malware in form of rootkits. Sun, 18 Feb 2007 00:00:00 GMT donotreply@osnews.com (stare) Comments http://osnews.com/thread?213974 http://osnews.com/thread?213974 "Many claim that the popularity of windows on the desktop makes it a more attractive target for virus, malware and hacking attempts. However, I believe that this argument can only be valid for malware that seeks economical gain by stealing personal data or by promoting spam. There are plenty of exposed linux servers hosting web sites. Hacking such a server would not only give bragging rights but can also be used to send spam. "

Like the debian servers..? Bragging rights arent all that. It doesnt pay the food for those who makes a great deal of money from spam. Not to mention that bragging is what get people caught. And if you don't realise that your servers are sending out spam i'd say you should do something else. Oh and the claim about all spam comming from windows machines have yet to be proven. The only research on the matter i have seen prove otherswise actually...

"Even though we can not identify the operating system for 53% of the connections, Linux is being used for at least 43% of all spammy connections. Solaris, Windows and FreeBSD are used infrequently."

http://www.honeyd.org/spam.php


Not to mention that a server isnt the easiest place to get in nomather what OS is on it. Usually you don't have normal users with admin rights. Which i'm sure you agree with me on is the biggest problem on windows. Sun, 18 Feb 2007 00:05:00 GMT donotreply@osnews.com (hamster) Comments http://osnews.com/thread?214019 http://osnews.com/thread?214019 There's actually an additional mark applied to executable files in an alternate NTFS stream. I retract my comment that this applies in XP SP2, since I don't really recall the precise behavior there. In Vista, if you open a file from the internet it pulls up an authorization dialog. You have to go into the file's properties and unblock it to get rid of this dialog if you determine that the program is safe. Sun, 18 Feb 2007 02:58:00 GMT donotreply@osnews.com (PlatformAgnostic) Comments http://osnews.com/thread?214041 http://osnews.com/thread?214041 "Get it right....

It's the natural order of things. :-)

The sky is BLACK, linux is more secure. These are the rules of life."

Around here (Phoenix) the sky is a sort of yellow-brown these days. Sun, 18 Feb 2007 04:28:00 GMT donotreply@osnews.com (Tuishimi) Comments http://osnews.com/thread?214042 http://osnews.com/thread?214042 No problem, there is enough disinformation out there to confuse the best of us. Sun, 18 Feb 2007 04:32:00 GMT donotreply@osnews.com (Robert Escue) Comments http://osnews.com/thread?214048 http://osnews.com/thread?214048 unoengborg has it it right on the nail. This is basically just getting to be a pointless argument these days anyways. Security is hyped more my companies who have a financial stake in it, and Linux users who see it as their one claim to getting Linux into the mainstream.

But look at what happened to UAC in Vista. By final release Microsoft had to tweak it so you could turn it off completely as I understand. The reason was simple, people care more about usability than security.

And as for education? Nothing can be more important than any hardened OS than just pure and simple education. Think about the user that locks down their entire system, then goes and replies to e-mails telling them their bank account has been compromised and they need to re-enter their account info! Get the point. Problems these days have more to do with a users behavior than anything else. Sun, 18 Feb 2007 05:04:00 GMT donotreply@osnews.com (ssa2204) Comments http://osnews.com/thread?214053 http://osnews.com/thread?214053 Does Linux allow me to run as Administrator as Windows does?

Some of your other 84 messages posted here on OSNews reveal you have a little more knowledge of GNU/Linux than you pretend. Sun, 18 Feb 2007 05:47:00 GMT donotreply@osnews.com (KenJackson) Comments http://osnews.com/thread?214055 http://osnews.com/thread?214055 "...It is only a matter of time before Linux attacks become more prevalent and publicized," he warned.

I have been reading statements like this for years. Sun, 18 Feb 2007 05:56:00 GMT donotreply@osnews.com (KenJackson) Comments http://osnews.com/thread?214064 http://osnews.com/thread?214064 Yeah, but if your serious about security your not running any form of unix either.

stupid fingersEdited 2007-02-18 07:50 Sun, 18 Feb 2007 07:49:00 GMT donotreply@osnews.com (Jojotdfb) Comments http://osnews.com/thread?214065 http://osnews.com/thread?214065 Well, till someone cuts the code to change it, we're stuck with the same old songs. I like my Windows box, but I wouldn't mind if I could realistically switch to something else. Or at least know that something else out there could do the same thing. The closest os I see doing that is OSX. Makes me sad, really. Sun, 18 Feb 2007 07:59:00 GMT donotreply@osnews.com (Jojotdfb) Comments http://osnews.com/thread?214159 http://osnews.com/thread?214159 Ohhh.. I just get this need to see the Quest of the Holy Grail Sun, 18 Feb 2007 17:01:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214160 http://osnews.com/thread?214160 sappyvcv, you were suspiciously absent during the BlueJ-scandal. You only pop up when there is no blocker? Sun, 18 Feb 2007 17:02:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214161 http://osnews.com/thread?214161 But still much less than for Win2K3. Despite Win2K3 having a lot smaller market share

But OpenBSD is still the more secure OS. Sun, 18 Feb 2007 17:04:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214162 http://osnews.com/thread?214162 Of course not. OpenBSD is a form of Unix and clearly very insecure. Sun, 18 Feb 2007 17:06:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214164 http://osnews.com/thread?214164 I haven't had my system running Windows for a few weeks by now. The only thing I cannot run is CounterStrike (Wine 0.9.22 doesn't like me of some reason) and Visual Studio 2005. But I don't need the latter one, since my project depends on Apache, MySQL and PHP. And flash works fine on all websites, thanks to Flash 9.0.

Linux and *BSD is definitely ready. No ordinary users or power users are particularly tied to Windows anymore - except when you want to play certain 3D games. The corporate desktop/production system is a different beast. Here you may seriously need Windows due to your customers. Sun, 18 Feb 2007 17:09:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214165 http://osnews.com/thread?214165 Redhat Enterprise Linux costs more than Windows 2003 Server, if you need the biiiig whoop (e.g. the really serious server edition). If you can live with a RHEL WS single license system the price is lower than for XP Pro. Sun, 18 Feb 2007 17:11:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214166 http://osnews.com/thread?214166 It's an illusion. Actually everything is 42. Sun, 18 Feb 2007 17:15:00 GMT donotreply@osnews.com (dylansmrjones) Comments http://osnews.com/thread?214199 http://osnews.com/thread?214199 This is an XP SP2 feature, but isn't called MOTW AFAIK.

(StephenBeDoper eat your heart out) Sun, 18 Feb 2007 20:56:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?214200 http://osnews.com/thread?214200 Maybe Vista SP2 will ask you to solve a complex integral every half-hour or drop you into 'reduced-functionality mode'(TM)Edited 2007-02-18 21:00 Sun, 18 Feb 2007 20:59:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?214305 http://osnews.com/thread?214305 Openbsd is the superior solution for security. Mon, 19 Feb 2007 06:56:00 GMT donotreply@osnews.com (Eric Martin) Comments