Linked by Amjith Ramanujam on Sat 19th Jul 2008 19:01 UTC, submitted by cypress
Linux Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.
Thread beginning with comment 323765
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Regardless of the reason
by nberardi on Sun 20th Jul 2008 14:51 UTC in reply to "Regardless of the reason"
nberardi
Member since:
2005-07-10

Honestly I don't care about this nonsense, because much like politics both sides are just putting numbers out that benefit them.

Microsoft is at the unfortunate disadvantage of having everything developed under one roof, so all bugs are summed up under Microsoft Windows errors, expect for anything not included by the OS in the default install. However that leaves IIS, Network Stack, Communication Stack, IO, and anything else you can think of even drivers.

Linux on the other hand seems to benefit from not under one roof reporting. Because after all Linux is just the Kernal and if we had to compare Kernel to Kernel I am sure the numbers would be about even for bugs and vulnerabilities. However when you combine such systems as Apache, and the Linux networking, communication, and IO stacks you run in to a similar amount of vulnerabilities.

The point is that neither OS is secure when running but a person who doesn't know what they are doing. And I do believe that hackers specifically target Microsoft because they always know a core set of components are going to be on the system. And I do believe that Linux is more secure in the sense the combination of programs is usually haphazardly put together. Meaning that a hacker cannot figure out what is on the system to exploit. However with popular brands like Ubuntu I believe this trend is going to change.

Apple is already starting to see this with their Mac brand.

Reply Parent Score: 2

Ford Prefect Member since:
2006-01-16

It is quite the opposite. Linux Distributions ship with lots of userspace programs including a wide range of different genres, from office suite to games.

Most times measurements are made all bugs "in Fedora" are counted contrairy to all bugs "in Windows XY".

Secondly, this "everything is insecure, it only depends on your numbers" myth is what MS tried to tell the public with their advertising ("Windows is more secure") and their paid-for studies for years. With quite success: They knew nobody would buy their "Windows is more secure" shit. But by flooding the market with these claims, they achieved the "nobody knows what's more secure" claim to be accepted.

The truth is, it's right that number counting is not that relevant. Just look how Windows systems are set-up compared to Linux systems. How every Windows machine wastes ressources for virus scanning etc. and still you had these massive worms. People seem to be very fast at forgetting things in this industry. And then you look at the architectures of Unix systems and Windows systems. It's true that Windows got more secure in the latest years which is a very good thing and longly overdue. But still there are massive problems inherented by backwards compatibility. The Windows security model grew very complex compared to Unix/Linux. It's far more easier to find holes in a complex system which is full of intended (because of the backwards compatibility) corner cases etc.

Edited 2008-07-20 16:15 UTC

Reply Parent Score: 3

nberardi Member since:
2005-07-10

The truth is that this is not a technology problem. Windows is targeted because it makes good business sense to target windows over Linux and Mac OS X, and I would venture to say that none of the reasoning for targeting windows is because of security.

http://blogs.zdnet.com/security/?p=135

Bot networks equal big money today. So which would you rather focus your efforts on, in a constantly changing environment, the 10% that amount to Linux + Mac, or the 90% that amount to windows machines.

It is similar to starting a coffee shop, where do you think you are going to get a better wide range of consumers. NY City, NY or Elmira, NY? It is obvious, as a business decision to start you business in NY City. There are more potential customers, their is more money, and you have a better chance of doing well.

I am really getting tired of this argument, because it is obviously a business problem and not a technology problem. But you guys are fighting it almost like somebody asked you to whip them out and measure for biggest.

I just don't get all this arguing, I approach all operating systems as being insecure, and it forces me to protect my self in more reliable ways. In fact I have it down to such a science that I don't even run anti-virus on my Windows Vista x64 anymore, and I have been virus free for almost 2 years now.

All my mail goes through Gmail, which is scanned. I don't install any software that doesn't come from a trusted vendor. And I am running x64 which is outside of the current target of Trojan writers, because they tend to focus efforts on the mass market of Windows XP and Windows Vista 32-bit.

Plus if what you are saying is true about hackers going after insecure operating systems, Mac OS 1-9 would have been swamped with viruses.

Reply Parent Score: 4