Linked by Amjith Ramanujam on Sat 19th Jul 2008 19:01 UTC, submitted by cypress
Linux Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.
Thread beginning with comment 323777
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Regardless of the reason
by Ford Prefect on Sun 20th Jul 2008 16:12 UTC in reply to "RE: Regardless of the reason"
Ford Prefect
Member since:

It is quite the opposite. Linux Distributions ship with lots of userspace programs including a wide range of different genres, from office suite to games.

Most times measurements are made all bugs "in Fedora" are counted contrairy to all bugs "in Windows XY".

Secondly, this "everything is insecure, it only depends on your numbers" myth is what MS tried to tell the public with their advertising ("Windows is more secure") and their paid-for studies for years. With quite success: They knew nobody would buy their "Windows is more secure" shit. But by flooding the market with these claims, they achieved the "nobody knows what's more secure" claim to be accepted.

The truth is, it's right that number counting is not that relevant. Just look how Windows systems are set-up compared to Linux systems. How every Windows machine wastes ressources for virus scanning etc. and still you had these massive worms. People seem to be very fast at forgetting things in this industry. And then you look at the architectures of Unix systems and Windows systems. It's true that Windows got more secure in the latest years which is a very good thing and longly overdue. But still there are massive problems inherented by backwards compatibility. The Windows security model grew very complex compared to Unix/Linux. It's far more easier to find holes in a complex system which is full of intended (because of the backwards compatibility) corner cases etc.

Edited 2008-07-20 16:15 UTC

Reply Parent Score: 3

nberardi Member since:

The truth is that this is not a technology problem. Windows is targeted because it makes good business sense to target windows over Linux and Mac OS X, and I would venture to say that none of the reasoning for targeting windows is because of security.

Bot networks equal big money today. So which would you rather focus your efforts on, in a constantly changing environment, the 10% that amount to Linux + Mac, or the 90% that amount to windows machines.

It is similar to starting a coffee shop, where do you think you are going to get a better wide range of consumers. NY City, NY or Elmira, NY? It is obvious, as a business decision to start you business in NY City. There are more potential customers, their is more money, and you have a better chance of doing well.

I am really getting tired of this argument, because it is obviously a business problem and not a technology problem. But you guys are fighting it almost like somebody asked you to whip them out and measure for biggest.

I just don't get all this arguing, I approach all operating systems as being insecure, and it forces me to protect my self in more reliable ways. In fact I have it down to such a science that I don't even run anti-virus on my Windows Vista x64 anymore, and I have been virus free for almost 2 years now.

All my mail goes through Gmail, which is scanned. I don't install any software that doesn't come from a trusted vendor. And I am running x64 which is outside of the current target of Trojan writers, because they tend to focus efforts on the mass market of Windows XP and Windows Vista 32-bit.

Plus if what you are saying is true about hackers going after insecure operating systems, Mac OS 1-9 would have been swamped with viruses.

Reply Parent Score: 4

Ford Prefect Member since:

I also never had virus problems with Windows although I don't use it since 2002.

Still if you followed the history of the industry in the last 10 years you found many technical aspects which _indeed_ made a difference in this issue. I would also claim that Windows, but much more than that Internet Explorer, even made this big malware industry possible and that without those products we would have a different security culture today.

If you just have a look at ActiveX, its design and then its outcome, you will see that it stands for itself, it is a big security nightmare which other platforms just never had.

I see a platform which was very insecure und vulnerable for over 10 years. It was outstanding in that regards. And _apart_ from that it was also the market dominating one. You can say this is history, but things didn't change as much as you might think. For example recently a worm spread which infects WMA files -- simple audio files! And it makes WMP to download itself. This is the same lesson MS did not learn a 1000 times before.

What I want to point out is that neither of those (security from hell, market dominance) could have the same impact alone. It's an issue which is both technical and non-technical. At the early stages almost no hacker wrote exploits for financial reasons. How much you can earn with that was found later, in fact after a very long time. It would have been much easier to build a botnet in 2000 than today, still in 2000 nobody was talking about botnets. Your marketshare argument holds truth but it doesn't make so much sense historically. Indeed there are other (technical!) reasons why Windows was always the main target, at least if you measure that by success. Do you really think in 2000 it wouldn't be much more funny to break into some big webservers instead of attacking your neighbor?

And apart from that, I am not fighting anything or anyone. Or could you point me out?

Edited 2008-07-20 20:29 UTC

Reply Parent Score: 3

RE[4]: Regardless of the reason
by rtfa on Mon 21st Jul 2008 07:41 in reply to "RE[3]: Regardless of the reason"
rtfa Member since:

From what you posted shows that you did not read the article, or if you did, you did not understand it.

Reply Parent Score: 1

RE[4]: Regardless of the reason
by gustl on Mon 21st Jul 2008 21:09 in reply to "RE[3]: Regardless of the reason"
gustl Member since:

I have to tell you my experience with Windows XP.

At home I use Linux, at work I have to use Windows. I once transfered a file via USB-stick from a company laptop to the laptop of a customer.
two weeks after that I plugged in this same USB stick into my desktop computer at work.

I opened Windows Explorer, clicked on the drive letter, and BAM - a virus warning popped up.

I removed the USB stick, took it home and plugged it in, and found an autorun.inf file in the stick's root directory. I only did not get the virus into my work computer because the virus software caught it. The next virus might not get caught.

The company I work for is VERY security conscious but this might be something they overlooked.
Why on earth is the DEFAULT setting on Microsoft XP (installed one year ago) to AUTOSTART stuff from any pluggable device. That is plainly insane, and I do not know one single Linux distribution which autostarts anything from a pluggable device. I had NO chance to see what I was starting before Windows started the thing itself.

There is no doubt that Windows is securable, you can do it. But by default, it is MUCH less secure than any Linux I know of, which in turn means that most installations will stay this way.

You have to manually break into a Linux system, a worm or virus does not get far, simply because the user action required for execution of a program is much less easy to get than with Windows. With Windows, an executable just needs the .exe (or several other) extension, in Linux you have to make the file executable first, and if this is doen as a user, the virus can not spread across the whole filesystem, but stays in the users are. It cannot modify a system file to keep itself from showing up in the filesystem.

Reply Parent Score: 3