Linked by Amjith Ramanujam on Sat 19th Jul 2008 19:01 UTC, submitted by cypress
Linux Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.
Thread beginning with comment 323791
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Regardless of the reason
by nberardi on Sun 20th Jul 2008 19:12 UTC in reply to "RE[2]: Regardless of the reason"
nberardi
Member since:
2005-07-10

The truth is that this is not a technology problem. Windows is targeted because it makes good business sense to target windows over Linux and Mac OS X, and I would venture to say that none of the reasoning for targeting windows is because of security.

http://blogs.zdnet.com/security/?p=135

Bot networks equal big money today. So which would you rather focus your efforts on, in a constantly changing environment, the 10% that amount to Linux + Mac, or the 90% that amount to windows machines.

It is similar to starting a coffee shop, where do you think you are going to get a better wide range of consumers. NY City, NY or Elmira, NY? It is obvious, as a business decision to start you business in NY City. There are more potential customers, their is more money, and you have a better chance of doing well.

I am really getting tired of this argument, because it is obviously a business problem and not a technology problem. But you guys are fighting it almost like somebody asked you to whip them out and measure for biggest.

I just don't get all this arguing, I approach all operating systems as being insecure, and it forces me to protect my self in more reliable ways. In fact I have it down to such a science that I don't even run anti-virus on my Windows Vista x64 anymore, and I have been virus free for almost 2 years now.

All my mail goes through Gmail, which is scanned. I don't install any software that doesn't come from a trusted vendor. And I am running x64 which is outside of the current target of Trojan writers, because they tend to focus efforts on the mass market of Windows XP and Windows Vista 32-bit.

Plus if what you are saying is true about hackers going after insecure operating systems, Mac OS 1-9 would have been swamped with viruses.

Reply Parent Score: 4

Ford Prefect Member since:
2006-01-16

I also never had virus problems with Windows although I don't use it since 2002.

Still if you followed the history of the industry in the last 10 years you found many technical aspects which _indeed_ made a difference in this issue. I would also claim that Windows, but much more than that Internet Explorer, even made this big malware industry possible and that without those products we would have a different security culture today.

If you just have a look at ActiveX, its design and then its outcome, you will see that it stands for itself, it is a big security nightmare which other platforms just never had.


I see a platform which was very insecure und vulnerable for over 10 years. It was outstanding in that regards. And _apart_ from that it was also the market dominating one. You can say this is history, but things didn't change as much as you might think. For example recently a worm spread which infects WMA files -- simple audio files! And it makes WMP to download itself. This is the same lesson MS did not learn a 1000 times before.

What I want to point out is that neither of those (security from hell, market dominance) could have the same impact alone. It's an issue which is both technical and non-technical. At the early stages almost no hacker wrote exploits for financial reasons. How much you can earn with that was found later, in fact after a very long time. It would have been much easier to build a botnet in 2000 than today, still in 2000 nobody was talking about botnets. Your marketshare argument holds truth but it doesn't make so much sense historically. Indeed there are other (technical!) reasons why Windows was always the main target, at least if you measure that by success. Do you really think in 2000 it wouldn't be much more funny to break into some big webservers instead of attacking your neighbor?

And apart from that, I am not fighting anything or anyone. Or could you point me out?

Edited 2008-07-20 20:29 UTC

Reply Parent Score: 3

PlatformAgnostic Member since:
2006-01-02

What makes you think that such a worm would be impossible if you put a fuzzer to an OGG vorbis or OGG theora file?

Heck, BIND which is internet-facing software that accepts much simpler requests than the average media file had exploitable buffer overflows for a number of versions.

Microsoft got the security religion rather late, but we've been pretty darn good at it for the last 7 years. As nbernardi said, it's a commercial enterprise now. Vista exploits go for $50,000 a pop... that's not chump change so there are many people looking. And it's a pretty asymmetric game... we have to release a lot of stuff on a deadline and make sure it is functional, secure, reliable, usable, localized, and everything else whereas the attackers can sit for a long time without any particular deadlines looking for one chink in the armor. And these days, attackers don't even bother going after the OS or even the Applications, but instead just ask users to open executable trojans... there's nothing an OS can do against a program that a user willingly launches.

Re: The ActiveX issue, how is ActiveX different in vulnerability from the Netscape/Mozilla plugin model that every other browser uses? It seems like the same attacks are applicable to both.

If the OS X market continues to grow, perhaps we shall see a similar set of attacks against that system... I mean, getting a user to click on a malicious program is not a particularly OS-specific attack (a trojan doesn't need root to do most of its useful dirty work).

Reply Parent Score: 2

nberardi Member since:
2005-07-10

Honestly I am not pointing fingers, because I know Microsoft has been mostly at fault because of its lack of focus on security.

However that being said, even if Microsoft has the great history of security that Linux has, it would still be the ideal platform for malware developers to target. Because it is a business decision and nothing else. Like it or not there are holes, a ton fewer than Microsoft, in Linux that could be exploited, but they aren't because the malware industry has to focus somewhere and Microsoft is the biggest and easiest target right now and for the foreseeable future.

Reply Parent Score: 1

nberardi Member since:
2005-07-10

I see a platform which was very insecure und vulnerable for over 10 years. It was outstanding in that regards. And _apart_ from that it was also the market dominating one. You can say this is history, but things didn't change as much as you might think. For example recently a worm spread which infects WMA files -- simple audio files! And it makes WMP to download itself. This is the same lesson MS did not learn a 1000 times before.


Yes but why did hackers pick Microsoft technologies over the vulnerabilities in iTunes. Because it was a business decision by them.

Reply Parent Score: 2

RE[4]: Regardless of the reason
by rtfa on Mon 21st Jul 2008 07:41 in reply to "RE[3]: Regardless of the reason"
rtfa Member since:
2006-02-27

From what you posted shows that you did not read the article, or if you did, you did not understand it.

Reply Parent Score: 1

RE[4]: Regardless of the reason
by gustl on Mon 21st Jul 2008 21:09 in reply to "RE[3]: Regardless of the reason"
gustl Member since:
2006-01-19

I have to tell you my experience with Windows XP.

At home I use Linux, at work I have to use Windows. I once transfered a file via USB-stick from a company laptop to the laptop of a customer.
two weeks after that I plugged in this same USB stick into my desktop computer at work.

I opened Windows Explorer, clicked on the drive letter, and BAM - a virus warning popped up.

I removed the USB stick, took it home and plugged it in, and found an autorun.inf file in the stick's root directory. I only did not get the virus into my work computer because the virus software caught it. The next virus might not get caught.

The company I work for is VERY security conscious but this might be something they overlooked.
Why on earth is the DEFAULT setting on Microsoft XP (installed one year ago) to AUTOSTART stuff from any pluggable device. That is plainly insane, and I do not know one single Linux distribution which autostarts anything from a pluggable device. I had NO chance to see what I was starting before Windows started the thing itself.

There is no doubt that Windows is securable, you can do it. But by default, it is MUCH less secure than any Linux I know of, which in turn means that most installations will stay this way.

You have to manually break into a Linux system, a worm or virus does not get far, simply because the user action required for execution of a program is much less easy to get than with Windows. With Windows, an executable just needs the .exe (or several other) extension, in Linux you have to make the file executable first, and if this is doen as a user, the virus can not spread across the whole filesystem, but stays in the users are. It cannot modify a system file to keep itself from showing up in the filesystem.

Reply Parent Score: 3