Linked by Amjith Ramanujam on Sat 19th Jul 2008 19:01 UTC, submitted by cypress
Linux Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.
Thread beginning with comment 323798
To view parent comment, click here.
To read all comments associated with this story, please click here.
Ford Prefect
Member since:
2006-01-16

I also never had virus problems with Windows although I don't use it since 2002.

Still if you followed the history of the industry in the last 10 years you found many technical aspects which _indeed_ made a difference in this issue. I would also claim that Windows, but much more than that Internet Explorer, even made this big malware industry possible and that without those products we would have a different security culture today.

If you just have a look at ActiveX, its design and then its outcome, you will see that it stands for itself, it is a big security nightmare which other platforms just never had.


I see a platform which was very insecure und vulnerable for over 10 years. It was outstanding in that regards. And _apart_ from that it was also the market dominating one. You can say this is history, but things didn't change as much as you might think. For example recently a worm spread which infects WMA files -- simple audio files! And it makes WMP to download itself. This is the same lesson MS did not learn a 1000 times before.

What I want to point out is that neither of those (security from hell, market dominance) could have the same impact alone. It's an issue which is both technical and non-technical. At the early stages almost no hacker wrote exploits for financial reasons. How much you can earn with that was found later, in fact after a very long time. It would have been much easier to build a botnet in 2000 than today, still in 2000 nobody was talking about botnets. Your marketshare argument holds truth but it doesn't make so much sense historically. Indeed there are other (technical!) reasons why Windows was always the main target, at least if you measure that by success. Do you really think in 2000 it wouldn't be much more funny to break into some big webservers instead of attacking your neighbor?

And apart from that, I am not fighting anything or anyone. Or could you point me out?

Edited 2008-07-20 20:29 UTC

Reply Parent Score: 3

PlatformAgnostic Member since:
2006-01-02

What makes you think that such a worm would be impossible if you put a fuzzer to an OGG vorbis or OGG theora file?

Heck, BIND which is internet-facing software that accepts much simpler requests than the average media file had exploitable buffer overflows for a number of versions.

Microsoft got the security religion rather late, but we've been pretty darn good at it for the last 7 years. As nbernardi said, it's a commercial enterprise now. Vista exploits go for $50,000 a pop... that's not chump change so there are many people looking. And it's a pretty asymmetric game... we have to release a lot of stuff on a deadline and make sure it is functional, secure, reliable, usable, localized, and everything else whereas the attackers can sit for a long time without any particular deadlines looking for one chink in the armor. And these days, attackers don't even bother going after the OS or even the Applications, but instead just ask users to open executable trojans... there's nothing an OS can do against a program that a user willingly launches.

Re: The ActiveX issue, how is ActiveX different in vulnerability from the Netscape/Mozilla plugin model that every other browser uses? It seems like the same attacks are applicable to both.

If the OS X market continues to grow, perhaps we shall see a similar set of attacks against that system... I mean, getting a user to click on a malicious program is not a particularly OS-specific attack (a trojan doesn't need root to do most of its useful dirty work).

Reply Parent Score: 2

unluckier Member since:
2008-07-21

You are correct in that both ActiveX and Netscape-style plug-ins are native code that can have the same flaws.

But the main difference is the packaging and installation of that code:

With a plug-in, the installation is very obvious. A specially-formatted plug-in file needs to be put in a special location for the browser. And that process is generally done by a plug-in installer application.

With ActiveX, however, *any* Windows application is likely to install ActiveX controls. They can be in any location, and they don't even have to do anything related to your web browser. If a component is packaged up as a COM object (very common on Windows), then IE can "use" it.

http://www.kb.cert.org/vuls/id/680526

The installation of an ActiveX control can happen natively through the web browser, or through installing any application (internet-related or not). e.g. Winzip:

http://www.kb.cert.org/vuls/id/225217

The end result is that there are LOTS of systems that have LOTS of ActiveX controls that they may not even be aware of.

Reply Parent Score: 2

Ford Prefect Member since:
2006-01-16

Thanks for joining the discussion as an MS employee.
I just want to answer your questions on WMA/OGG and ActiveX. I don't believe that MS produces more buggy code than others. I know there are many talented people working in your company and I guess they should all be well aware of buffer overflows and other bugs which can be exploited and avoid them. Sure there could be as likely exploitable input processing in OGG as in WMA. But we are talking about a different issue here.

The problem here is philosophy.

Neither OGG nor MP3 or any other sane media format includes the possibility to define a website where a decoder should be downloaded and afterwards instantly run. WMA includes this, so people want to listen to a WMA filed and asked by WMP to "install necessary codec?" which they say "Yes" to and there they have the virus. It even silently transcodes MP3 files on the user's machine to (infected) WMAs just because MP3 doesn't come with this "feature".

ActiveX are objects which have the same power as executables. But they are not treated us such by MS's software, instead they can be distributed in various different ways which I would call unsuited at best. A website can deploy an ActiveX object which Internet Explorer is more than willing to install (it's like "install this active x component?" Yes). Because MS wanted to market ActiveX and use it as a "killer feature" to dominate the web (after the failure to overtake Java, court case won by SUN) it was in the vendor's interest to make it as easy and unquestionable to the user as possible to say Yes to just every ActiveX around. Then there were some rough security bounds ("zones") but hundreds of ways were found to get beyond those borders. Some years ago you could read about new ActiveX holes at least once per week!


The program can be as robust as it can be, if the philosophy behind it is weak. Every sane person knows that it is never a good idea to automatically download and execute code from the internet. As we saw, software like the Windows Media Player still does exactly that. MS obviously still didn't learn the lesson, or perhaps just refuses to do so (we have virus scanners everywhere for that now ;) . This is no overlooked security problem. It is insecurity by intention, due to other reasons though. Doesn't help the user much..

Reply Parent Score: 3

nberardi Member since:
2005-07-10

Honestly I am not pointing fingers, because I know Microsoft has been mostly at fault because of its lack of focus on security.

However that being said, even if Microsoft has the great history of security that Linux has, it would still be the ideal platform for malware developers to target. Because it is a business decision and nothing else. Like it or not there are holes, a ton fewer than Microsoft, in Linux that could be exploited, but they aren't because the malware industry has to focus somewhere and Microsoft is the biggest and easiest target right now and for the foreseeable future.

Reply Parent Score: 1

nberardi Member since:
2005-07-10

I see a platform which was very insecure und vulnerable for over 10 years. It was outstanding in that regards. And _apart_ from that it was also the market dominating one. You can say this is history, but things didn't change as much as you might think. For example recently a worm spread which infects WMA files -- simple audio files! And it makes WMP to download itself. This is the same lesson MS did not learn a 1000 times before.


Yes but why did hackers pick Microsoft technologies over the vulnerabilities in iTunes. Because it was a business decision by them.

Reply Parent Score: 2