Linked by Igor Ljubuncic on Mon 21st Jun 2010 09:35 UTC
Privacy, Security, Encryption I've bored the readers of my personal website to death with two rather prosaic articles debating the Linux security model, in direct relation to Windows and associated claims of wondrous infections and lacks thereof. However, I haven't yet discussed even a single program that you can use on your Linux machine to gauge your security. For my inaugural article for OSNews, I'll leave the conceptual stuff behind, and focus on specific vectors of security, within the world of reason and moderation that I've created and show you how you can bolster a healthy strategy with some tactical polish, namely software.
Thread beginning with comment 430936
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Security
by Laurence on Mon 21st Jun 2010 18:39 UTC in reply to "RE[2]: Security"
Laurence
Member since:
2007-03-26

"Well that's not really true as, generally speaking, Linux distros ship with more secure defaults than Windows does.


And may I remind people that Linux security features are not even turned up to full blast on default installations. It's this good out of the box but it's not even trying. There's room for increasing Linux security two-fold or more. Consider:

* mandatory AppArmor-based software whitelisting;
* mandatory separate /home and /tmp partitions with noexec,nodev,nosuid;
* restricting software installation to official repositories and their mirrors and denying direct install of debs/rpms/install kits by default;
* integrating and shipping default kernels that feature better ASLR and NX bit support.
"

May I remind you that I stated "more secure defaults than Windows" and not that "Linux's defaults are perfect" ;)

Reply Parent Score: 2

RE[4]: Security
by fewt on Mon 21st Jun 2010 18:48 in reply to "RE[3]: Security"
fewt Member since:
2010-06-09

May I remind you that I stated "more secure defaults than Windows" and not that "Linux's defaults are perfect" ;)


They aren't more secure than Windows anymore. At one time, sure. Now? No.

Reply Parent Score: 0

RE[5]: Security
by Laurence on Mon 21st Jun 2010 19:14 in reply to "RE[4]: Security"
Laurence Member since:
2007-03-26

So Windows 7 doesn't give the default user accounts full administration rights?

Windows has come a long long way, there's no denying that. And I'm not disputing that security is an ongoing battle in which users shouldn't get complacent regardless of the OS they run.

I just don't see the point in lying by saying all OSs are equally secure by default. The simple fact is some OSs do ship with better defaults. However, and as I've already stated, none of that really makes much difference if you stick an experienced idiot in front of the keyboard.

Reply Parent Score: 3

RE[5]: Security
by wirespot on Tue 22nd Jun 2010 09:10 in reply to "RE[4]: Security"
wirespot Member since:
2006-06-21

They aren't more secure than Windows anymore. At one time, sure. Now? No.


Ah, but what do you mean by "Windows" and "Linux"? If you mean an install with just the OS and an interface, let's assume you're right. Windows 7 has made great strides into closing remote vulnerabilities and has taken protections such as ASLR, sandboxing IE etc. Remote breaking into Windows 7 through IE8 has been called one of the biggest modern challenges in security.

But a working PC also contains a large number of applications. This is where the cookie crumbles.

The Windows applications come in huge numbers, they are mostly closed source and they are not updated in a centralized manner. Plus, Windows users consider it normal to download stuff off any website they run into, not to mention downloading and running dubious cracks and keygens. What's more, they've become complacent about having malware in their machine.

Contrast this with Linux apps which are fewer, mostly open sourced, come 99% from trusted repositories, the update system is centralized and automated, and there's usually no need to go and install cracks. And a Linux user who finds a single piece of malware on their machine will be absolutely horrified.

Basically, the Windows userland is a security nightmare.

Reply Parent Score: 2

RE[5]: Security
by lemur2 on Wed 23rd Jun 2010 04:42 in reply to "RE[4]: Security"
lemur2 Member since:
2007-02-17

"May I remind you that I stated "more secure defaults than Windows" and not that "Linux's defaults are perfect" ;)
They aren't more secure than Windows anymore. At one time, sure. Now? No. "

Depends on how you define it. Windows now is certainly more secure than Windows of the past, but nevertheless the actual infection rate of Windows systems is still vastly more than infection rates of any other system.

It matters not at all to the end user (whose system gets infected) if this is "unfair" comparison, or if it is due to the fact that there is vastly more security threats against Windows. The practical outcome is still that if you run a Windows system, it is far more likely to get infected.

Reply Parent Score: 2