Linked by Igor Ljubuncic on Mon 21st Jun 2010 09:35 UTC
Privacy, Security, Encryption I've bored the readers of my personal website to death with two rather prosaic articles debating the Linux security model, in direct relation to Windows and associated claims of wondrous infections and lacks thereof. However, I haven't yet discussed even a single program that you can use on your Linux machine to gauge your security. For my inaugural article for OSNews, I'll leave the conceptual stuff behind, and focus on specific vectors of security, within the world of reason and moderation that I've created and show you how you can bolster a healthy strategy with some tactical polish, namely software.
Thread beginning with comment 431054
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Security
by wirespot on Tue 22nd Jun 2010 09:10 UTC in reply to "RE[4]: Security"
wirespot
Member since:
2006-06-21

They aren't more secure than Windows anymore. At one time, sure. Now? No.


Ah, but what do you mean by "Windows" and "Linux"? If you mean an install with just the OS and an interface, let's assume you're right. Windows 7 has made great strides into closing remote vulnerabilities and has taken protections such as ASLR, sandboxing IE etc. Remote breaking into Windows 7 through IE8 has been called one of the biggest modern challenges in security.

But a working PC also contains a large number of applications. This is where the cookie crumbles.

The Windows applications come in huge numbers, they are mostly closed source and they are not updated in a centralized manner. Plus, Windows users consider it normal to download stuff off any website they run into, not to mention downloading and running dubious cracks and keygens. What's more, they've become complacent about having malware in their machine.

Contrast this with Linux apps which are fewer, mostly open sourced, come 99% from trusted repositories, the update system is centralized and automated, and there's usually no need to go and install cracks. And a Linux user who finds a single piece of malware on their machine will be absolutely horrified.

Basically, the Windows userland is a security nightmare.

Reply Parent Score: 2

RE[6]: Security
by fewt on Tue 22nd Jun 2010 12:17 in reply to "RE[5]: Security"
fewt Member since:
2010-06-09

Basically, the Windows userland is a security nightmare.


s/Windows/any\ OS/i

Reply Parent Score: 1

RE[6]: Security
by lemur2 on Wed 23rd Jun 2010 04:36 in reply to "RE[5]: Security"
lemur2 Member since:
2007-02-17

The Windows applications come in huge numbers, they are mostly closed source and they are not updated in a centralized manner. Plus, Windows users consider it normal to download stuff off any website they run into, not to mention downloading and running dubious cracks and keygens. What's more, they've become complacent about having malware in their machine.

Contrast this with Linux apps which are fewer, mostly open sourced, come 99% from trusted repositories, the update system is centralized and automated, and there's usually no need to go and install cracks. And a Linux user who finds a single piece of malware on their machine will be absolutely horrified.


Precisely so.

In fact, there was one case recently of an obscure program called UnRealIRCd where someone had replaced a tarball (which was unsigned) on a mirror with a version that contained a trojan.

There was a huge amount of "horror" and discussion generated over this, but at the end of the day the trojan found its way into only two minor distribution repositories. It is unclear if it actually mamanged to infect any end user's machines at all.

The amount of "horror" generated compared to the actual infection rate was hugely blown out of proportion. In a way, that is a positive ... if an equivalent thing had happened in the Windows ecosystem, probably no-one would ever have even noticed, and certainly there would be no comment raised.

Edited 2010-06-23 04:37 UTC

Reply Parent Score: 2