| Is Linux really more secure than Windows? |
Nov. 09, 2005
My colleague Larry Seltzer thinks we may be on the verge of an age of Linux worms that might rival the endless trouble Windows users encounter. Nah. First, none of the trio of vulnerabilities in the luppi worm actually have a thing to do with Linux.
Yes, these worms target Linux systems, but the holes they use to target aren't Linux holes at all. They're Web service script holes.
Saying that this is a Linux problem is like saying that the gaping Macromedia Flash hole is an XP problem.
So long as you don't run a vulnerable application, your system is as secure as ever.
Larry thinks that one reason why Linux systems are, generally speaking, more secure than Windows systems is that Linux users tend to be more aware of basic security practices than Windows users.
I'd have bought that theory a few years ago, but Linux really is getting more popular. As a result, I now know Linux users who'd be no more able to set up a basic firewall with iptables than a Windows user would be.
As a result, there's a growing market for Linux security programs. Just like I always recommend Zone Labs' ZoneAlarm for Windows users, I now recommend new Linux desktop users either get a Linux desktop like Xandros' Xandros 3.0, which comes with a firewall wizard, or, for corporate users, they buy Astaro Corp.'s Security Gateway software (formerly Astaro Security Linux).
At the server level, I've found Windows and Linux administrators to have equivalent levels of skills.
No, the real security difference between Linux and Windows is simply that by design Linux is inherently more secure than Windows.
From the ground up, Linux was designed to be a multi-user, networked operating system. Even now, Windows shows its creaky history as the descendent of a single-user, stand-alone PC operating system.
That gives Windows some strengths that Linux systems don't have. For instance, you can easily copy and paste from almost any Windows application to another. With some Linux applications it's easy to cut and paste between them; with others it's not.
The bad thing about the Windows approach, where everything from the highest level user applications like a Web browser or a word processor is linked to the lowest level of the core operating system, is that almost any vulnerability can be used to attack the entire system.
Why, this Tuesday, three Windows image-rendering flaws have made XP, W2K and 2003 users' PCs vulnerable to takeover attacks. Your Windows PC could be gutted like a fish simply by viewing a rigged image in Outlook, Internet Explorer, or Word.
Yeow!
This is a perfect example of a Windows-only problem. First, even if there were the same holes in three Linux applications, say Thunderbird, Firefox and OpenOffice.org Writer, it still couldn't hammer a Linux system the way it could Windows. Linux simply doesn't have those useful, but dangerous, Windows internal links.
Make no mistake though, while Linux is far more secure than Windows, it is not invulnerable. No operating system is.
Security is a process, not an operating system or a product. It's just that when using Linux, today and tomorrow, you start ahead of the game.
If you found this eWEEK.com article by Steven J. Vaughan-Nichols informative, be sure to check out eWEEK.com's Linux & Open Source Center for the latest open-source news, reviews, and analysis.
Related stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
Use of this site is governed by our Terms of
Service and Privacy Policy.
Except where otherwise specified, the contents of this site are copyright © 1999-2008
Ziff Davis Enterprise Holdings Inc. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is
prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.
news feed