Coffeehouse Thread

169 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Linux vs. Windows Security

Back to Forum: Coffeehouse
  • User profile image
    jaylittle

    Linux isn't more secure than Windows.  Frankly as long as networks are administered by idiots, security isn't a goal one can hope to acheive.  This applies both on the Windows, Linux and OSX sides of the coin (boy thats an odd coin, eh?)

    You have to work to secure a system.  You have to consider carefully how services should be configured.  You have to decide which services need to be run and which ones do not.  You have to decide what further protections (AV, Firewalls...) are applicable as well.  Security isn't some bullet point on a piece of marketing material.  It is a process.  It is a process that both Windows, Linux and OSX leave much room for improvement for "out of the box".

    The argument that "Unix administrators have more experience" is somewhat worthless in my book due to the simple fact that Linux has attracted so many n00bs over the last few years, the majority of the user base doesn't have that knowledge to draw upon.  Likewise with Windows, the paper MCSEs and "mom and pop shop" would-be admins of the world know a lot less than they think.  Given the relative ease of use of Windows next to anything *nix, it is a lot harder to face up to this fact however.  Because lets face it, it doesnt take a whole lot of skill to click around and just look like you know what you are doing.


    At one of the companies I used to work for (one of the largest in the world mind you), I remember having a long talk with one of the *nix guys there about security one day.  We went back and forth postulating about which option was more secure.  This went on until the point he casually mentioned that the *nix admin team was still using tools like telnet and rexec to remotely admin their *nix boxes (a grouping composed of a variety of x86 Linux, PA-RISC HP/UX and Sparc Solaris boxes).

    I was literally stunned.  For those of you don't know, those are legacy *nix utilities that transmit all of their authenication and interaction in plaintext.  This means that no matter how secure the password, no matter how often it changes, it is relatively trivial to find out what the current password is simply by firing up a packet sniffer.  I asked him, "Aren't you worried about the implications of plaintext passwords being sniffed over the network?"  He simply said, "It's the internal network.  We are more worried about the internet and none of those services are exposed to the outside world."  Apparently my co-worker never read any of those FBI stats indicating that 70% of security breaches happen inside a network rather on the outside.

    So honestly, never assume that one OS is more secure than another.  Unless one of those OSes is installed on machine that has had it's power supply stripped, network connection pulled and room locked down miles underground behind military grade security - it's just not in the cards.  Especially if you have some clueless cretin who is overconfident when it comes to the state of security on their chosen OS running the show.

  • User profile image
    Cornelius Ellsonpeter

    shooby wrote:
    You can hack a linux system, but you have to know what you are doing, be very patient, and even then its likely you'll fail.  You'll probably have to tunnel through port 80, or 25, and --- well, lets just say you have to have a grasp.


    Do you even know what you are talking about? It doesn't seem like it.

  • User profile image
    Cornelius Ellsonpeter

    Okay, I'm confused.  I recently acquired an old laptop that had Windows 98SE installed on it.  I've been tempted to replace it with some variant of Linux, but I don't know if I should.  Cosmetic issues/arguments aside, why is Linux supposedly more secure than Windows?  What are the basic differences? Does it have to do with access rights to different files (i.e. root)? What's the difference between that and what Windows XP has? Or is it all about the fact that more malware/adware/viruses/worms are aimed at the Windows platform (as opposed to Linux)?

  • User profile image
    Maurits

    UNIX was designed to be used in a network environment from the get-go.

    Windows 98 was designed as a home-use computer OS.

    There are all kinds of security issues that only show up in a network environment.  Windows had a fair number of lessons to learn which UNIX had already learned the hard way.

    Whether Windows has caught up is an open question.

  • User profile image
    Manip

    Cornelius Ellsonpeter wrote:
    why is Linux supposedly more secure than Windows? 


    It isn't.

    Cornelius Ellsonpeter wrote:
    What are the basic differences?

     
    By basic I assume you mean major... Lack of drivers, inconsistent applications, complex UI, poor array of applications, poor support amongst third parties, poor power management (*important on laptops).

    Cornelius Ellsonpeter wrote:
    Does it have to do with access rights to different files (i.e. root)?

     
    Both UNIX and Windows XP support the same or extremely similar set of file access permissions.

    Cornelius Ellsonpeter wrote:
    Or is it all about the fact that more malware/adware/viruses/worms are aimed at the Windows platform (as opposed to Linux)?


    That's exactly what its about. And the fact *NIX defaults to users, whereas Windows defaults to the admin.

    Windows 98 unfortunately doesn't make a distinction between users and super-users... Thus it is less secure. But for what you loose in security you gain in speed. If you are REALLY worried try running Windows 2000.

    Maurits wrote:
    Whether Windows has caught up is an open question.


    Uhh what? Linux as a platform has FAR further to go than Windows does to "catch up." Windows has a few security issues, Linux has issues on EVERY level of its infrastructure from security to APIs to consistency to speed, etc etc.  

  • User profile image
    Detroit Muscle

    When you read manip's post, be sure to note that she/he didn't provide any data or examples to back up those bold claims. This is what we on the Internet call a troll.

  • User profile image
    PaoloM

    Detroit Muscle wrote:
    When you read manip's post, be sure to note that she/he didn't provide any data or examples to back up those bold claims. This is what we on the Internet call a troll.

    Feel free to prove where Manip was wrong.

  • User profile image
    Cornelius Ellsonpeter

    Manip wrote:


    Cornelius Ellsonpeter wrote: What are the basic differences?
    By basic I assume you mean major... Lack of drivers, inconsistent applications, complex UI, poor array of applications, poor support amongst third parties, poor power management (*important on laptops).


    I can see the lack of drivers issue as being big.  Inconsistent applications are something I've seen on both platforms, but it seems a lot worse over on the Linux side (from what little I have seen)

    Manip wrote:

    Cornelius Ellsonpeter wrote: Does it have to do with access rights to different files (i.e. root)?
     
    Both UNIX and Windows XP support the same or extremely similar set of file access permissions.


    That's what I was thinking...
    Manip wrote:


    Cornelius Ellsonpeter wrote: Or is it all about the fact that more malware/adware/viruses/worms are aimed at the Windows platform (as opposed to Linux)?
    That's exactly what its about. And the fact *NIX defaults to users, whereas Windows defaults to the admin.

    Windows 98 unfortunately doesn't make a distinction between users and super-users... Thus it is less secure. But for what you loose in security you gain in speed. If you are REALLY worried try running Windows 2000.
    I figured as much...I have used XP a lot, and 98 quite a bit.  I'm amazed they let things go that long, considering how long IE has been around.

    Thanks for the help!

  • User profile image
    Cybermagell​an

    Cornelius Ellsonpeter wrote:
    Okay, I'm confused.  I recently acquired an old laptop that had Windows 98SE installed on it.  I've been tempted to replace it with some variant of Linux, but I don't know if I should.  Cosmetic issues/arguments aside, why is Linux supposedly more secure than Windows?  What are the basic differences? Does it have to do with access rights to different files (i.e. root)? What's the difference between that and what Windows XP has? Or is it all about the fact that more malware/adware/viruses/worms are aimed at the Windows platform (as opposed to Linux)?


    Because people don't care to bother with Linux. Untill Grandma & Grandpa and Mom and Dad are using it and are dumb enough to put their private information on it as root, then no one cares.

  • User profile image
    Maurits

    > Lack of drivers
    > inconsistent applications
    > complex UI
    > poor array of applications
    > poor support amongst third parties
    > poor power management (*important on laptops).

    This has little to do with the OS and more to do with how it's used.

    > Both UNIX and Windows XP support the same or extremely similar set of file access permissions.

    A good point. Actually I think Windows file access permissions are far superior (since NTFS, of course... and probably continuing in WinFS when it's done...)

    > [Few viruses are] exactly what its about.

    This has more to do with the popularity of the OS than the quality.

    > And the fact *NIX defaults to users, whereas Windows defaults to the admin.

    Bingo! Microsoft is hopefully going to fix this, though.

    > Windows 98 unfortunately doesn't make a distinction between users and super-users... Thus it is less secure.

    Yes.  Although even a vanilla user can run spyware.

    > But for what you loose in security you gain in speed.

    NON SEQUITUR ALERT... clarify, please.

    > If you are REALLY worried try running Windows 2000.

    Or any descendant of NT... NT 3.51, NT 4.0, 2000, XP, Vista.  Avoid 95, 98, Me.

    > Uhh what? Linux as a platform has FAR further to go than Windows does to "catch up."

    Well, I said "to catch up" because of Windows' relative newness to the business/network world.  Linux is new too, but it built on UNIX as a model, so it got a head start.

    > Windows has a few security issues,

    ... that we know about.  Let's see the code.

    > Linux has issues on EVERY level of its infrastructure
    > from security

    ... for example?

    > to APIs

    ... for example?

    > to consistency

    ... for example?

    > to speed

    ... for example?

    Burden of proof is on the accuser...

  • User profile image
    Cornelius Ellsonpeter

    Maurits wrote:
    > Lack of drivers
    > poor power management (*important on laptops).

    This has little to do with the OS and more to do with how it's used.


    Those are OS issues...the power management, yes, and a lack of drivers...Windows comes with so many preinstalled drivers...hence the "Plug and Play" slogan everywhere.

    Maurits wrote:
    > And the fact *NIX defaults to users, whereas Windows defaults to the admin.

    Bingo! Microsoft is hopefully going to fix this, though.


    I don't get why the default is "Owner" (admin), considering that you have to authenticate Office (for instance) via the internet.  Sure you can use the landline, but a lot of people do it online. I'm sure most Windows owners go online nowadays anyway. Why not default to a limited user, with a small note as to WHY you don't run in admin mode all the time.

  • User profile image
    Maurits

    Maurits wrote:

    > Both UNIX and Windows XP support the same or extremely similar set of file access permissions.

    A good point. Actually I think Windows file access permissions are far superior (since NTFS, of course... and probably continuing in WinFS when it's done...)


    Although (to contradict myself) it's a little disturbing that in Windows the default permissions for the drive root are still "Everyone/Full Control".  In a Linux/UNIX/Mac machine, vanilla users only have write access to their home directory by default.

  • User profile image
    staceyw

    On an old laptop, is XP really going to be a realistic option for you anyway? 

  • User profile image
    Cornelius Ellsonpeter

    staceyw wrote:
    On an old laptop, is XP really going to be a realistic option for you anyway? 


    No...it only has a 2 GB hard drive (for now).  It does have Win98SE on it though...but I was thinking of putting Linux on it somehow...hence, the debate to either leave it "as is" or "switch".

    Or course, if I don't take it "online", then it really doesn't matter I guess.

  • User profile image
    Maurits

    Nothing wrong with Windows 98SE for a home computer.

  • User profile image
    rjdohnert

    What would you suggest?  The BeOS?  Seriously, if you want to learn Linux and UNIX Linux is a good system to try.  Since it has UNIX code in it you can also learn UNIX.  Depending on the speed of the laptop Linux wont offer you any more performance than Windows 2k or Windows XP. 

    staceyw wrote:

    On an old laptop, is XP really going to be a realistic option for you anyway? 

  • User profile image
    AndyC

    Cornelius Ellsonpeter wrote:

     Why not default to a limited user, with a small note as to WHY you don't run in admin mode all the time.


    Because there are literally millions of applications which assume they can do whatever they want on the system. Expecting end-users to leap through the hoops NT admins have had to in order to keep things working as a limited user is just naive.

    Re-engineering Windows to handle this whilst not breaking things is a massive task. Vista has done incredibly well in this regard. Hopefully it will usher in a new era of applications which have to work under restricted rights, making running as a genuinely limited user a much more viable prospect.

  • User profile image
    AndyC

    Maurits wrote:

    Although (to contradict myself) it's a little disturbing that in Windows the default permissions for the drive root are still "Everyone/Full Control".  In a Linux/UNIX/Mac machine, vanilla users only have write access to their home directory by default.


    Those defaults are different in XP.

    Unix permissions are nowhere near as flexible or granular as Windows ACLs. There are many scenarios that are trivial to arrange in Windows, but which are incredibly awkward with *nix permissions. This is why Mac OS and Linux are gradually moving toward an ACL system.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.