Thread: Is Linux More Secure Than Windows?

  1. #1
    Registered User
    Join Date
    Jun 2004
    Posts
    722

    Is Linux More Secure Than Windows?

    http://download.microsoft.com/downlo...wsSecurity.pdf

    something a bit interesting...
    I don't want to comment or someone would acuse me of being part of some malicious end-of-the-world conspiration, like the people who made that article.

  2. #2
    Registered User MathFan's Avatar
    Join Date
    Apr 2002
    Posts
    190
    The point here really isn't who gets the updates and security fixes faster, but who is better with handling the computer and OS itself.

    And, yes, windoze can be more or less secure, but only if it's in hands of a knowing person. The real difference between linux and windoze is how customizable and low-level the security (and the OS in general) is. In win you must sweat to get any kind of log of what system is doing; in linux it's just some clicks (or commands) away. Because of this transparency linux is better off than windoze in the first place.

    We see many companies that have chosen windoze as their primary OS. And that is really fine, but the problem is that they have (usually) no idea of how to maintain the security at a acceptable level. They get a person to come over and look at their system sometimes (often too rare), but otherwise are not really concerned about the security at all, as if the computers maintain themselves.

    My school is a such institution. To crack anything is so easy that it should have been prohibited to use those computers at all. Practically anyone can view others' grades (which is in itself prohibited by law). Situation is the same for MANY online servers. If you want, you can get in really fast. (it is not always the OS security that matters, but anyway)

    Also those who use windoze in their private homes are vulnarable. They are often not really good at computers (and that is why they in practice choose windoze), and therefore are not able to maintain a sufficient security level.

    The same will probably apply to linux users. If you are not able to handle the system and do not know its "in-s and out-s", security may be at risc. Though you don't see many not professional linux users at all these days. Those who choose to change OS to linux are usually experienced people.
    The OS requirements were Windows Vista Ultimate or better, so we used Linux.

  3. #3
    S Sang-drax's Avatar
    Join Date
    May 2002
    Location
    Göteborg, Sweden
    Posts
    2,072
    Quote Originally Posted by MathFan
    Practically anyone can view others' grades (which is in itself prohibited by law).
    Interesting. In Sweden the grades (and written exams) for every student are public domain.
    Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling

  4. #4
    Registered User MathFan's Avatar
    Join Date
    Apr 2002
    Posts
    190
    In Sweden the grades (and written exams) for every student are public domain.
    Oh, we are "neighbours" then? Live in Norway...

    Here it's much more strict. When writing an exam, you are given a specific Student ID nr, which should be kept secret and all that. When the results are published, only the ID and the grade are printed next to eachother, so that each student can find himself, but not any other person. (of course it's up to you if you want to give your ID to anyone else)

    Even teachers are forbidden to look at the students' grades. So a geography teacher can't see what I got in mathematics and so on...
    The OS requirements were Windows Vista Ultimate or better, so we used Linux.

  5. #5
    Banned nickname_changed's Avatar
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    986
    Quote Originally Posted by MathFan
    The point here really isn't who gets the updates and security fixes faster, but who is better with handling the computer and OS itself.

    And, yes, windoze can be more or less secure, but only if it's in hands of a knowing person. The real difference between linux and windoze is how customizable and low-level the security (and the OS in general) is. In win you must sweat to get any kind of log of what system is doing; in linux it's just some clicks (or commands) away. Because of this transparency linux is better off than windoze in the first place.

    We see many companies that have chosen windoze as their primary OS. And that is really fine, but the problem is that they have (usually) no idea of how to maintain the security at a acceptable level. They get a person to come over and look at their system sometimes (often too rare), but otherwise are not really concerned about the security at all, as if the computers maintain themselves.

    My school is a such institution. To crack anything is so easy that it should have been prohibited to use those computers at all. Practically anyone can view others' grades (which is in itself prohibited by law). Situation is the same for MANY online servers. If you want, you can get in really fast. (it is not always the OS security that matters, but anyway)

    Also those who use windoze in their private homes are vulnarable. They are often not really good at computers (and that is why they in practice choose windoze), and therefore are not able to maintain a sufficient security level.

    The same will probably apply to linux users. If you are not able to handle the system and do not know its "in-s and out-s", security may be at risc. Though you don't see many not professional linux users at all these days. Those who choose to change OS to linux are usually experienced people.
    You have to sweat to even install something in Linux.

    Also, using your school as an example - If the administrators can't crack down on Windows security, what hope would they have with Linux? The only good thing about using linux is half of the kids wouldn't know anything about it to break anything.

    What I'm saying is if a company has no idea how to secure something, it doesn't matter what they use. Sure, Linux might come more secure out of the box (although Windows 2003 Server is locked down very tightly, and Longhorn will be too), but for anyone to even be effective in installing it, they either

    A) have to be a linux expert (and so could probably have configured Windows just as easily).
    B) Will see something is blocked and unblock it to make it work, without realizing the consequences. Then the system becomes just as vulnerable.

    You could lock your Datsun, or you could put an electric fence around your Bentley, but but if you give the keys to a monkey they're both as likely to get stolen.

  6. #6
    Pursuing knowledge confuted's Avatar
    Join Date
    Jun 2002
    Posts
    1,916
    Quote Originally Posted by stovellp
    You have to sweat to even install something in Linux.
    I certainly haven't found that to be the case. I have Linux and air conditioning running in the same room, and they don't interfere with one another.
    Is Linux More Secure Than Windows?
    Yes.
    Away.

  7. #7
    Registered User MathFan's Avatar
    Join Date
    Apr 2002
    Posts
    190
    You have to sweat to even install something in Linux.
    If you are a windoze user, yes.

    have to be a linux expert (and so could probably have configured Windows just as easily).
    Why not look at it the other way? First of all, you have to be an expert to configure both properly. In my point of view, linux expert will be much better - as he/she can always switch to windoze without any difficulty (besides those difficulties that come supplied in large amounts with windoze itself); while a windoze expert won't switch to linux as easily.

    Why bother configuring, installing and paying a bunch of money for the expensive M$ software? Why not download something for free, configure it properly and get a much more stable, expandable and customizable system?
    The OS requirements were Windows Vista Ultimate or better, so we used Linux.

  8. #8
    Banned nickname_changed's Avatar
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    986
    You spelt Microsoft as M$. Theres really no point continuing.

  9. #9
    Registered User MathFan's Avatar
    Join Date
    Apr 2002
    Posts
    190
    You spelt Microsoft as M$
    Yes, and?
    The OS requirements were Windows Vista Ultimate or better, so we used Linux.

  10. #10
    Banned nickname_changed's Avatar
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    986
    And only a 14 year old would try to debate security by spelling a Microsoft as "M$" or referring to Windows as "Windoze". Either you're a young teenager, have never worked professionall or you're an academic. Given the spelling, I'll go with the 14 year old theory. But given the photo (edit: and age) in your profile, I'll guess academic.

  11. #11
    Registered User
    Join Date
    Jan 2003
    Posts
    361
    Most apps are developed for the windows environment. It is easier for a company to use windows because of the availability of many program for that OS and the ease of use, they don't have to spend money training everyone how to use Linux.

  12. #12
    Bob Dole for '08 B0bDole's Avatar
    Join Date
    Sep 2004
    Posts
    618
    >Most apps are developed for the windows environment.

    Have you seen how many open source projects there are?

    Something like this would be correct:
    Most apps sold in stores are developed for the windows environment.

    >they don't have to spend money training everyone how to use Linux.

    No, you just hire people that know how to use it, just like their current job requirement is knowing windows... fire them, hire people with a job requirement of knowing linux, it's quite simple.
    Hmm

  13. #13
    Registered User MathFan's Avatar
    Join Date
    Apr 2002
    Posts
    190
    Quote Originally Posted by stovellp
    And only a 14 year old would try to debate security by spelling a Microsoft as "M$" or referring to Windows as "Windoze". Either you're a young teenager, have never worked professionall or you're an academic. Given the spelling, I'll go with the 14 year old theory. But given the photo (edit: and age) in your profile, I'll guess academic.
    I'm terrebly sorry if my spelling has irritated you so much. That was not intended; but let me tell you something. Yes, I'm a student and, yes, I'm trying to debate windows and linux security. If you don't like my arguments, you can comment on them and prove them wrong. But remember, both of us deserve to have a right to have our own opinions on different matters. My spelling in that case doesn't mean anything.

    Yes, you are probably much more experienced both in programming and in computer technology in general, than me. You make it almost sound like just because of that I have nothing to say. That is not true; as long as we live in a democratic society, I do. Though, of course, I may not always be right, and in many cases I'm not. But I'm trying to learn, too. It is up to you to correct me and express your own opinion. I respect that, but, please then, also respect what I have to say.

    Another thing is my view on Microsoft and their software. No, I don't like neither their general policy, nor the principals that they value most when producing software. In my point of view they focus too much on the commercial side. I don't need to repeat all the arguments in this debate. They have all been mentioned many times before on many forums, in many articles and on many occasions in the media. My spelling was ment to emphasize my attitude to Microsoft's activities. I now fully understand that you are provoked by it, and, again, I'm sorry, but it wasn't intended to do so.

    In the end, let me be honest with you stovellp. Your avatar isn't really mature, either, is it?
    The OS requirements were Windows Vista Ultimate or better, so we used Linux.

  14. #14
    Pursuing knowledge confuted's Avatar
    Join Date
    Jun 2002
    Posts
    1,916
    Quote Originally Posted by MathFan
    You make it almost sound like just because of that I have nothing to say. That is not true; as long as we live in a democratic society, I do.
    False. It is because of this democracy that you have the right to say things. It does not, however, guarantee that you have anything productive to say.
    Away.

  15. #15
    FOX
    Join Date
    May 2005
    Posts
    188
    An unpatched Linux system is just as vulnerable as an unpatched Windows system. The problem with desktop systems is that if you don't force upgrades on the users, most of them won't install any security patches, so it doesn't really matter what OS you're using since it'll become vulnerable eventually anyway if it has a substantial market share (read attracting enough script kiddies etc).

    What's interesting with Linux is that subsystems like SELinux allows you to limit the damage of a potential attack, so that an attacker won't be able to launch a shell even though there's a vulnerability in Apache or similar. This is great on servers where there won't be that many programs running, so you can tune their individual access control to the few resources they need access to.
    Last edited by ^xor; 06-25-2005 at 01:27 PM.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Dabbling with Linux.
    By Hunter2 in forum Tech Board
    Replies: 21
    Last Post: 04-21-2005, 04:17 PM
  2. linux and windows lookup host processes
    By Lynux-Penguin in forum Tech Board
    Replies: 0
    Last Post: 08-31-2003, 11:54 PM
  3. Linux OS to Windows OS code
    By sw9830 in forum C Programming
    Replies: 2
    Last Post: 02-28-2003, 03:11 PM
  4. Linux and Windows Duel Boot
    By The15th in forum A Brief History of Cprogramming.com
    Replies: 7
    Last Post: 04-26-2002, 04:59 AM
  5. Linux vs. windows
    By MicrosoftRep in forum Linux Programming
    Replies: 1
    Last Post: 03-20-2002, 02:42 PM