Replies

Hmmm... not so sure here...but what the hey... I suspect that unix/Linux is more secure because it is less used than Windows and not exploited as much. May be untrue, just my feelings. Now I do love Ubuntu so am not totally prejudiced...just that I think you might be a bit unfair.

Windows has become more secure (Windows 7) and really should not be denigrated so much. I do think that Ubuntu is a really nice alternative though.

Security will eventually depend upon which operating system is in the majority. I do like the faster response to fixing problems in Ubunto though - that is a plus.

Otherwise, this is not much of a revelation - the dominating OS will always be a target and have the most problems.

To all those that look for reasons to NOT use Windows, well good luck... It is a good operating system and will probably remain the dominate system for the next decade.

Our ISP stopped “supporting” W-98 a couple of years ago, so I can no longer connect to internet with my old collection-of-spare-parts back up box which does not have sufficient RAM to run XP. About all I use it for now is a spare word processor.

A friend gave me a LINUX emulator CD, and it was pretty interesting - connected on line, too. When I tried to install a version of LINUX that I downloaded to CD tough, I was too old and stupid to install it; something about “tarballs” (???).

I guess Linux and such is only for smart people, and that leaves me out. Pity; had my hopes up for a while there.

When Windows 95 was created, MSFT made some deliberate design decisions that have hobbled security and reliability on Windows forever since. MSFT is finally starting to address the biggest of these issues:

The registry.

The Windows registry is like one-stop shopping for someone writing an attack on a Windows system. You can discover all manner of information about the hardware configuration, the software configuration, licensing, user information, etc in the registry. Microsoft very helpfully gathered all this information together into one place, with a very fragile format and a very non-robust access method, and made the system utterly dependent upon it.

Unix systems don’t have a system like the Windows registry, where so much information is in one place. There’s quite a lot of configuration information scattered in the /etc path in different files - some of them text, some not. But they’re not going to be easy for the hacker to go on a one-stop shopping trip for critical info.

Microsoft realizes the problems with the registry, and they’re trying to plot a path out of the morass with .Net and other ideas, but it will be a long road due to the amount of third party s/w that now reads and writes the registry.

Windows 7 is improved, but if I had to run a system where I needed real security, Windows would be last on my list of operating systems. Unix (and derivatives, such as OS X) would not be #1. VMS would be my first choice, followed by secured versions of Unix, such as OpenBSD, FreeBSD, SunOS, etc, followed by less secure Unix variants (Linux, OS X) and then, at the bottom, I’d put Windows server editions. The problem IMO in Unix (and variants) is that there are three levels of privilege: super-user/SUID, group ID and lowly user. Under a system like VMS, I have lots of priv bits - so I don’t need to give a program god-like powers when all it needs is a very narrow level of privilege elevation. I can set up a program with these narrow priv’s and that’s it.

As for the future of Windows: I think that Windows has unprecedented competition now. There is a new paradigm of computing gaining ground for users, and that’s the smart phone/iPad-like widgets with WiFi and wireless data plans that are going to increasingly cause users to leave their desktops behind. That increasingly takes the issue of Windows’ installed base of desktop applications off the table (the strength behind Windows is the breadth and investment in applications, not the OS itself) and now leaves MSFT on a more level playing field with Google’s Android and Apple’s iOS.

Microsoft doesn’t win so easily on level playing fields.

The expression is intended to suggest that proprietary software is more secure by virtue of its closed nature. If hackers can't see the code, then it's harder for them to create exploits for it--or so the thinking goes.

A Trojan Horse made out of glass would be useless, and open source means that all the planks needed for building one are glass.

There's more to security vulnerabilities than market dominance. Windows, at its heart of hearts, is a glorified DOS shell that was never intended to be secure because the only way into the system was through the PS-2 keyboard and CRT monitor.

Its security efforts amount to layers of band-aids over this fundamental design flaw, and band-aids over the band-aids. The DoD basic security configuration guide for Windows is about 135 pages long, because of the incredible Rube-Goldberg nature of the Windows registry and the DLL-blob of an OS which it governs.

Windows:

Linux:

Okay, okay, this is probably an exaggeration, but not by too much.