Posted on 10/31/2008 11:14:46 AM PDT by Ernest_at_the_Beach
As promised, this is an article about why Linux is inherently more secure than Windows. I don’t promise that it’s 100% accurate down to the last detail; in fact, I have purposely simplified many details, and left out some more complex topics. I apologise about the length, too; it’s rather long, but I hope it’s interesting reading for people who are new to Linux as well as those who have not properly tried the Linux platform yet.
———-
In an earlier article “How to get down off an elephant”, I described why
Windows viruses don’t infect Linux systems, and why you don’t need to
worry about viruses when you move to Linux. Quite rightly I got picked
up on what I didn’t mention: Viruses written for Linux.
In this article, I’ll explain why Linux viruses are so few and far
between, and why they are really not worth worrying about at this time.
There are always people around who will claim that the only reason why
there are so few (no?) Linux viruses is because Linux isn’t particularly
wide-spread. They say that if Linux was as popular as Windows, then
there would be as many Linux viruses as there are currently Windows
ones.
I would combat that allegation. Linux is very widely used on
Internet-facing servers. As such, it is the guardian of credit card
details, passwords, social security numbers, and even industrial
secrets. What would be more valuable: Pulling information from a
desktop computer containing Granny’s shopping list, or intercepting a million
credit card numbers being sent from ATMs to a Linux server? Or finding
the blueprints of Boeing’s latest wing design, to sell to
Lockheed-Martin or Airbus?
(Excerpt) Read more at bigbolshevik.blog.friendster.com ...
Anybody who globally states "Windows sucks" or "Linux sucks" doesn't know enough about computers to comment.
And if you want security, go with SOLARIS and forget those silly linux distros.
It's not so much faith as it is noticing that the advertising department at Apple has paid attention to reality.
My reaction to most of the Apple Mac-vs-PC ads is, "Ha! Somebody else finally gets it!"
LOL
Try Cisco IOS and real UNIX.
That's a matter of opinion. IMHO it depends on your pov and circumstances. If the fact that you're locked into that hardware platform and vendor doesn't matter to you, then they didn't neglect to tell you anything relevant. Otherwise, not so much.
Bah, Solaris reeks with security problems.
If you REALLY want security, you use OSF/1.
On commodity hardware use OpenBSD.
I agree about the vendor lock-in, but the new Macs are all Intel machines. It's higher-end hardware, but still commodity hardware.
That is one way of looking at it, however in order to begin an assessment of how secure a system is you need to make a risk assessment. Another way of looking at your example is what is at risk on grandmas computer? How does grandma use her computer? Once those questions are answered then an realistic solution to grandma’s risk can be ascertained. Grandma’s computer doesn’t need the level of security as say a computer used for storing and processing classified information on a DOD network, so Grandma can “get away with†a less secure system. What makes Microsoft so “insecure†is what makes it so marketable....grandma can figure out how to use it and not have to pay some techie to load a new printer.....Security is and should be assessed based on risk. It is a balance between acceptable risk mitigation vs the users ability to do work....Unplug a system, box everything up and store it in a locked room and you have a secure system...that no one can use. A better way to view it is as what was stated in a prior post...what OS can be USED that provides the BEST security (least vulnerabilities) for the given RISK level....And what are the expenses (mitigation costs) in order to make the system usable at an acceptable risk level....Risk mitigation must be viewed in a layered approach...both in the elimination of processing tasks (applications, services, drivers, ect) and hardening those that are needed.....One can not put all the eggs in the OS basket IF security is of greater concern than a home PC....and a home pc does not require a higher level of security offered out side of the current Microsoft systems....so it boils down to personal preference on a home PC,
I'd say it's more like proprietary hardware built with commodity components. A "commodity" PC is OS agnostic. A Mac is designed to disallow running anything but an OS from Apple.
The only thing proprietary about the new Macs is it uses the Extensible Firmware Interface instead of the standard PC BIOS. And EFI really isn't proprietary. It's a well-documented standard that PC manufacturers will likely be using in the future.
A "commodity" PC is OS agnostic
So is a Mac.
A Mac is designed to disallow running anything but an OS from Apple.
Really? You might want to tell that to Apple.
You seem to have fallen victim to common Mac myths.
Macs have been easier to use than Windows machines for years.
The newer versions of Linux are just as easy to use as a Windows machine.
Windows is not secure because of poor design. It's possible to be secure and be usable and marketable. Microsoft isn't willing to invest the resources needed to make that happen.
Apparently I was mistaken. But the whole point of having the OS vendor control the hardware is to enable them to optimize the OS for a known and limited set of variables, and you’re going to pay a premium for that integration. Installing another OS on that platform effectively negates that advantage and the additional cost was for naught.
Am I supposed to be able to get past the opening lines of that chapter?
X Windows is the Iran-Contra of graphical user interfaces: a tragedy of political compromises, entangled alliances, marketing hype, and just plain greed. X Windows is to memory as Ronald Reagan was to money.
Also, the chapter on C++ is full of complete nonsense (and I'm not a terribly big fan of C++, I just happen to know it very well)
Oh, I just realized that the book is copyright 1994, so ...
It's a good read.
No, its a complete waste of time.
Oh come on, what? Like anything significant has changed in computers since 1994!
Now on to more important matters, I think Microsoft has some work to do on this Windows For Workgroups 3.11. WFW is to preemptive multi-tasking what Democratic Congressmen are to checkbook balancing.
Hmm, yes, the proverbial grandma... Lets see, my sixty year old mother, a grandma four times over, has been running Linux on her home system for two years now. Her usage consists of email, web browsing, photo scanning, digital photo entry, management and simple editing with Picassa, simple desktop publishing and word processing through OpenOffice, playing grandma type games, Google Earth, and managing her checkbook. She's burned some music CDs but it doesn't really call to her.
I used to say that Linux was as easy for a new user to learn as it was to learn Windows, but it occurred to me that I never had to train her to update her virus scanner, AdAware, Spybot, ZoneAlarm, and Windows each week before running the scanner, AdAware and Spybot, and to tell me when the virus scanner app was getting ready to expire like I did when she was learning Windows. Now I say its easier to teach new users Linux.
Slackware 11.0.0 bump!
Well, X was designed from the outset as a distributed network system that just happens to use windowed views. It was never really envisioned nor intended as the user interface, which is why so many windows handlers exist. If you haven't found one you like, you haven't been looking. There are at least a dozen available.
Mark
You know, that gives me an idea... I've got a copy of DesqView/X, still in the box, in my basement... And I've got an ancient 486 system with 32MB of RAM that still boots... I'll bet I could load up MS-DOS 6.22 on it and use it as an Xterm...
It would be an interesting experiment to play with, but I'm just too busy for that sort of nonsense right now.
Mark
>>The UNIX-Hater’s Handbook has a chapter on X Windows.
>
>Am I supposed to be able to get past the opening lines of that chapter?
>
> X Windows is the Iran-Contra of graphical user interfaces: a tragedy of political compromises, entangled alliances, marketing hype, and just plain greed. X Windows is to memory as Ronald Reagan was to money.
While Regan’s economic policies were undoubtedly superior to those we have today, they weren’t seen as being great until fairly recently. (2000-ish, IIRC) Also, they aren’t totally the best. (I’m not sure there is an objectively BEST economic policy at that level of government, except the truisms of: don’t spend money you don’t have and don’t think about what you’re spending it on before you do.)
The movie “Lorenzo’s Oil” shows a good example of the downside of Regan’s economic policy; though only tangentially and it’s only one small scene in a very interesting and touching story.
Also, I think that what the authors are trying to convey is that the idea of “throwing more money” (resources) at the problem isn’t going to make up for the bad design choices, which were probably politically motivated on some level. (Inter/intra-corporation politics can get WEIRD.)
>Also, the chapter on C++ is full of complete nonsense (and I’m not a terribly big fan of C++, I just happen to know it very well)
Really? I find it rather accurate. For example the #include scheme of code reuse (literally the same thing as cut-and-pasting the whole file indicated) is the worst possible implementation for the job. (I’ve used Turbo Pascal and Delphi for years, the [precompiled] unit inclusion and smartlinking are lightyears ahead of the C/C++ model. Yes, I know there are C++ precompiled header files, however they fall short of the flexibility of units.)
C++ syntax regarding pointers is horrible. In all honesty it’s the popularity of C/C++ and how horrid their Byzantine nature of handling of pointers are that make pointers ‘a bad thing’ in some CS circles.
Also, the syntax makes it absurdly easy to screw yourself. All the little features that people claim to be efficient because they make compact code are usually the ones that encourage sloppy programming practice.
Consider:
a_function()
{ char c, buff[80];
int i = 0;
while ((c = getchar()) != ‘\n’)
buff[i++] = c;
buff[i] = ‘\000’;
do_it(buff);
}
There is no check on length, resulting in ease of buffer overflow. The c = getchar assignment in the while condition leaves no room for checking for an EOF either. This is, objectively speaking, horrible programming practice, and yet it’s supposed to be ‘good’/’efficient’?
>Oh, I just realized that the book is copyright 1994, so ...
So what? Just because it’s old doesn’t mean it’s bad.
>>It’s a good read.
>No, its a complete waste of time.
Oh, come on! You took one look, got huffy over a political difference and then whined and cried over its age!? It’s humor, makes no pretense to be otherwise, and yet there’s a lot of experiential knowledge in that humor.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.
