Jeph Jacques's comics discussion forums

Fun Stuff => CLIKC => Topic started by: nellsen on 16 Sep 2016, 04:21

Title: Linux vs. Windows - Security
Post by: nellsen on 16 Sep 2016, 04:21
People seem to claim that Linux is basically impervious to malware and virus threats, whereas Windows is like some sort of feeding frenzy for hackers and evil-doers. It kinda reminds of how some people always held OSX on a pedastal for security, including Apple themselves, although I haven't heard Apple claim their software is immune to infection for quite a while...
The question is, I'm using Windows and of course face threats from time to time, but would it be worth it to switch to Linux? Is it still true that the lower adoption of Linux equals lower infection rates? Does the fact that there are various strains of Linux protect users better than Windows?

Discuss...  :wink:
Title: Re: Linux vs. Windows - Security
Post by: pwhodges on 16 Sep 2016, 04:55
A fairly recent assessment from a major British AV vendor:
https://blogs.sophos.com/2015/03/26/dont-believe-these-four-myths-about-linux-security/ (https://blogs.sophos.com/2015/03/26/dont-believe-these-four-myths-about-linux-security/)

The worst server compromise I have seen was in a cluster of Linux machines in the rack next to my Windows servers; someone from the security services (who had detected the compromise and alerted him) asked the admin to leave it in place while they tried to trace the source - he refused!  He had to reinstall the whole cluster to fix it.
Title: Re: Linux vs. Windows - Security
Post by: nellsen on 16 Sep 2016, 06:43
Really interesting article, thanks!

Quote
Well, if it is true that Linux distributions (distros for short) have a low market share in the desktop landscape, the same cannot be said for other markets.
In the server landscape, Linux distros have almost 40% of the market share, while they hold a near-monopoly on supercomputers.

I never knew this actually, I just read that in this article as well: https://www.1and1.com/digitalguide/server/know-how/linux-the-cost-effective-alternative-to-windows/ (https://www.1and1.com/digitalguide/server/know-how/linux-the-cost-effective-alternative-to-windows/)
My needs are just personal anyway, but from a general perspective on Linux it does challenge this idea that hackers aren't interested in targeting it... Another point on that, which the above article raised actually:

Quote
Linux distributions have the added bonus of providing free encryption capabilities and the option of limiting user rights. This may help minimize any damage from occurring within a corporate network should a virus accidentally be opened and distributed.

Could this not be done on Windows based servers as well anyway? At least the limiting of user rights.

Sounds like the admin really cut off their nose to spite their face! Why did they refuse?

Title: Re: Linux vs. Windows - Security
Post by: pwhodges on 16 Sep 2016, 09:04
Could this not be done on Windows based servers as well anyway? At least the limiting of user rights.

Windows user rights handling is as comprehensive as *nix's (though the two don't map precisely on each other), except in Home versions where it is simplified.

Quote
Sounds like the admin really cut off their nose to spite their face! Why did they refuse?

They (like me) were handling highly sensitive data (clinical trials), so continuing to operate with a known compromised system was an absolute no-no, even for a good cause.
Title: Re: Linux vs. Windows - Security
Post by: hedgie on 16 Sep 2016, 09:13
I mostly run Linux 'cos I hate Windows and can't afford a Mac, but I'd say from experience that any *nix (including MacOS) *does* require that a savvy user secure their own stuff, but do tend to make it fairly easy.  There is still a balance to be maintained between security and usability.  If I fully locked my system down, for example, I'd have to enter my root password every time I put a DVD into the drive or connected any other sort of external media.  Since I have YaST, locking things down is pretty easy.  Still, my HIDS does send out false positives, since I sometimes (often) forget to update the database when I do system updates.  I also have to be careful when installing things that aren't in the official repos (just installing the package and not adding the repo).  Also, the problems with Flash and such are indeed cross-platform.  I don't allow Flash on any of my systems for that reason, and since mobile is killing it off, it's no real loss.

That said, I've had a couple of friends make the switch due to viruses, and have had no complaint (especially 'cos Netflix doesn't require Pipelight any more).  Then again, they don't use M$ office and do all their gaming on consoles.
Title: Re: Linux vs. Windows - Security
Post by: pwhodges on 16 Sep 2016, 09:29
99% of the problems that occur on Windows could have been prevented by common sense and simple (even free) AV software.  Yes, Windows is still targetted far more than Linux or MacOS, but that's both because it is the commonest system out there, and because it's the one universally used by the people most likely to get caught out.  If you are not one of those people, it is possible to run Windows as securely as the alternatives.