A few days ago Google announced that its employees would stop using Windows, claiming that Windows had some important security holes. As we have already seen, although this is true, it may be a business strategyHowever, this decision left me wondering: what makes Linux more secure? Any Linux user realizes that it is much more secure ... it feels more secure than Windows. But how to explain that "feeling"? This post is the fruit of several hours of reflection and research on the internet. If you still use Windows and you want to know why Linux is more secure or if you are a Linux user who enjoys its honey and you want to know what makes Linux a better system in terms of security, I recommend that you read this post carefully. It is long but it is worth it.
Introduction: what is security?
Many people believe that it is correct to say that a product is safe, so for example, Windows is more secure than Linux, Firefox more secure than IE, etc. This is partially true. Actually, security is not a product, something that comes already armed and to go. Rather, it is a process in which the user plays a central role. In other words, security is a state that must be actively maintained through proper and responsible interaction between the user and the installed software and / or operating system.
No software or operating system is capable of providing any type of security if the administrator puts stupid passwords like "123", or if he does not take the necessary precautions. That said, it is true that some programs and OS are more secure than others in that they have fewer "holes" or vulnerabilities, update faster and, in general terms, make life more difficult for attackers.
It is in this sense that we can say, for example, that Linux is more secure than Windows. Now, what is it that makes Linux more difficult to break? Well, one answer that I have read and listened to ad nauseam has to do with «security through darkness"Or" security by darkness. " Basically, what many so-called "security experts" argue when asked why Linux is more secure is that since most of the OS market is in the hands of Microsoft Windows, and bad hackers want to do as much damage as possible, then they point to Windows. Most hackers want to steal as much information as possible or take some action that sets them apart from the rest and gives them "prestige" within their circle. To the extent that Windows is the most used OS, they make every effort to create hacks and viruses that affect that OS, leaving aside the others.
It seems very important to highlight that Today practically no one questions that Linux is indeed more secure than Windows. Where the so-called "experts" are wrong is in the rationale, this is why I sat down to write this article.
The "experts", as I said, only rely on mere statistical data to explain why Linux is more secure: there are fewer viruses and malware for Linux compared to the huge number for Windows. Ergo, Linux is more secure ... for now. Of course, by basing all their argumentation on this mere data, as more users switch to Linux, bad hackers are going to focus more and more on creating malicious utilities and tools to exploit each and every one of Linux's vulnerabilities. . It is simply a system of incentives, which would make it more attractive for hackers to develop viruses and malware for Linux as it becomes more and more popular. The supposed security of Linux, if we agree with the analysis of the "experts", would be a big lie. Linux would not be safe if not used by few people. Nothing else ... I believe, instead, that the greater security that Linux provides is based on some fundamental aspects of its design and structure.
Another statistic is enough to begin to realize that the "experts" know nothing. The Apache web server (a web server is a program that is hosted on a remote computer that hosts and sends the pages to your web browser when you, the visitor, request access to those pages), which is free software and generally runs under Linux , it has the largest market share (much higher than Microsoft's IIS server) yet it suffers far fewer attacks and has fewer vulnerabilities than Microsoft's counterpart. In other words, In the world of servers where history is reversed (Linux + Apache have the largest market share), Linux has proven to be more secure than Windows. The world's largest software companies, more ambitious scientific projectsEven the most important governments all choose Linux to store and protect the information on their servers and more and more are those who are starting to choose it as a desktop system. What are you going to choose?
Top 10 Features That Make Linux Very Secure
In contrast to the flimsy cardboard scrap that you can hopefully get your Linux CD in (I'm thinking of an Ubuntu, for example), the Windows CD typically comes in a small plastic box that is hermetically sealed and that it has a highly visible label that eagerly asks you to comply with the terms of the license that accompanies the CD and that you will probably find in the neat cardboard box in which everything came packaged. This security seal is designed to prevent worms from breaching the plastic case of your CD and infecting your copy of Windows before it is actually installed, which is an important precaution and an invaluable security asset.
Clearly Windows has an advantage over Linux when it comes to the physical security of its copies (haha), but what happens once we install it? What are the 10 features that make Linux more secure than Windows?
1. It is an advanced multi-user system
To the extent that Linux is based on Unix, originally intended for use in networks, some of its important advantages in relation to security over Windows are explained. The user with the most privileges on Linux is the administrator; it can do anything in the OS. All other users do not get as many permissions as root or administrator. For this reason, in case of being infected by a virus while a common user is logged in, only those portions of the OS to which that user has access will be infected. Consequently, the maximum damage that this virus could cause is to alter or steal user files and settings without seriously affecting the operation of the OS as a whole. In addition, the administrator would be able to eliminate the virus easily.
Once the installation of any Linux distro is finished, we are asked to create a root and a common user. This total lack of security that involves the creation of more than one user per computer is the cause of its low popularity. Ha! No, seriously, this is one of the reasons Linux is more secure.
In comparison, for example in Windows XP, user applications such as Internet Explorer have access to the entire operating system. That is, suppose IE goes crazy and wants to delete critical files from the system ... well, it could do it without problems and without the user knowing anything. In Linux, however, the user would have to explicitly configure the application to run as root to introduce the same level of vulnerability. The same happens with the users themselves. Suppose a person sits at my WinXP computer. Go to C: Windows and delete everything. It does not happen orange. You can do it without problems. Sure, problems will come next time you try to start the system. In Windows the user and whatever program he installs have access to do practically anything in the OS. In Linux this does not happen. Linux uses intelligent privilege management whereby whenever the user wants to do something that exceeds his privileges, the root password will be requested.
Yes, it is annoying ... but it is what makes it safe. You have to write the blessed password every time you want to do something that could potentially affect the security of the system. This is more secure because "ordinary" users do not have access to install programs, run system calls, edit system files, change critical system settings, and so on.
From the beginning, Linux was designed as a multi-user system. Even now, Windows' most important weaknesses are related to its origins as a standalone, 1-user system. The downside of the Windows way of doing things is that there are no layers of security. That is, a high-level application, such as an Internet browser or a word processor, is linked and can access the lower layers of the operating system, with which the smallest vulnerability can expose the entire operating system.
Since Windows Vista, the User Account Control (UAC) was introduced in Windows, which means that every time you want to run a program or perform a potentially dangerous task, the administrator password is required. However, without counting the fact that at least here in Argentina almost everyone continues to use WinXP for its convenience and ease, most of the Win7 or Win Vista users always log in as administrators or grant administrator rights to their users. . In doing so, each time they want to perform any of these "dangerous" tasks, the system will simply display a dialog box that the user must accept or reject. Anyone who sits at your desk and / or takes over your machine automatically has administrator privileges to do whatever they are told. For a complete comparison between UAC and su, sudo, gksudo, etc. I recommend reading this Wikipedia article.
2. Best default settings
For its part, the default settings on all Linux distros are much more secure than the default settings for Windows. This point is closely related to the previous one: in all Linux distros the user has limited privileges, while in Windows almost always the user has administrator privileges. Changing these settings is very easy on Linux and a bit tricky on Windows.
Of course, any of these can be configured in such a way as to make it an insecure system (when running everything as root in Linux, for example) and Windows Vista or Windows 7 (which, by the way, copied some of these features from Linux and Unix ) could be better configured to make them more secure and run under a more restricted account than the administrator. However, in reality this does not happen. Most Windows users have administrator privileges ... that's the most convenient.
3. Linux is much more "insurable"
To the extent that security, as we saw at the beginning, is not a state but a process, even more important than coming "from the factory" with a better default configuration is being able to give the user enough freedom to adapt the levels of security. security to your needs. This is what I call "insurability." In this sense, Linux is not only recognized for its enormous flexibility but also for allowing security settings that would be impossible to achieve in Windows. This is precisely the reason why large companies choose Linux to manage their web servers.
It may sound very "zen", but this situation reminds me of an anecdote that someone once told me. I don't know if it still happens but they told me that in China people paid the doctor when he was good and stopped when he was bad. That is to say, the opposite of what we do in "Western society." Something similar happens here. In Windows there is a huge market for security, but it is essentially based on controlling or reducing the effects and not the causes that make Windows an insecure system. In Linux, on the other hand, an intermediate or advanced user can configure the system in such a way that it is practically impenetrable without implying the installation of an antivirus, antispyware, etc. In other words, in Linux the focus is on the causes, that is, on the configurations that make a system more secure; whereas in Windows the accent (and the business) is put in the consequences of a possible infection.
4. No executable files or registry
In Windows, malicious programs are generally executable files that, after tricking the user or bypassing their control, run and infect the machine. Once this happened it is very difficult to remove them since, in case we can find and eliminate it, it can be replicated and can even save configurations in it. Windows' register that allow it to "revive." In Linux, however, there are no executable files in the "Windows" sense of the word. In reality, executability is a property of any file (regardless of its extension), which can be granted by the administrator or the user who created it. By default, no file is executable unless one of these users so establishes it. This means that in order for a virus to reproduce through e-mail, for example, the user who receives the virus would have to save the attachment on their machine, grant execute rights to the file, and finally execute it. The process, obviously, is complicated, especially for the less experienced user.
Also, Linux uses configuration files instead of a centralized registry. The phrase that says that in Linux everything is a file is known. This decentralization, which makes it possible to avoid the creation of a huge hyper-complex and entangled database, greatly facilitates the elimination and detection of malicious programs, as well as making them difficult to reproduce, considering that a normal user cannot edit system files.
5. Better tools to combat zero-day attacks
It is not always enough to have all the software updated. Zero-day attacks (an attack that exploits vulnerabilities that the software developers themselves are still unaware of) are becoming more and more common. A study has shown that it takes only six days for crackers to develop malicious software that exploits these vulnerabilities, while it takes developers months to detect these holes and release the necessary patches. For this reason, a sensitive security policy always takes into account the possibility of zero-day attacks. Windows XP does not have such a provision. Vista, in protected mode, while useful, provides only limited protection against IE attacks. In contrast, the protection provided by AppArmor or SELinux is vastly superior, providing very "fine" protection against any type of remote code execution attempt. For this reason, it is increasingly common for Linux distros to come with AppArmor (SuSE, Ubuntu, etc.) or SELinux (Fedora, Debian, etc.) by default. In other cases, they can be easily downloaded from the repositories.
6. Linux is a modular system
Linux's modular design allows you to remove any component from your system if necessary. In Linux, you could say that everything is a program. There is a little program that manages the windows, another that manages the logins, another that is in charge of the sound, another of the video, another to show a desktop panel, another that works as a dock, etc. Finally, like the pieces of a layman, they all make up the desktop system that we know and use daily. Windows, on the other hand, is a huge concrete block. It is a bodoque that is very difficult to disassemble. Thus, for example, in case you suspect that Windows Explorer has a security flaw, you will not be able to remove it and replace it with another.
7. Linux is free software
Yes, this is definitely one of the most important reasons why Linux is a much more secure OS than Windows because first of all users can know exactly what the programs that make up the OS are doing and, in case of detecting a vulnerability or irregularity , they can fix it instantly without waiting for a patch, update, or service pack. Anyone can edit the Linux source code and / or the programs that compose it, eliminate the security breach and share it with the rest of the users. In addition to being a more supportive system, which encourages the participation and curiosity of users, it is much more practical when it comes to solving security holes. More eyes allow faster detection and resolution of problems. In other words, there are fewer security holes and patches are released faster than in Windows.
In addition, Linux users are much less exposed to spyware programs and / or any other program that collects user information in a hidden or misleading way. In Windows, we do not have to wait to be infected with a malicious program to suffer this type of information theft; there is evidence that Microsoft itself and even other well-known programs made by other companies, have acquired information without the consent of users. Specifically, Microsoft is accused to use confusingly named software, such as Windows Genuine Advantage, to inspect the contents of users' hard drives. The license agreement included in Windows requires users to agree to this condition before using Windows and affirms Microsoft's right to do such inspections without notifying users. Ultimately, to the extent that most Windows software is proprietary and closed, all Windows users and software developers for that OS depend on Microsoft to fix the most serious security gaps. Unfortunately, Microsoft has its own security interests, which are not necessarily the same as those of users.
There is a myth that with its source code being publicly available, Linux and all free software programs that run under Linux are more vulnerable because hackers can see how they work, find security holes more easily, and take advantage of them. This belief is closely linked to the other myth that we took care to undo at the beginning of the article: darkness brings security. This is false. Any really serious security expert knows that the "darkness", in this case due to being closed source software, makes it difficult for developers to detect security breaches, as well as making it difficult to report and detect these breaches by users.
8. Repositories = bye cracks, serials, etc.
The fact that Linux and most of the applications that are written to run on it are already free software, in and of itself, is a huge advantage. However, if this were not combined with the fact that all this software is available for download and installation from a centralized and secure source, its comparative advantage over Windows would probably not be so great.
All Linux users know that when installing Linux we automatically forget to look for serials and cracks that, on the other hand, force us to navigate through insecure or deliberately designed sites to make users fall and play with their needs. Nor do we need the installation of any crack, which many times have a virus or malware hidden there. Instead, we do have, depending on the distro we use, a series of repositories from which we download and install the program we need with a simple click. Yes, it's that easy and safe!
Right from the very first steps of Windows installation, it shows its vast superiority in terms of security. As the installation process begins, the user is insisted on entering a serial number before continuing. Without this vital information, the user cannot continue with the installation. Fortunately, most Windows users still don't know that a quick Google search can give you access to thousands of serials, so this piece of information is the most powerful defense against unwanted back-doors. Yes ... it's a joke. 🙂 What security does a system provide that can be cracked and compromised so that the serial entry can be avoided, the only means through which Microsoft ensures that users pay for their copies? It's such a bad OS that they can't even (nor do they want?) make it invulnerable so that everyone pays for their copies.
9. 1, 2, 3… Updating
If you are like most of the people I know, you use WinXP. The first XP came with IE 6 (August 2001), XP with service pack 1 came with IE 6 SP1 (September 2002), and XP SP2 came with IE 6 SP2 (August 2004). In other words, at best you are using a browser that was developed almost 6 years ago. There is no need to explain the enormity this means in terms of software development. In those years not only were thousands of vulnerabilities detected and exploited to WinXP but also to the browser that it uses by default.
In Linux the question is quite different. It is much more secure than Windows because it is constantly being updated. Thanks to the fact that Linux is a modular system, developed as free software and that it has a repository system for managing updates and installing new programs, keeping up to date is nonsense. From the internet explorer to the most remote little program that manages user privileges or the management of windows, etc., going through the kernel and the necessary drivers for the operation of the system, everything is updated much faster and easier than in Windows.
Precisely, in Windows, updates are made once a month. Sure, that's if you didn't deactivate them, either because they were annoying to you, because they consumed part of your bandwidth or simply because of fear that Microsoft would somehow detect your illegal copy. But that is not the worst. The update of each one of the applications is independent, this means that Windows does not take care of updating them, each one of them has to take care of it. As we well know, many do not have the option to check for updates. It is the user who has to worry about finding out about the release of a new version, the download and the subsequent update (always with the fear of not knowing if they have to delete the previous version or not).
10. Diversity, blessed are you among all
Windows users are used to Microsoft telling them which program to use for what. In this way, the use of the system is supposed to be easier, common standards are created, compatibility is facilitated, and so on. Anyway, all of this has proven to be false. On the contrary, it has merely contributed to uniformity and leadership from above, as if it were a dictatorship. This homogeneity has made it much easier for attackers to detect vulnerabilities and write malicious programs to exploit them.
In comparison, in Linux there are an infinite number of distributions with different configurations, system paths, package management systems (some use .deb, others .rpm, etc.), management programs for all system activities, etc. This heterogeneity makes it extremely difficult to develop viruses that have a broad impact, as is possible in Windows.
Linux naysayers say more distributions equate to a higher error proneness and consequently higher security vulnerabilities. This, in principle, could be true. However, as we've just seen, this is more than offset by the fact that those vulnerabilities are harder to exploit and end up affecting fewer people. Ultimately, the incentives for hackers to write malicious software that affects these systems is significantly reduced.
Yapa. Linux programs are less vulnerable than their Windows counterparts
This is something that, in a way, I already mentioned when developing some of the other points but it seemed important to highlight it as a separate point. Software for Linux is safer and less vulnerable than its counterpart for Windows for several of the aspects that also characterize Linux: it is free software, it is updated much faster, it is obtained through repositories, there is a huge diversity of programs , etc. In other words, both in their design and development and in their distribution and execution, Linux programs provide greater security advantages.
Very interesting…
Interesting your comments. I agree with some. Others I would like to think about and try a little more.
Ultimately, we agree that Linux is not an invulnerable system and that it has a lot to improve. Of course I think that, even so, it is a better system, as far as security is concerned, than Win.
Thank you for taking the time to write and discuss. It has been very helpful indeed.
A big hug! Paul.
In order not to come across as crazy regarding the beginnings of Unix, I am giving you a page where you can read it yourself. It is very very interesting and shows how much we owe to that great company that was Digital Equipment Corporation (DEC).
http://www.faqs.org/docs/artu/ch02s01.html
I highlight 2 parts. The first is where he talks about the beginnings of Unix as a support platform to play a Multics game:
«When Bell Labs withdrew from the Multics research consortium, Ken Thompson was left with some Multics-inspired ideas about how to build a file system. He was also left without a machine on which to play a game he had written called Space Travel, a science-fiction simulation that involved navigating a rocket through the solar system. Unix began its life on a scavenged PDP-7 minicomputer [14] like the one shown in Figure 2.1, as a platform for the Space Travel game and a testbed for Thompson's ideas about operating system design.«
The second is where he talks about the relationship of Unix with ARPANET and TCP / IP, which did not come until 1980, more than 10 years after the "birth" of Unix. That is why I was telling you that Unix was not created with networking capabilities in mind, but was actually selected by DARPA to develop TCP / IP because it was, at the time, open source. The products mentioned (VAX and PDP-10) are all from DEC.
«Then, in 1980, the Defense Advanced Research Projects Agency needed a team to implement its brand-new TCP / IP protocol stack on the VAX under Unix. The PDP-10s that powered the ARPANET at that time were aging, and indications that DEC might be forced to cancel the 10 in order to support the VAX were already in the air. DARPA considered contracting DEC to implement TCP / IP, but rejected that idea because they were concerned that DEC might not be responsive to requests for changes in their proprietary VAX / VMS operating system [Libes-Ressler]. Instead, DARPA chose Berkeley Unix as a platform - explicitly because its source code was available and unencumbered [Leonard].«
Greetings,
Arch
You do not need to be a computer science genius to be a Linux user, I know how to use it with commands, downloadable files and repositories, so far it has given me complete security, it is working day and night to make it more secure that is why improvements in the kernel and new releases are made, one of the strengths of linux compared to windows is that there are people who do not rest to improve and update it, so any virus designed for linux would be obsolete in a matter of a short time
very good article, here the criterion on security is well articulated, I really liked the writing of this document, congratulations! a greeting.
This is an article that all software curious, who want to look beyond redmond should read. Really my congratulations.
Security is one of the greatest strengths of a Gnu / linux system, as this type of information spreads among people and companies, we will keep our information more secure (which in the end that is what is intended)
But these security holes, in addition to coming from a poorly built operating system, where they do not want to solve security problems, we can ask ourselves, what reason would a company have for not making its product more secure? You've already stated the reason: they get more money this way, the antivirus business is billionaire, and Microsoft is sure to get a big slice of the cake.
We can see that the companies that offer software obtain great returns by allowing their software to be cracked, a tactic used by Autodesk, Adobe, Symantec, Kapersky (all antivirus) and of course Microsoft, since piracy has greatly helped to They become "standard" to your product. I can't imagine that AutoCAD would be the most popular computer-aided design program on the planet if all its users had to pay the $ 65000 Mexican pesos that the program costs more or less, obviously they make their software insecure so that they reach their «possible »Clients, the same happens with Photoshop or any program that needs crack. What happens is that their calculated gaps are then exploited by third parties.
Everything is money, because no matter how many disadvantages a closed software has, it is impossible to continue making such glaring mistakes that they so easily violate systems ... or I'm flat out wrong and Microsoft really can't deliver a system that doesn't break in ten minutes of internet without antivirus.
Excellent article! I am a Linux user and I couldn't agree more with what you say. I use Microsoft's system less and less, and when I do it is because of the need to use a program that is not available in Windows (Wine slows down my computer a lot, so I don't use it). It seems to me that there is a general prejudice against Linux based on the fact that it is a difficult system to use (Ubuntu seems very simple to me). If this were denied and people were encouraged to install it on their computers, I think the problem of lack of software that I mentioned before would be completely solved.
good article!
That's only 50%, but if you have a poorly programmed system exposed to the web, forget it! They will nail you whole I work in pen test and I tell you the worst holes of applications made full of sql injections, cross scriptiong are the ones that run the PHP / Apache / Linux combination, do not sell the story that if my application runs on Linux it is safe since that is what 99% of programmers think ... and 99.9% of users ... has SSL, I'm super.
Hello, I liked your comment you made regarding security in operating systems, I would like to know if you have a website that talks about it, thank you ...
If in fact you had already read it, very good information is very much appreciated
The article explains exactly that point you ask.
I have a question that is still not clear to me, why if Linux is free software and its source code can be modified and seen by anyone, why say that despite this it is safe?
When you know the code of a program, you are more sure that there are less spyware ...
Your answer is above
Your comments seem very successful to me, very good article, I have been a follower of these pages for less than a year and I congratulate you on the development of it
regards
Thank you!
Hug! Paul.
Very good and detailed article, with your permission I share it. Thank you.
Yes of course go ahead. 🙂
very good data Pablo !!
I really liked your article 😀
I am a win user but I want to migrate to linux for a long time and although I am still in doubt about the compatibility of software etc. I will keep a small partition for win and reading this type of information only motivates me to dedicate myself to linux and take pleasure in it.
Congratulations!!
Thanks Diego! I'm glad you liked it.
A hug! Paul.
very good article
Linux is safe because it is a waste of time to make a virus for this system, hardly anyone uses it.
Erroneous linux viruses do not work for these reasons
A virus needs to run or together with a program or rather it needs to be activated.
In Linux, each program that you use each file that you pass or copies or a program that you will save and open it again, even if you use it as a root user, go through a fucking record, this record, the program has to show a license from whoever designed it until what it does and even does it with all this, the registry makes a complete scan where it detects it as a useless file, if it says it deletes it worse still, no program or file has rights to this registry because nobody can activate it if the registry is not This registration is complex.
2- Linux has a policeman that you don't know but he is always present if he detects that a program does not comply or wants to download it, he is only screwed because he will give him three slaps and does not allow him to pass
Almost no one uses it, true, well ... not so true.
13% of the web servers are Windows, the rest practically Linux, using Microsoft-IIS, I would like to know the statistics for other services that are not web ...
All Android devices have a Linux kernel.
On user computers, Windows does win, but I think that a virus would damage more where there is more sensitive data, that is, on your mobile for example, or on a server than on your pc with 4 photos and 4 pdfs ...
Yes, it is true that it is a waste of time to make a virus for Linux, on the one hand it has fewer security holes, and on the other they are fixed faster, especially if there is a virus circulating ...
P.S
- Linux uses 9 bits per file or directory for user, group and guest permissions (read, write and execute).
- Windows uses 3 bits to specify whether the file is hidden, system, or read-only.
interesting post
watch this ubuntu touch video
http://www.youtube.com/watch?v=DQVECrVaPVo
Linux has as explained below a registry, a wachiman, a procedure, a root.
Take an android cell phone or tablet you will realize that when you go to settings, suggest, click to accept that android install applications of unknown origin, you break the procedure.
2- when you download something from the pc to the terminal, for example, a game that is not approved by the guachiman, the person has that idea that you have to deactivate it and only with that program because you will have to do it against that does not comply
3- the register that scans the complete program
4 where do you screw it up, what do you do by feeling a great patch game asking for permission to change the behavior of the android and usmiar in the call log and whoever created it is called 123 you put the rope around your neck and I found myself With stacks of programs to if from the google pay store that is where the program can go to the other two but not to the registry and when the registry designs the program as you want to delete a file and the program answers the user, I mean your owner is aware and half permission to do so
I have used Linux for more than 10 years, and I have not been able to separate myself from it, at first normal, some problems with installation of programs, later I needed a program compatible with office, but in the end after trying so hard without failing, I have everything solved, including the office package that I ended up installing on Linux, and without a doubt the great endless list of software that exists for all uses, and that gentlemen that who speaks to you is not a systems engineer, but a business administrator who I end up liking and living on this excellent operating system, excellent information. Regards.
I don't think you know how to use Windows. For example, if we put the security of the user account control (AUC) it asks you to authorize even by looking at the monitor, if we put it on high. Monitors the user and applications. And it also has common users and administrators. You can manage privileges and permissions without question.
I like linux, fart whenever I installed it gave me problems with the drivers. And there is not much software of the type that I need. I have all the intention of using linux, but it is still green. Greetings