You always read folks bragging that Linux, or Unix is so much more secure than Windows. What is your view or experience with this issue?

Recommended Answers

All 31 Replies

If configured and used correctly and kept updated with patches then i think they are the same. A well configured windows system and some common sense can be very secure but "out of the box" i would hazard a guess that maybe UNIX based systems are more secure

I don't know how both OS's are built internally, but I feel just about the same amount of "safety" when using Vista as when I use Ubuntu. As Bennet says, it sort of really boils down to the user behind the mouse. I know someone who refuses to believe that the porn sites he visits are the cause for the tons of malware on his XP system, because "I used this same site before and nothing happened."

You really can't ignore the fact that there are *zero* currently effective (e.g working) Linux viruses and thousands of windows ones. One Linux and UNIX, you really just have to worry about being attacked, in which you are actually a more diserable target.

>What is your view or experience with this issue?
Linux and Unix users tend not to run as a super user. Windows users almost always run as an administrator. The security debate is already skewed in favor of Unix/Linux because if you don't run as a super user, you've effectively eliminated the threats that any practical security suite would protect you from.

Security: blanket and thumb.

Totally virus-proof computer: Tandy Color Computer. The OS is in ROM, so it can't be compromised.

Totally virus-proof computer: Tandy Color Computer. The OS is in ROM, so it can't be compromised.

WRONG.

No computer can ever be 100% secure. There could be backdoors in the OS and secondly, if a malious party had physical access, they could modofy the ROM.

it all depends on the user..

I think hackers prefer to write viruses for windows since vast majority of common people use windows and windows is all the same everywhere .unlike linux and unix

theres actually not that many official UNIX variants (by that i mean the ones legally allowed to call themselves UNIX and not unix-like). only ones currently in major usage are AIX, OSX, Z/os, HP/UX and Solaris

You really can't ignore the fact that there are *zero* currently effective (e.g working) Linux viruses and thousands of windows ones. One Linux and UNIX, you really just have to worry about being attacked, in which you are actually a more diserable target.

I'm so glad you brought this up. While I will acquiesce that there are few viruses in the wild against *nix systems relative to Windows (which we might discuss later in this thread :icon_twisted:), that's not to say that the system is more secure. As coincidence would have it, today I happened upon an old blog post that you may find a little surprising (obviously, take it with a grain of salt, but the numbers are somewhat impressive): link
[edit:] for some humor, here's a response from a pro-Redhat perspective: link :D

That said, the OS itself is getting to be a very secure bit of code. It's the apps on top of it that contain most of the exploitable code. And to make matters worse, by some estimates, over 1/2 of the attacks on the Internet today aren't even code related. User education is [currently] perhaps the most effective security investment today (though hard to market...)

Totally virus-proof computer: Tandy Color Computer. The OS is in ROM, so it can't be compromised.

The only totally secure computer is the one you put into a strong safe, with no power or data connections. Weld the safe shut, toss the safe into a deep, deep part of the ocean.

Everything else is vulnerable, in some way, to some form of compromise.

jbennett you're forgetting about BSD

FreeBSD isnt certified as conformintg to the Single Unix Specification. Its non-certification means ti cannot call itself UNIX (UNIX is a trademark owned by the Open Group)

well, there are only two basic posix-ish OSs - linux and unix. and BSD isn't linux.

FreeBSD and linux are both defined as UNIX-Like

Older versions of Windows NT was POSIX and OS/2 compliant via subsystems and more recent versions use " Services for Unix " (these versions are server 2003 and vista ultimate)

what do those have to do with unix versions?

what do those have to do with unix versions?

read the post!

there are only two basic posix-ish OSs - linux and unix

That was what it was about. NT is POSIX

no way, NT was posix compliant, not posix.

what you just said makes no sense

POSIX is a standard. Older NT is POSIX certified. Newer NTs are mostly POSIX-compatible

According to Wikipedia, these are the only operating systems that conform to one of the official Unix specifications (found here): AIX, HP/UX, Mac OS X, SCO, Solaris, Tru64 Unix, z/OS, NCR Unix and NEC UX. Anything beyond that can be considered a clone.

As far as POSIX goes, Windows NT, Windows Vista Enterprise and Ultimate are indeed POSIX-compliant with the help of Microsoft Windows Services For Unix. The irony of this is that neither Linux nor BSD are officially POSIX-compliant (although they try to adhere to the standards for the most part).

>The irony of this is that neither Linux nor BSD are officially POSIX-compliant (although they try to adhere to the standards for the most part).

It should be noted that the reason Linux nor BSD are POSIX compliant is due to their extremely rapid development and release cycle.

yes. Certification would be expensive

Wanna avoid ALL threat of a security attack? Write your own O.S. With zero installed base, I promise nobody will attack it; promise.

Wanna buy a system that is cheap, has oodles of software that is cheap/free, and doesn't require any technical knowledge to use? Preditors lie in wait.

Place your bet.

Wanna avoid ALL threat of a security attack?

pull the modem cable out :)

pull the modem cable out :)

That would resolve all internet based attacks, but if the computer can be physically compromised then it's still not "completely secure." :P

oh yeah, I forgot to mention locking it in a safe, spilling molted led ovet that safe and launching it into the sun so no hackers will get their hands on it :D

Wanna avoid ALL threat of a security attack? Write your own O.S. With zero installed base, I promise nobody will attack it; promise.

Wanna buy a system that is cheap, has oodles of software that is cheap/free, and doesn't require any technical knowledge to use? Preditors lie in wait.

Place your bet.

Making the assumption that this custom OS will be binary compatible with other commonplace OSs (just for the sake of allowing the user to have some software), there will still be attacks on either the installed software or simply on the user's gullibility, or maybe other attacks like DNS cache poisoning, where it doesn't matter what computer the user is running.

oh yeah, I forgot to mention locking it in a safe, spilling molted led ovet that safe and launching it into the sun so no hackers will get their hands on it :D

Perfect! Now we have a workable security system... some usability issues to work out in the future, but it'll be secure :D

pull the modem cable out :)

Don't forget WiFi, Ethernet, and anything "removable", as well as any installs that you can not personally certify are original unadulturated source of code written by someone you trust with your life and stored on a system you trust with your life with a complete chain-of-transfer that you trust with your life; oh, and good judgement on your part.

Do this successfully, and you are good as gold.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.