[SC.LUG] Linux vs. Windows Viruses

Rick [Kitty5] rick at kitty5.com
Mon Oct 13 13:44:43 BST 2003


Dr A V Le Blanc wrote:
> Microsoft's security is poor because it was added as an afterthought;
> they really need to rewrite the operating system from the ground up
> with a clear security model in mind from the outset, enforced in
> every detail.  I don't believe they will ever approach that without
> actually making their source freely available.

Open source isn't a prerequisite of security, in MS's case closed source is
most definitely more secure!

Linux also suffers from the security as an afterthought problem, if it was
built with security in mind from the start, why (for example) do we have to
go the trouble of chrooting certain services. IMO the ultimate sticking
plaster solution that in the wrong (yet well meaning) hands offers no more
security than running said service in a normal environment.

> I don't find the instant fixes terribly impressive on either side,
> but I do find the Microsoft approach means that there are bigger,
> more dangerous security holes in their released software than in
> any Linux system to begin with.  So, I believe Linux's security is
> better, and I stand by the claim that it will remain better for
> the foreseeable future.

MS have the advantage in that administrators expect Windows to be insecure,
and if they have any sense, go the extra mile to protect their boxes. OTOH
people assume Linux is more secure, when in reality the out-of-the box
config can sometimes be anything but.

So while Linux is technically capable of better security, real world
perceptions mean it may not get the attention required to attain it.
Security is only as good as your administrator, and one that assumes
anything is just one step away from being 0wned. The choice of operating
system becomes irrelevant.

Rick

Kitty5 NewMedia http://Kitty5.com
POV-Ray News & Resources http://Povray.co.uk
TEL : +44 (01270) 501101 - ICQ : 15776037

PGP Public Key
http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x231E1CEA




More information about the SC mailing list