General and security info about operating systems
Moderator: General Moderators
General and security info about operating systems
Hope it's ok I post this in general discussion.
I want to learn some more about the differences between the major operating systems. In general, and more specifically about their security. These two aspects are related of course. It's often said that UNIX-like systems are inherently more secure. Why? Does anyone have good links to more "objective" resources? Are there independent experts' blogs I should read?
If I read forums every mac-fan just says "OS X is invulnerable bla bla, Linux is very secure bla bla", to which every Microsoft-lover replies "yeah that's because nobody uses mac or linux", etc etc. I've read all the theories and arguments, now I want to know a bit more about the basics of the systems.
I don't want to start a flame war here about which system is better. I just believe that if I learn more about the basics of the systems, it will improve the way I work with my computers, whether it's Windows, Linux or OS X. (I use 2 out of 3 now, and will soon use all)
I already started reading wikipedia http://en.wikipedia.org/wiki/Unix. But I'm sure someone knows other good resources? Are there some blogs or tech sites I should follow?
Sorry if the question is not very specific, but I'm sure someone can point out some good starting points.
I want to learn some more about the differences between the major operating systems. In general, and more specifically about their security. These two aspects are related of course. It's often said that UNIX-like systems are inherently more secure. Why? Does anyone have good links to more "objective" resources? Are there independent experts' blogs I should read?
If I read forums every mac-fan just says "OS X is invulnerable bla bla, Linux is very secure bla bla", to which every Microsoft-lover replies "yeah that's because nobody uses mac or linux", etc etc. I've read all the theories and arguments, now I want to know a bit more about the basics of the systems.
I don't want to start a flame war here about which system is better. I just believe that if I learn more about the basics of the systems, it will improve the way I work with my computers, whether it's Windows, Linux or OS X. (I use 2 out of 3 now, and will soon use all)
I already started reading wikipedia http://en.wikipedia.org/wiki/Unix. But I'm sure someone knows other good resources? Are there some blogs or tech sites I should follow?
Sorry if the question is not very specific, but I'm sure someone can point out some good starting points.
matthijs,
WOW the age old questions.
1. Basically, the linux philosophy is that each individual binary does one thing, and it does it perfectly. This is why Linux has dependency hell. A lot of binaries require other binaries which require other binaries, etc..
2. Windows on the other hand uses DLL files. Somewhat similar to PHP classes in the sense that they are shared code bases. Works great until you install another app that decides to overwrite the system DLL's. What happens then? Well the other applications expect to react a certain way, they dont, and then your screen turns blue. If it's a driver, you now have to do a hard reboot. Saved your work lately?
Security?
That boils down to permissions.
Ask yourself this. Can you open the folder that contains all your critical system files and delete them right now? If so, you are vulnerable to a virus. If your on windows, there is a 99% chance you can.
If your on linux, you will probably be asked for permission first. Wanna grant it?
Mac's pretty much run a variant of Unix. Same boat.
WOW the age old questions.
1. Basically, the linux philosophy is that each individual binary does one thing, and it does it perfectly. This is why Linux has dependency hell. A lot of binaries require other binaries which require other binaries, etc..
2. Windows on the other hand uses DLL files. Somewhat similar to PHP classes in the sense that they are shared code bases. Works great until you install another app that decides to overwrite the system DLL's. What happens then? Well the other applications expect to react a certain way, they dont, and then your screen turns blue. If it's a driver, you now have to do a hard reboot. Saved your work lately?
Security?
That boils down to permissions.
Ask yourself this. Can you open the folder that contains all your critical system files and delete them right now? If so, you are vulnerable to a virus. If your on windows, there is a 99% chance you can.
If your on linux, you will probably be asked for permission first. Wanna grant it?
Mac's pretty much run a variant of Unix. Same boat.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
Microsoft almost by definition will bad mouth Linux, as will numerous Windows users. Human nature being what it is, the same polarisation happens in any two contrasting ideals. Have you ever wandered into an argument over who'll rule multiplayer when Windows Vista can access XBox Live? 
There are some obvious security issues differing between Windows and Linux - permissions is the main one. Windows Vista is the only one to have half decent permission settings, but even so it's still a completely userland feature. That's no substitute for what Linux offers - a distinct system root, and less privileged normal users. It forces a user to deliberately bypass permissions to change the system - and obviously this prevents other applications (the bad ones) from fiddling with your system.
The flipside is that neither Linux or Mac have a long history of being targeted by virus writers - this casts the shadow of doubt, the one card Microsoft is quite happy to play for all its worth because even professional developers can't discard it out of hand. Still, Linux has a full suite of virus scanners and firewalls you can install so there is coverage for those problems which can crop up once in a blue moon. Actually once in a blue moon might be too frequent...
A third element is simple Evolution - if you are Creationist, you can rest comfortably that this form of Evolution is completely controlled by thousands of everyday developers who thankfully tend to be Intelligent Designers. Windows typically has a limited set of software. Yes, you are free to install other applications, but relatively few do. It's a lot more fashionable in recent years - thankfully. Witness Firefox's market share.
Anyways, because applications on Windows tend to be of limited numbers and of a closed source nature it means they also tend to be easier to tease apart and misuse. Fat giants like Outlook, Internet Explorer, that junk heap called Explorer, rely on one entity to maintain them - if they don't and it doesn't hit their cheque book then they have little incentive to so either.
On Linux/BSD this is a lot more difficult since open source means anyone can find, and fix problems almost immediately. Or at least dump it on a bug tracker to prod the developers to action
. If the current developer's fail to do so, you can just fork it and pile on the pressure. If the original developers have a good survival instinct that rarely occurs over issues like bugs/security - most forks are typically feature driven. Open source doesn't mean higher quality obviously, but it does hopefully mean more eyes watching for issues in the source.
There are some obvious security issues differing between Windows and Linux - permissions is the main one. Windows Vista is the only one to have half decent permission settings, but even so it's still a completely userland feature. That's no substitute for what Linux offers - a distinct system root, and less privileged normal users. It forces a user to deliberately bypass permissions to change the system - and obviously this prevents other applications (the bad ones) from fiddling with your system.
The flipside is that neither Linux or Mac have a long history of being targeted by virus writers - this casts the shadow of doubt, the one card Microsoft is quite happy to play for all its worth because even professional developers can't discard it out of hand. Still, Linux has a full suite of virus scanners and firewalls you can install so there is coverage for those problems which can crop up once in a blue moon. Actually once in a blue moon might be too frequent...
A third element is simple Evolution - if you are Creationist, you can rest comfortably that this form of Evolution is completely controlled by thousands of everyday developers who thankfully tend to be Intelligent Designers. Windows typically has a limited set of software. Yes, you are free to install other applications, but relatively few do. It's a lot more fashionable in recent years - thankfully. Witness Firefox's market share.
Anyways, because applications on Windows tend to be of limited numbers and of a closed source nature it means they also tend to be easier to tease apart and misuse. Fat giants like Outlook, Internet Explorer, that junk heap called Explorer, rely on one entity to maintain them - if they don't and it doesn't hit their cheque book then they have little incentive to so either.
On Linux/BSD this is a lot more difficult since open source means anyone can find, and fix problems almost immediately. Or at least dump it on a bug tracker to prod the developers to action
<troll>veridicus wrote:Also consider the users. Typical Windows users know nothing about security. But typical Linux users (and server administrators) know more about security, are willing to do more to secure their systems, and also have more tools available to do so.
Is that because linux systems are inherently less user-friendly that they're required to know more about their systems? Or did you want to say that windows is popular for the same reason php is, namely because even an idiot can use it?
</troll>
Imho, the security of a modern (not talking about win95 or linux2.0 here :p) machine depends mostly on the capabilities of the administrators of that machine... I'd recommend that you read a book like tanenbaums 'operating systems' so you get to understand the basic concepts (and problems) of the design of an operating system (Virtually every chapter ends with a section where the theory if applied to concrete examples (eg: ntfs and ext3 in the chapter on file systems))
Correct me if I'm wrong, but Win have had full-fledged permission system (both on filesystem and process level) since.. eh.. win2k?Maugrim_The_Reaper wrote: There are some obvious security issues differing between Windows and Linux - permissions is the main one. Windows Vista is the only one to have half decent permission settings, but even so it's still a completely userland feature.
Actually nothing prevents you from creating ordinal user account in a windows system. It's your fault if you're using Administrator account when you don't need to.Maugrim_The_Reaper wrote: That's no substitute for what Linux offers - a distinct system root, and less privileged normal users. It forces a user to deliberately bypass permissions to change the system - and obviously this prevents other applications (the bad ones) from fiddling with your system.
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
I agree with timvw, in that newer OS'es security are more dependent on the admin than the software. That being said:
Windows is more complicated than Linux (not in the end user department) but in design/development. I recall 2000 having something like 64 million lines of code, whereas a basic Linux system I odn't think would have any where near that.
Really your comparing apples to oranges when you do this. If you bloated a system (Linux) with all the latest and greatest software I'm sure someone could find a leak somewhere. Whereas a simple cut down Linux system wouldn't likely be easily exploited by virture of the fact it's simple.
Also it's philosophy. As a Windows developer of at least 10 years, I can tell you that Windows developers are more concerned with features rather than security. Features sell, security won't - I learned that the hard way just recently.
Linux is truely for computer geeks or people who don't mind having to tinker for a while before something works. Again, as a long time Windows user I must say, it's been a long while since I had any kind of OOTB setup problems on Windows but almost all the time I run into some kind of trivial problem when tinkering with Linux.
I think these arguments are futile as well as comparisons. I would focus more on learning them both and learning which one shines when the other does not and use them as tools as they are intended. Trying to sell someone on Linux because it's more secure won't get you far except in the corporate server market which is where I bet Linux shines.
p.s-DLL (Dynamic Link Library) are simply executables (like EXE; in fact many EXE in Windows are DLL's) but instead of being invoked directly by an end user via a click, they are pulled into the current processes memory space to "dynamically" change the applications functionality (think plugins). i don't see how DLL's related to security myself, as Linux I believe offers the same thing in the form of SO files I believe (someone will correct me on this I'm sure).
PHP or Apache extensions use these frequently at least I am quite sure this is what they are as there is no additional (re)compilation just add a line to php.ini and reset the daemon (if anything) and bam your done.
Anyways, this is just my opinion.
Cheers
Windows is more complicated than Linux (not in the end user department) but in design/development. I recall 2000 having something like 64 million lines of code, whereas a basic Linux system I odn't think would have any where near that.
Really your comparing apples to oranges when you do this. If you bloated a system (Linux) with all the latest and greatest software I'm sure someone could find a leak somewhere. Whereas a simple cut down Linux system wouldn't likely be easily exploited by virture of the fact it's simple.
Also it's philosophy. As a Windows developer of at least 10 years, I can tell you that Windows developers are more concerned with features rather than security. Features sell, security won't - I learned that the hard way just recently.
Linux is truely for computer geeks or people who don't mind having to tinker for a while before something works. Again, as a long time Windows user I must say, it's been a long while since I had any kind of OOTB setup problems on Windows but almost all the time I run into some kind of trivial problem when tinkering with Linux.
I think these arguments are futile as well as comparisons. I would focus more on learning them both and learning which one shines when the other does not and use them as tools as they are intended. Trying to sell someone on Linux because it's more secure won't get you far except in the corporate server market which is where I bet Linux shines.
p.s-DLL (Dynamic Link Library) are simply executables (like EXE; in fact many EXE in Windows are DLL's) but instead of being invoked directly by an end user via a click, they are pulled into the current processes memory space to "dynamically" change the applications functionality (think plugins). i don't see how DLL's related to security myself, as Linux I believe offers the same thing in the form of SO files I believe (someone will correct me on this I'm sure).
PHP or Apache extensions use these frequently at least I am quite sure this is what they are as there is no additional (re)compilation just add a line to php.ini and reset the daemon (if anything) and bam your done.
Anyways, this is just my opinion.
Cheers
Is this happening? That would be interesting.Maugrim_The_Reaper wrote:Have you ever wandered into an argument over who'll rule multiplayer when Windows Vista can access XBox Live?
*edit as i just googled this*
I can't believe they are only now bringing Halo 2 to Windows. I thought it was a typo at first. Isn't Halo 3 in beta now...