Linux & Windows

Operating Systems
Windows, Linux, Solaris, Red Hat, etc.....32 bit or 64 bit.
If its an OS, its here.
Post Reply
sushrukh
Legit Aficionado
Legit Aficionado
Posts: 99
Joined: Thu Jan 11, 2007 3:53 am

Linux & Windows

Post by sushrukh » Wed Oct 22, 2008 12:31 pm

Image

Any Linux geek would tell you Linux thrashes Windows in more ways than one. But does it? And why? What makes a system better than another? At this stage, are they even different at all?

If there were no Windows vs. Linux battles, the geek life would have been notably duller. Technology forums would inevitably get boring, and life would generally never be the same. The most contentious issue, of course, is security—Windows is notorious for not having much in that department. However, Vista is loaded with a bunch of new security measures, and claims to be able to thwart malicious software better.

What makes an operating system more secure? The way it’s built, of course. And that is the question we’re asking. But first, some myth-busting.

Popularity Contest


The favourite theory to explain the low number of viruses (or Trojans, or other such malicious code, for that matter) that exist for Linux is that it’s not popular enough—they say that if you turned the tables and made Linux the world’s most used OS, you’d find just as many malicious programs for it as you do for Windows now.


There is some logic to both the statements, but here’s what the Linux community usually comes back with: nearly half of the world’s Web sites run on Apache, either on Linux or a BSD. Since this is obviously the most popular platform, there’s plenty of incentive for hackers to spend their time taking it down—and yet, you don’t see Apache’s vulnerabilities in the news as much as you see those of Microsoft’s IIS. Not that the hackers aren’t trying to take down Apache servers—they’re just not having as much success with it as they are with IIS servers.


All this is very leading, but it really doesn’t say anything. IIS servers are often taken down by exploiting vulnerabilities in Windows (an unfortunate side-effect of Windows’ integration with its software; more on this later), and not necessarily in IIS itself. Secondly, while the Netcraft list of sites with the longest uptime is dominated by Apache servers, there’s no information on the actual availability of the servers—they could have been under a DDoS attack for half that uptime, but as long as they haven’t rebooted, they’re on the list.


Windows Vista basically accomplishes what Linux has been doing for a long time—ensure that regular users don’t have access to critical operating system files and services


Bottom line: there is no bottom line. For every (seemingly) logical statement, there exists an equally logical retort. We could write the arguments and counter-arguments for twenty pages if we felt like it, and you still won’t walk away with a definite conclusion. Let’s just move on.


Your OS And You


The biggest security breaches occur when malware is allowed to run with on your system with elevated privileges—which means that it has access to critical programs and data that only your system’s kernel should have. Once it’s reached that level, your PC becomes its humble servant, and can be brought down at the slightest whim. Who gives this malware its privileges? Well, you do.


With Windows XP, the person who installs the operating system becomes the Administrator, so if you’re the only one using your PC, you’ve got the privileges to wreak all sorts of havoc, should you choose to. Consequently, any application you install and run is also accorded the same royal treatment, no questions asked. Now add to that the fact that Windows’ system services run under a user account called SYSTEM (you can check this out in the Task Manager)—the most powerful account on your system, with access to everything critical—and that the first processes that malicious programs hijack are system services. You’ll be drawing pretty accurate conclusions by now...


Vista, thankfully, changes this. The user who installs Vista is still part of the Administrators group, but even this administrator runs with regular, limited privileges. When administrative tasks—including installing new programs—need performing, User Account Control (UAC) kicks in, telling you that you need to give the task a go-ahead before it, well, goes ahead. If you read the UAC prompt and don’t know the program it’s warning you about, you can prevent it from running. But what if you’ve blindly allowed the task to continue?


Unlike XP, malware has little or nothing to gain from hijacking a system service in Vista—instead of giving services unlimited rights like before, Vista runs them with low privileges, giving them access only to critical files and Registry entries that they need; each service is given a Security ID (SID), which it uses to request permission to these objects. Consider this scenario in XP: a virus has hijacked your system’s innocuous Plug-and-Play service and has acquired its privileges. One of the first things viruses do is disable the anti-virus so they can continue their reign of terror uninterrupted. Since the virus can now do anything to your system, it’ll be allowed to kill the anti-virus service, corrupt the virus definitions, modify its Registry entries and much more. In Vista, if this same virus manages to attack the service, all damage is restricted to the service and its domain—you won’t necessarily be happy, but you won’t be feeling silly, either.


Windows Vista basically accomplishes what Linux has been doing for a long time—ensure that regular users don’t have access to critical operating system files and services; they don’t even have access to files owned by each other! The all-powerful root account is never used, and in Ubuntu, it’s actually disabled: you’re expected to use the “sudo” command (or gksu for GNOME applications) and enter your password to execute commands that affect the system in general. Unless you deliberately use these commands to run a suspicious executable, the worst it can do is affect the files you have access to. Even if, for whatever inexplicable reason, you do decide to run a malicious script with sudo, your services are still safe...


Services in Linux run as separate users, with access only to files that they own; more often than not, they don’t even have the rights to use the terminal, so they can’t run commands or start other services. This is where the multi-user approach comes handy again—since users are isolated from each other, services can’t access the data used by other services. The Apache server, for instance, runs as a user called www-data, which only has access to the Web pages it serves. If a hacker exploits an Apache vulnerability to get into the www-data user account, he can’t really do much to the other services, because www-data doesn’t own those files. He can, however, mess with Web pages, so while this isn’t a doomsday scenario, it’s certainly not ideal.


You’ve probably noticed the parallels between the two operating systems by now—for your use at home, both systems are quite secure. Unfortunately, they both have one critical flaw: PEBKAC—Problem Exists Between Keyboard And Chair. No operating system can plan for human ignorance—Vista, unfortunately, allows you to disable UAC (and it’s annoying enough for you to want to), and even then, it can’t guard against people who click OK without realising what they’re doing. Linux developers do all they can to ensure that you never feel the need to use the root account, but there’s always the daredevil who can’t resist. If you keep your head on your shoulders and read what’s on your screen, your PC will be as secure as you want it to be.


True, there are more people working on Windows viruses than Linux, but popularity isn’t all that makes Windows popular with the hacker community...


Package Deal


Unfortunately, the thing we love about Windows is also its undoing. Windows is designed as a single unit, so a lot of features (or modules, depending on what you’re looking at) are integrated into the core of the system, even though they don’t need to—IE and Outlook Express immediately spring to mind. Remember the Windows 98 + IE4 combination, when you couldn’t tell where the OS ended and the browser began?


The upside to this approach is a smooth, hassle-free user experience—all these programs get a little extra love from the OS kernel, so they’ll inevitably perform better than third-party programs. The downside—which we see often enough—is that any vulnerability in these programs can potentially bring down the entire system. This is why you hear of vulnerabilities in IE and Office letting hackers gain control over Windows PCs. In fact, in Windows XP, even the graphics engine that draws windows on your screen runs in this privileged space, so if your graphics freeze, your only option is to reset your system.


Linux, on the other hand, is designed to be modular. Only the most essential components of the operating system are integrated into its core—the rest are loaded only when needed, and don’t have access to critical system files. A vulnerability in Apache, for example, stays in Apache. The Linux we’re talking about here is the core OS, and not the Desktop Environments, mind you. GNOME and KDE may not integrate with the Linux kernel, but within themselves, they are quite integrated. The disadvantage is the same as for Windows—if one component of GNOME fails, the Desktop Environment fails, taking all the applications running in it down. However, the OS kernel isn’t affected, so all you have to do is a simple [Ctrl] + [Alt] + [Backspace], which ends your GNOME / KDE session and lets you log in to your system again.


This is where Linux (and UNIX, and the BSDs) clearly take the lead in terms of security. It may not feel as nice as Windows while you’re using it, but it won’t let something silly like a flaw in a text editor take it down, either.


Endgame


So really, which is better? Let’s look at it step by step, starting with the potential for malicious software to enter your PC. Both systems are on equal footing here—malicious software getting into your PC is usually your fault (assuming you don’t have security software installed).


Only the most essential components of the operating system are integrated into the Linux core

Image

Windows’ Remote Procedure Call (RPC) service has many things working against it—nearly every application on your PC needs it, so it’s a favourite target for hackers, and even a moderately resourceful amateur will stumble upon neat little GUI tools like this to exploit the service


Step two: malicious software does get into your PC; what is the scope of the damage it can do? Again, with both Linux and Vista, damage caused by malware is restricted to the service it exploits, and the files that the service can access. So far, so good. Finally, step three: what happens when the malware goes about its dirty deed? With Vista, if a critical service—like the Remote Procedure Call (RPC) service—is compromised, all manners of chaos may ensue. Every application under Windows needs to use RPC, so you’re sunk without it. With Linux, services aren’t as tightly integrated with the OS, so while your Linux PC can be crippled—some applications won’t run, you may not have network access and so on—the kernel is still safe, which means that with a little root wizardry, it can be brought back to life again.


Bottom line: for daily desktop use, both systems are equally secure—but if things do go wrong, they go more wrong with Windows. These are only my opinions though.

User avatar
Alathald
Legit Extremist
Legit Extremist
Posts: 1630
Joined: Sun Dec 17, 2006 11:55 pm
Location: Southern Ohio
Contact:

Re: Linux & Windows

Post by Alathald » Wed Oct 22, 2008 1:56 pm

Very good read, I'm an avid Linux user and I fully believe that if you are very good with computers (ie you know how they work inside and out fairly well) or if you know nothing at all about computers (you only know how to type a document and maybe surf the web) then Linux is by far the better OS. It's that fuzzy middleground though, it's the reason that Windows is so popular. It's easy to use, looks good and hides everything from the user. It's also very hard for a person that is used to the Windows way of doing things (say, installing an exe) to grasp the Linux way (package manager FTW!).

If you're an avid gamer or an average user then Windows is the way to go but for the power user, the business user, the system or site admin, the programmer or even the nonuser then Linux is the way to go. Also, distros like Ubuntu and OpenSUSE are really starting to close that gap Windows has for the average user.
Image

sushrukh
Legit Aficionado
Legit Aficionado
Posts: 99
Joined: Thu Jan 11, 2007 3:53 am

Re: Linux & Windows

Post by sushrukh » Thu Oct 23, 2008 12:00 am

Thanks for reading mate.Yeah that's what i was trying to mean actually. :)

User avatar
gsimpson63
Legit User
Legit User
Posts: 13
Joined: Mon Dec 03, 2007 8:42 pm
Location: Ohio

Re: Linux & Windows

Post by gsimpson63 » Thu Oct 23, 2008 11:17 am

Very Good read, I have always want to explore Linux and I have been playing around with Puppy on a old laptop. Nice gui and I can watch my dvd's.

tele
Legit User
Legit User
Posts: 7
Joined: Fri Mar 13, 2009 11:46 pm

Re: Linux & Windows

Post by tele » Tue Mar 17, 2009 12:18 am

I am dual booting ubuntu and windows xp, I prefer ubuntu as a user because it is so much more responsive and the experience is a blast.
However, to set up an multi-media desktop running on ubuntu (Linux) and maintain it, is a difficult tasks for an average user. Sometimes, it is an mission impossible. Lack of module support from hardware manufacturers is still the biggest obstacle for Linux home user , hopefully it would change soon ,
since some notebook of Asus is shipped with Linux distro, maybe just maybe, they will realize that open sources OS and program actually help them sell more hardware. They would provide better Linux module support of its hardwares in the future. Last of all I really like the Ubuntu OS. Once it get its module support from big hardware manufacturer like Asus. I do not see why people spend hundred of dollars to get an MS os. As for most computer gamers out there , the current video game console can really replace its computer reg to play their favourite games.

Post Reply