+ Reply to Thread
Results 1 to 7 of 7
  1. #1
    Ultimate Member CMonster's Avatar
    Join Date
    Oct 2001
    Posts
    5,994

    Linux Security Myth Busting

     
    A short word on Linux security:

    "Linux is secure in it's obscurity;"

    This is a common misconception. Linux is not obscure; being based on the UNIX model that has been around since before DOS was a twinkle in Bill Gates eyes, the structure and functions of UNIX are hardly unknown. The infamous "Internet Worm" of 1986 was the first widely publicized threat to networked computers --they ran UNIX and the exploit took advantage of the "at" command. Since then, continuing to the present day most network servers, mission critical applications, and super computers run UNIX (many Linux).

    Linux is more secure than windows for several reasons, here are a few:

    First of all, at its inception Linux was designed to be a desktop version of UNIX, so it progressed from a true NOS (network operating system) to a desktop OS, carrying with it a legacy network security model of server/client-user with limited permissions. Unlike windows which progressed from a single-user desktop OS to a NOS, having to add layers of security along the way.

    Secondly, Linux, being open source, might seem to invite hacks but the opposite is equally true --as fast as a hack is discovered by the community a security fix/patch is usually made available.

    Finally, while I admit that Linux does require the user to be a bit more educated about system administration (there is a learning curve), we all understand that an educated user makes for better security in any OS, rather than relying on mouse clicks and eye-candy that pop up warning of a threat.
    Last edited by CMonster; May 21st, 2008 at 01:57 PM.

  2. #2
    Ultimate Member EXreaction's Avatar
    Join Date
    Aug 2003
    Location
    Madison, WI
    Posts
    15,225
    Blog Entries
    1
    An OS is only as secure as it's weakest application.

    I've not heard of an exploit for the Windows OS or Unix OS in a very long time, most or the hacks are all targeted at 3rd party software.
    "The problem with quotations on the internet is that the sources are hard to verify" - Abraham Lincoln

  3. #3
    Ultimate Member SeanC's Avatar
    Join Date
    Oct 2001
    Location
    Toronto Canada
    Posts
    4,812
    Pretty much. Remember there was the recent Windows, Mac, Linux hacking contest? None of them could be hacked through just the OS itself. It was the 3rd party apps which nailed Windows (Acrobat or Flash video or something Adobe anyway, if I recall). If Linux/Unix apps are direct ports of source code then they could very well have the same vulnerabilities, but with the default user account not having full administrative/root access to the system, the damage is more limited. Windows can do that too, except for the everyday apps (like Microsoft's own Office - older versions anyway, don't know about 2007) that required the user to be an admin to even use some of the programs.

  4. #4
    I got this #43 fan's Avatar
    Join Date
    Mar 2005
    Location
    Midwest
    Posts
    5,560
    The hackers may have been able to get through using just the OS, but it would've taken quite a bit of time.

  5. #5
    Ultimate Member
    Join Date
    Sep 2002
    Location
    Iowa
    Posts
    3,404
    Saying Linux or UNIX are more secure than Windows is not true. As stated above, the third party software is what is responsible for the security holes in almost every case.

  6. #6
    Ultimate Member CMonster's Avatar
    Join Date
    Oct 2001
    Posts
    5,994
    3rd party applications with code open to inspection allows security flaws to be more readily identified and patched. 3rd party applications are generally being run with very limited permissions on the UNIX model -I can't say that has always been the case with other platforms.

    I may also be guilty of taking the suite of applications collectively and calling them an OS, as many users commonly do, leading me to suppose that just about everything other than the base OS kernel could be called a 3rd party application. At what point is the cut off --compiled drivers are OS but module drivers are 3rd party?

    Anyway, my basic point was that security in obscurity is a myth - Linux-os-suite-of-applications are hardly obscure to hackers, but perhaps a little more abstruse to the script kiddies.

  7. #7
    Ultimate Member SeanC's Avatar
    Join Date
    Oct 2001
    Location
    Toronto Canada
    Posts
    4,812
    I agree that Linux is definitely not obscure anymore. But it's fairly safe from the "script kiddies". In general, you need someone that truly knows what they're doing to crack a Unix-based system.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Linux Security Project
    By CMonster in forum Linux and Unix
    Replies: 7
    Last Post: December 24th, 2005, 09:22 PM
  2. virus myth
    By sensi in forum Security and Privacy Issues
    Replies: 11
    Last Post: October 24th, 2005, 06:47 AM
  3. The BPL Myth
    By Pexster in forum IMO Community
    Replies: 11
    Last Post: March 5th, 2004, 05:36 PM
  4. busting some chops
    By ironforge in forum IMO Community
    Replies: 3
    Last Post: March 17th, 2002, 11:53 PM
  5. Linux kernel /zlib security vulnerability
    By Germ in forum Applications and Operating Systems
    Replies: 6
    Last Post: March 15th, 2002, 07:50 AM

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Recommended Sites: ResellerRatings Store Reviews