Are Linux and Mac really safer from hacking?

Seen something interesting in the news or on the intertubes? Discuss it here.

Moderators: Zamfir, Hawknc, Moderators General, Prelates

Girl™
This is what I think of you.
Posts: 1240
Joined: Mon Feb 26, 2007 12:23 am UTC
Location: In ur base, et cetera, et cetera.

Are Linux and Mac really safer from hacking?

Postby Girl™ » Fri Apr 06, 2007 6:18 pm UTC

I don't know where to put this thread. :oops:

Let's preface this by making sure that everyone knows I'm a complete moron. I've never used anything but Windows; I don't know shit from programming or OS exploits. I just keep my antivirus and anti-spyware programs updated and running regularly, and install patches when they come through from MS. :\ So I was hoping to get a little more insight into the comment war going on concerning this news article.

It's about international gangs getting in virtual "turf wars" over control of trojan-infected computers. Pretty much immediately, the Windows vs. everybody else debate starts up in full force. There are over 230 comments, most of them redundant, so this is it a nutshell:

Linux side:
"If everyone used Linux or Mac, none of these problems would exist because they're more secure programs than Windows."

"Exploits in Linux get fixed much faster than in Windows, because it's open-source."

"Linux users are more savvy and better at keeping malware out."

"The original DOS code that Windows is based on is an inherently flawed system. UNIX was designed to be more secure from the start."

"I'm a [insert techie profession here] and I've had nothing but trouble with Windows systems."

Windows side:
"Linux and Mac aren't more secure, they're just not targeted. These people want to infect the most computers possible, and Windows has the greatest market share."

"Because Windows ISN'T open-source, it's harder for hackers to exploit it."

"If Linux were the dominant OS, you'd have just as much user error. The only reason Linux users are more sophisticated is because only people who already have a great deal of knowledge bother to seek it out."

"I'm a [insert techie profession here] and I've had the least trouble with Windows systems."

I don't know shit about fuck, and I know most everyone here knows what they're talking about. How much of this is people spouting BS, and how much is valid? Would a widely available, easy-interface version of Linux be just as bad as Windows once the morons picked it up?

Sorry, I'm rambling. :O
You don't make them touch!

User avatar
Belial
A terrible sound heard from a distance
Posts: 30448
Joined: Sat Apr 15, 2006 4:04 am UTC
Contact:

Postby Belial » Fri Apr 06, 2007 6:23 pm UTC

And Eve didst say "Look, Adam, the snake hath given me this totally badass can, and it appeareth to contain many, many worms"

And Adam and God, in unison, didst say "Hoo, boy...."
addams wrote:A drunk neighbor is better than a sober Belial.


They/them

Girl™
This is what I think of you.
Posts: 1240
Joined: Mon Feb 26, 2007 12:23 am UTC
Location: In ur base, et cetera, et cetera.

Postby Girl™ » Fri Apr 06, 2007 6:25 pm UTC

HAHAH. Am I gonna die?
You don't make them touch!

User avatar
Belial
A terrible sound heard from a distance
Posts: 30448
Joined: Sat Apr 15, 2006 4:04 am UTC
Contact:

Postby Belial » Fri Apr 06, 2007 6:26 pm UTC

Nah. This is gonna be fun....
addams wrote:A drunk neighbor is better than a sober Belial.


They/them

User avatar
TheTankengine
Our Fora-father
Posts: 3328
Joined: Tue Oct 17, 2006 2:09 pm UTC
Location: Louisville, KY
Contact:

Postby TheTankengine » Fri Apr 06, 2007 6:29 pm UTC

I can't really comment about OS X, because I don't have enough first-hand knowledge about it. I just know that it has received a severely limited amount of exploits over the entire course of its history due to two things:low market share and the UNIX core having somewhat better security.

"Because Windows ISN'T open-source, it's harder for hackers to exploit it."

I'd say this statement is false, and is actually a distinct advantage that Linux can offer over the other 2. Since the source is mandated to be freely available to anyone who asks, all code is practically guaranteed to be very well peer-reviewed before a major release or adoption. Should an exploit occur on Linux, millions of developers have access to the source code, whereas if it happens on Windows, only certain MS devs have access.

Personally, I'll take the millions of devs willing to give their time freely to a cause, simply because they enjoy it, than a few hundred MD programmers.
be centered
be compassionate
be interesting

Girl™
This is what I think of you.
Posts: 1240
Joined: Mon Feb 26, 2007 12:23 am UTC
Location: In ur base, et cetera, et cetera.

Postby Girl™ » Fri Apr 06, 2007 6:41 pm UTC

TheTankengine wrote:I'd say this statement is false, and is actually a distinct advantage that Linux can offer over the other 2. Since the source is mandated to be freely available to anyone who asks, all code is practically guaranteed to be very well peer-reviewed before a major release or adoption. Should an exploit occur on Linux, millions of developers have access to the source code, whereas if it happens on Windows, only certain MS devs have access.

Personally, I'll take the millions of devs willing to give their time freely to a cause, simply because they enjoy it, than a few hundred MD programmers.


I'm with you on that; it only makes sense. It's like proofreading: the more eyes you have on it, the more likely it is that mistakes will be seen.
You don't make them touch!

User avatar
Rorgg
Posts: 78
Joined: Fri Dec 29, 2006 6:06 pm UTC

Re: Are Linux and Mac really safer from hacking?

Postby Rorgg » Fri Apr 06, 2007 6:43 pm UTC

Disclosing my stuff up front: I'm a unix admin by trade, including some Linux boxes, and in the past I've been a Windows server admin and long, long ago I did Windows support for a PC manufacturer. I use Windows on my primary machine at home, which I use mostly for gaming, but when I had room, I had a Linux box next to it. At work, I have a Linux desktop and a Windows laptop.

Everything here is my two cents.

I just keep my antivirus and anti-spyware programs updated and running regularly, and install patches when they come through from MS.

Just doing that, you're in better shape than probably 80% of PC users.

"If everyone used Linux or Mac, none of these problems would exist because they're more secure programs than Windows."

A mixed statement. The unix-like OSs (which includes OS X, the current Mac) are generally more secure than Windows out of the box. However, Linux takes more work and a niche familiarity to maintain to a similar standard, whereas you don't really need any particular knowledge to keep up with Windows Update.
I disagree with the first statement to a point, which is covered farther down.

"Exploits in Linux get fixed much faster than in Windows, because it's open-source."
True, but again, you need to have some additional knowledge to find and apply these fixes.

"Linux users are more savvy and better at keeping malware out."
On the whole, true... but it's not really a selling point of the operating system itself.

"The original DOS code that Windows is based on is an inherently flawed system. UNIX was designed to be more secure from the start."
"Inherently flawed" isn't a term I would use, but I agree that UNIX, as a designed multi-user system, was designed from the start with security in mind.

"I'm a [insert techie profession here] and I've had nothing but trouble with Windows systems."
In my experience... on the whole, it's much harder to get a Windows-based system to a completely stable point. Now, in some cases, that's an issue with the applications themselves more than the operating systems, but it's not a completely imaginary impression.

"Linux and Mac aren't more secure, they're just not targeted. These people want to infect the most computers possible, and Windows has the greatest market share."
Mixed statement, but the second sentence is very true. If Linux had 90% of the OS, we'd be seeing trojans that were .rpm packages hoping to find someone running as root (the administrator account) and infections would be more common. I think that overall, though, yes, if everyone ran Linux it would be HARDER to do mass-infections... but there would be infections.

"Because Windows ISN'T open-source, it's harder for hackers to exploit it."
This is called "Security by Obscurity" and the concept is one of some disagreement. I'll just say that I don't find it a compelling argument.

"If Linux were the dominant OS, you'd have just as much user error. The only reason Linux users are more sophisticated is because only people who already have a great deal of knowledge bother to seek it out."
In the current state of Linux, probably true. You'd have a lot of people either running as root and being horribly vulnerable, or on another account and banging their head against a wall trying to install a screensaver. I don't think this is an inherent problem of Linux though...nobody ever called DOS warm and fuzzy either. The Linux desktop is behind Windows now, though, for general populace end-use.

"I'm a [insert techie profession here] and I've had the least trouble with Windows systems."
I... yeah, I don't know those people. Even before I worked with *nix systems, I rarely know people who had the BEST time supporting Windows on an enterprise scale. They'd prefer OS/2 or Netware or something. There are some out there I'm sure.

To answer your final question -- if you're willing to do some learning, you can use Linux. You might need some help getting the install done (namely, disk management) and you may need some help getting acquainted with how to install software, but for day to day use, yes, you could use it and it would probably be slightly more secure.

However, if you're keeping up with your Win system maintenance now, you're likely already fine, and depending on what you DO with your machine, you may want to switch with Windows just because that's what most software is written for, and there are some specific apps you'd rather not have to go through hoops to run. That's why I run Windows on my home machine.

Hope that helped.


ETA: P.S. One of the biggest ranges of vulnerability for Windows is Internet Explorer. Switching to Firefox or something and keeping that up-to-date probably cuts your vulnerability in half on Win machines. I only use IE when the site is coded so as to require it AND it's a site I trust to be uninfected.
Last edited by Rorgg on Fri Apr 06, 2007 6:48 pm UTC, edited 1 time in total.

Fluff
See You Next Tuesday
Posts: 1085
Joined: Tue Nov 14, 2006 6:27 am UTC
Location: The Departure Lounge

Postby Fluff » Fri Apr 06, 2007 6:47 pm UTC

I don't know too much about programming and that, but there always seemed to be trouble with the Windows based systems I've used in the past, both at home and at past workplaces / schools, etc.

I have now got an iMac at work and a MacBook at home and never had any problems with either.

Girl™
This is what I think of you.
Posts: 1240
Joined: Mon Feb 26, 2007 12:23 am UTC
Location: In ur base, et cetera, et cetera.

Re: Are Linux and Mac really safer from hacking?

Postby Girl™ » Fri Apr 06, 2007 7:05 pm UTC

Rorgg wrote:
I just keep my antivirus and anti-spyware programs updated and running regularly, and install patches when they come through from MS.

Just doing that, you're in better shape than probably 80% of PC users.


Yeah, but I had to learn that the hard way. Teenagers shouldn't be allowed to have computers. >_<

To answer your final question -- if you're willing to do some learning, you can use Linux. You might need some help getting the install done (namely, disk management) and you may need some help getting acquainted with how to install software, but for day to day use, yes, you could use it and it would probably be slightly more secure.

However, if you're keeping up with your Win system maintenance now, you're likely already fine, and depending on what you DO with your machine, you may want to switch with Windows just because that's what most software is written for, and there are some specific apps you'd rather not have to go through hoops to run. That's why I run Windows on my home machine.


Thanks for the advice, that's something to consider. I do like being able to install the programs I want, when I want, though. I'm overall pretty content with my Windows machines, which is why it irks me a little when people start screaming that Linux will save the save the world or something.


ETA: P.S. One of the biggest ranges of vulnerability for Windows is Internet Explorer. Switching to Firefox or something and keeping that up-to-date probably cuts your vulnerability in half on Win machines. I only use IE when the site is coded so as to require it AND it's a site I trust to be uninfected.


Already did that, actually. Learned the hard way that IE is like, "Dodgy ActiveX scripts? WOO HOO! COME ON IN GUYZ, LET'S PAR-TAAAY!"
You don't make them touch!

User avatar
SpitValve
Not a mod.
Posts: 5124
Joined: Tue Sep 26, 2006 9:51 am UTC
Location: Lower pork village

Postby SpitValve » Sat Apr 07, 2007 12:16 pm UTC

I use Macs, Windows boxes and Unix/Linuxy things all fairly regularly.

On Linux it's just harder to do most things... I get the impression that the makers don't really intend you to use the GUI, that it's "cheating" unless you hack into the command line. It's quite difficult to install programs unless you know the commands...

Mostly I use the command line to run stuff just because all the servers at work are unix based and I need to SSH and run stuff...

Also, I managed to crash a Linux box by simply inserting a Flash drive.

Also MacOS X just seems a more elegant system than Windows... things just seem to work bettier, are organised better, crash less often and so on.

User avatar
WhiteRabbit
Railgun of Infinite Patience
Posts: 242
Joined: Fri Oct 20, 2006 2:30 pm UTC
Contact:

Postby WhiteRabbit » Sat Apr 07, 2007 3:15 pm UTC

Pretty much all of the best programmers/hackers that I know personally have switched over the OSX for their laptops, and most of them either have or are planning on switching overtheir desktops. They may still keep an old linux/BSD machine around for a few specific tasks, but I think they are tired of all the futzing around that is necessary to keep one up and happy for daily desktop use.

User avatar
Peshmerga
Mad Hatter
Posts: 2061
Joined: Wed Oct 04, 2006 1:56 am UTC
Contact:

Postby Peshmerga » Sat Apr 07, 2007 4:20 pm UTC

95% of the population uses Windows XP / Vista

The rest use Mac or various Linux distros.

Why would a cracker/hacker/scriptkiddie want to target an extremely low population density, especially when all the vulnerabilities of XP have already been let known to the hacker community?

Linux and Mac are only safer from viruses and other such things is because no one uses either of them compared to the numbers that use XP. Viruses are meant to spread over large scale networks, and anyone who uses Linux is probably smart enough to have a few protections in place.

The only thing that makes XP more vulnerable to viruses is the amount of people that try to undermine it. And that XP is generally a shitty OS.

Edit - As for software protection, I run no antivirus or firewall software at all. I've never encountered a serious virus, probably because I don't download anything from sites I don't trust. I am, however, behind a router, which helps a lot.
Last edited by Peshmerga on Sat Apr 07, 2007 4:26 pm UTC, edited 1 time in total.
i hurd u liek mudkips???

User avatar
Daem0hn
Posts: 324
Joined: Wed Feb 14, 2007 2:28 pm UTC
Location: Perth, Western Australia (IATA: PER)
Contact:

Postby Daem0hn » Sat Apr 07, 2007 4:26 pm UTC

unix (and its derivatives eg Linux and MacOSX) are fundamentally more secure than windows. Irrelevant of the fact that Linux is open source, unix is a solid foundation that has been, since early conception, programmed for multiuser platforms, and therefore has a much more mature system for user and access control than windows.

In *nix it is hard (near impossible) to damage a system beyond recovery without having root access. Sure there are methods of gaining root from a normal users account, however it is another hurdle that needs to be overcome. prior to this hurdle, the most a virus can do is damage the users own account and do little to the overall system.

With windows, it was originally designed as a single user system, user and access control has been built ontop of its original framework, rather than integrated into the framework (certainly not as integrated as *nix anyhow).



However, the other reason you see fewer *nix systems being exploited/hacked is because alot of 'hacks' and viruses require user stupidity or atleast some form of initial user interaction (there are some which dont, however to generalize, most viruses/hacks/malware do)

Now i'm not saying that Windows users are stupid, or that *nix users are smart, but there are a whole lot more windows users than there are *nix users, and therefore, many more people who are stupid or unaware and hence by targeting the windows platform, there are more users to spread the virus, hence more publicity and more damage.
01 01 was a race horse, 10 10 was 01 10, 01 01 01 01 race, 10 10 01 01 10

-- Mike (19/Male)

User avatar
william
Not a Raptor. Honest.
Posts: 2418
Joined: Sat Oct 14, 2006 5:02 pm UTC
Location: Chapel Hill, NC
Contact:

Postby william » Sat Apr 07, 2007 6:04 pm UTC

Peshmerga wrote:Linux and Mac are only safer from viruses and other such things is because no one uses either of them compared to the numbers that use XP. Viruses are meant to spread over large scale networks, and anyone who uses Linux is probably smart enough to have a few protections in place.

Oh yeah? Then why don't we see more attacks against Apache/Linux-based servers than against IIS/Windows-based servers, even though the first group vastly outnumbers the second?

That, my friend, is the sound of the ropes to Pons Asinorum buckling under the weight, and the bridge is about to collapse.
SecondTalon wrote:A pile of shit can call itself a delicious pie, but that doesn't make it true.

Hex
Posts: 67
Joined: Sat Apr 07, 2007 10:07 pm UTC

Postby Hex » Sun Apr 08, 2007 1:11 am UTC

Computers would not be very popular if Linux were the only operating system, and they would be equally insecure if Mac OS X were more popular than Windows. The (primary) reason those two go unhacked is the fact they are simply not very profitable targets when compared to the vast userbase of Windows.

Though I assure you, if a hacker wanted to hack or release a virus towards a specific target group, it would be more than possible.

It depends less on what operating system is being used and more on the user. There is no magic trick to make an operating system simply immune to hacking.

User avatar
RealGrouchy
Nobody Misses Me As Much As Meaux.
Posts: 6703
Joined: Thu May 18, 2006 7:17 am UTC
Location: Ottawa, Ontario, Canada
Contact:

Postby RealGrouchy » Sun Apr 08, 2007 3:17 am UTC

Hex wrote:Computers would not be very popular if Linux were the only operating system...

What do you mean by this, exactly? Because frankly, I call bullshit. Have you used linux, or its various distros?

Note that my main sticking point is the word "popular", as opposed to "secure".

- RG>
Jack Saladin wrote:etc., lock'd
Mighty Jalapeno wrote:At least he has the decency to REMOVE THE GAP BETWEEN HIS QUOTES....
Sungura wrote:I don't really miss him. At all. He was pretty grouchy.

User avatar
SpitValve
Not a mod.
Posts: 5124
Joined: Tue Sep 26, 2006 9:51 am UTC
Location: Lower pork village

Postby SpitValve » Sun Apr 08, 2007 5:12 am UTC

He probably means that Linux is tougher to get into, harder to maintain and so on. Well, that's what I reckon at least :)

User avatar
Daem0hn
Posts: 324
Joined: Wed Feb 14, 2007 2:28 pm UTC
Location: Perth, Western Australia (IATA: PER)
Contact:

Postby Daem0hn » Sun Apr 08, 2007 6:23 am UTC

i believe he means that if linux were the only OS avaliable to the market, then alot of computer users would be lost due to the assumed complexity of the linux os when compared to windows.

However if windows were never created, then the Linux OS would have taken a completely different development path. One which presumably would (although not as quickly as Windows) lead to [near] idiot proof installs and configurations like we see from windows today.

Alot of the complexity (to someone who isnt computer literate) comes from the difficulty in getting some devices to operate correctly (editing config files) as individual device drivers are often not available for linux because the manufacturer only cares about the windows market. If the windows market were non-existent, then manufacturers would be forced to develop device drivers for linux, and hence there would not be the complexity of getting devices to work under linux. The same can be said for many other areas of difficulty such as network integration (currently requiring installation and configuration of samba for interaction with windows networks) and many other features that the average user finds confusing.
01 01 was a race horse, 10 10 was 01 10, 01 01 01 01 race, 10 10 01 01 10

-- Mike (19/Male)

User avatar
niko7865
Posts: 536
Joined: Sun Jan 21, 2007 11:47 am UTC
Location: All over washington state, USA
Contact:

Postby niko7865 » Sun Apr 08, 2007 11:30 pm UTC

Hex wrote:Computers would not be very popular if Linux were the only operating system, and they would be equally insecure if Mac OS X were more popular than Windows. The (primary) reason those two go unhacked is the fact they are simply not very profitable targets when compared to the vast userbase of Windows.

Though I assure you, if a hacker wanted to hack or release a virus towards a specific target group, it would be more than possible.

It depends less on what operating system is being used and more on the user. There is no magic trick to make an operating system simply immune to hacking.


Hackers have tried to release viruses for Mac and Linux/Unix, non of which have been penetrable as windows computers. In the linux case the user pretty much has to grant specific access to the virus. With windows the viruses let themselves in but with Linux the user has to let them in.
21/m/athletic/white&nerdy/washington/straight/???
Image

User avatar
william
Not a Raptor. Honest.
Posts: 2418
Joined: Sat Oct 14, 2006 5:02 pm UTC
Location: Chapel Hill, NC
Contact:

Postby william » Sun Apr 08, 2007 11:40 pm UTC

Hex wrote:The (primary) reason those two go unhacked is the fact they are simply not very profitable targets when compared to the vast userbase of Windows.

Then explain to me why IIS servers are hacked so much more than Apache servers, even though Apache servers are much more popular.
SecondTalon wrote:A pile of shit can call itself a delicious pie, but that doesn't make it true.

User avatar
Aglet
Posts: 364
Joined: Tue Mar 13, 2007 12:26 am UTC

Postby Aglet » Mon Apr 09, 2007 2:57 am UTC

niko7865 wrote:
Hex wrote:Computers would not be very popular if Linux were the only operating system, and they would be equally insecure if Mac OS X were more popular than Windows. The (primary) reason those two go unhacked is the fact they are simply not very profitable targets when compared to the vast userbase of Windows.

Though I assure you, if a hacker wanted to hack or release a virus towards a specific target group, it would be more than possible.

It depends less on what operating system is being used and more on the user. There is no magic trick to make an operating system simply immune to hacking.


Hackers have tried to release viruses for Mac and Linux/Unix, non of which have been penetrable as windows computers. In the linux case the user pretty much has to grant specific access to the virus. With windows the viruses let themselves in but with Linux the user has to let them in.


Well, one of the other problems is that, as I recall, one of the GNU/Linux viruses was a simple, unhidden binary. There was also an option that made it delete itself, e.g.

$ virus --uninstall

So it was hardly devastating.
Image

User avatar
Pathway
Leon Sumbitches...?
Posts: 647
Joined: Sun Oct 15, 2006 5:59 pm UTC

Postby Pathway » Mon Apr 09, 2007 6:18 am UTC

There are actually Linux distros in which it is very easy to install programs and get things running. Ubuntu in particular.

Street Mathician
Posts: 8
Joined: Sun Apr 08, 2007 8:54 pm UTC
Location: Out for dinner
Contact:

Postby Street Mathician » Mon Apr 09, 2007 6:35 am UTC

I don't think Linux is that hard. I might just be fooling myself but I find that Ubuntu is quite easy to install, I install it on a regular basis(every new version at least, that's every 6 months) and I had to install Windows the other day. I quickly realised what a blessing it is to be able to install everything you need without having to find 4 driver, 1 OS installation, and 2 OS service pack cd's, not to mention the 5 or so websites to visit to get software and the extra office cd's, but I guess that might just be me who prefers to start up synaptic and go search OpenOffice->4*click button->installed.

More on topic in January some security researchers had a "Month of Apple bugs" where they released a bug each day along, for the most part, with an exploit. This was done partly to demonstrate that OS X is also vulnerable to exploits and to come back at Apple because of the way they replied to an earlier exploit announcement. So all in all it is not true that OS X is immune to exploits and plenty of Linux exploits exists but as has already been said multiple times the heightened focus on access control amounts to something.

As to the IIS vs Apache webservers I would like to see where you get your numbers for that accusation. I must admit I only did a quick google search for exploit sites but plenty of them had Apache exploits though many of them were in modules such as the one in mod_rewrite released in july 2006. Though I must admit my primary source for this is some quick searches at http://www.frsirt.com/english/search.php so it might not be correct. If so then please enlighten me to some details and your sources as it might be quite hard coming up with a plausible explanation if the data is incorrect.

Hex
Posts: 67
Joined: Sat Apr 07, 2007 10:07 pm UTC

Postby Hex » Mon Apr 09, 2007 11:30 am UTC

RealGrouchy wrote:What do you mean by this, exactly? Because frankly, I call bullshit. Have you used linux, or its various distros?

Note that my main sticking point is the word "popular", as opposed to "secure".

- RG>


Yes, and they are not difficult for me to use. However, I can't imagine an 80 year old war veteran who is trying to purchase a WW2 collection using Linux.

niko7865 wrote:Hackers have tried to release viruses for Mac and Linux/Unix, non of which have been penetrable as windows computers. In the linux case the user pretty much has to grant specific access to the virus. With windows the viruses let themselves in but with Linux the user has to let them in.


If a decent buffer overflow problem exists, a machine can be taken over regardless of permissions. Due to Linux being open source, there are a lot more critics to possible exploits than there are for Windows.

william wrote:Then explain to me why IIS servers are hacked so much more than Apache servers, even though Apache servers are much more popular.


Well for one, Apache is open source .. although I don't honestly believe IIS server machines are hacked at a higher rate. Really, it's not like a hacker sees a website and says "oh hay this must run on windoze lets hax it". Sites who can be profited from are targeted.

Trust me, if you had 100,000 credit card numbers stored in a protected directory on Apache and a hacker knew it was there - she would find a way to access it. Security is more of a safety blanket, it doesn't really exist as is.

User avatar
Puellus Peregrinus
Sazl. Eliuo Sazl.
Posts: 258
Joined: Fri Mar 16, 2007 8:57 pm UTC
Location: Tampere, Finland

Postby Puellus Peregrinus » Mon Apr 09, 2007 12:48 pm UTC

Hex wrote:
RealGrouchy wrote:What do you mean by this, exactly? Because frankly, I call bullshit. Have you used linux, or its various distros?

Note that my main sticking point is the word "popular", as opposed to "secure".

- RG>


Yes, and they are not difficult for me to use. However, I can't imagine an 80 year old war veteran who is trying to purchase a WW2 collection using Linux.

Well, I can't imagine an 80 year old war veteran who is trying to purchase a WW2 collection using Windows. I believe that if a person hasn't used Widows nor Linux before Linux (like Ubuntu) would be a lot easier.
Romanes eunt domus!

User avatar
cmacis
Posts: 754
Joined: Wed Dec 13, 2006 5:22 pm UTC
Location: Leeds or Bradford, Thessex
Contact:

Postby cmacis » Mon Apr 09, 2007 1:02 pm UTC

But if they took a computer literacy course they would show them windows, so more support available.

It is a shame that IT classes were based around office. That meant that a lot of copies got passed around. If they taught open office then we wouldn't have to worry about that.
li te'o te'a vei pai pi'i ka'o ve'o su'i pa du li no
Mathematician is a function mapping tea onto theorems. Sadly this function is irreversible.
QED is Latin for small empty box.
Ceci n’est pas une [s]pipe[/s] signature.

User avatar
Isaac Hill
Systems Analyst????
Posts: 506
Joined: Wed Mar 14, 2007 9:35 pm UTC
Location: Middletown, RI

Re: Are Linux and Mac really safer from hacking?

Postby Isaac Hill » Mon Apr 09, 2007 10:41 pm UTC

Girlâ„¢ wrote:Windows side:
"Linux and Mac aren't more secure, they're just not targeted. These people want to infect the most computers possible, and Windows has the greatest market share."


I don't understand how this argument supports the Windows side. It's basically conceding that Linux and Mac won't have as many viruses. I just want my computer to be more secure, I don't really care why it's secure. If anything, the idea that hackers wouldn't even bother trying to attack my machine makes the Linux/Mac side look even better. Unless, of course, my switching would increase the market share from 5% to 5.0000001%, reaching the threshold at which the malevolent hacker community will unleash hell.

Not that I've bothered to switch from Windows. My anti-virus protection is that I still use the Windows 95 PC my parents bought me when I started college nearly 11 years ago, which is probably too obsolete for most viruses to run on.

User avatar
Drostie
Posts: 262
Joined: Fri Nov 03, 2006 6:17 am UTC

Postby Drostie » Tue Apr 10, 2007 1:27 am UTC

Isaac: Yes and no. Yes, it is a concession that there are more viruses for Windows PCs. But "buying security" connotes, y'know, actually getting something that is by its own virtue better at resisting virus attacks.

Put another way, think of it from the perspective of Kant's categorical imperative. The categorical imperative says that you should only act in ways that would be sensible if everybody practiced them.

Should we act on the maxim, "choose an unpopular operating system, for the sake of security"...? No. That path leads to a person designing an operating system that only accepts interpreted programs written in brainfuck. And it will be really secure -- but everybody who uses this operating system loses all productivity.

bbotany
Posts: 10
Joined: Fri Apr 06, 2007 6:39 pm UTC

Postby bbotany » Tue Apr 10, 2007 2:54 pm UTC

Puellus Peregrinus wrote:
Hex wrote:Yes, and they are not difficult for me to use. However, I can't imagine an 80 year old war veteran who is trying to purchase a WW2 collection using Linux.

Well, I can't imagine an 80 year old war veteran who is trying to purchase a WW2 collection using Windows. I believe that if a person hasn't used Widows nor Linux before Linux (like Ubuntu) would be a lot easier.


I had set up a dual-boot computer for a 28-year old with two weeks of computer experience (AutoCad on Windows). In a slug-out between the default configurations (I am not a professional admin, so I took the easy routes) of the fine user interfaces of TWM (on Slackware 9.2) and Win98 the winner was: TWM.

For a novice computer user, an interface they had never seen before, from the mid 80's, beat out the late 90's Windows GUI. That's kind of sad, really. There was *plenty* of time for the MS developers to pick up the useful bits from TWM/*nix. So what was the loss? The browser (either Mozilla or IE, didn't matter) would hit an overloaded site, and crash windows. Same site under Linux/X11 crashed the browser. It's less pain to restart the browser than the computer.

She now uses GNOME, and find Windows *very* difficult to use. And doesn't install software intentionally under any OS. However... her teenage daughter will unintentionally install software on Win systems, but oddly enough, not on Linux... no root, no admin in either. Which is more secure? Has Windows really finally caught up with the release of Vista? Somehow, it doesn't seem likely given the history. I suspect that it will run great for the first three months, then "my computer seems slow now...".

And there's the observations from the floor of the "novice user" room.
Ich bin etwas, was etwas egal ist.

User avatar
evilbeanfiend
Posts: 2650
Joined: Tue Mar 13, 2007 7:05 am UTC
Location: the old world

Postby evilbeanfiend » Tue Apr 10, 2007 3:36 pm UTC

i don't think the open source argument is really true. linux has hundreds of eyes on code but so does MS. the really reason the linux patches are so much quicker is that the OS is an inherently modular design, while MS have deliberately tried to weave their browser, media player and email client into the OS so that it is much harder to make a fix in isolation.

i.e. MS are paying now in terms of poor security, for their aggressive marketing leading design, from the era of the browser wars.
in ur beanz makin u eveel

User avatar
Isaac Hill
Systems Analyst????
Posts: 506
Joined: Wed Mar 14, 2007 9:35 pm UTC
Location: Middletown, RI

Postby Isaac Hill » Tue Apr 10, 2007 11:06 pm UTC

Drostie - Wouldn't the categorical imperative only apply to moral decisions, not practical ones? For example, if I eat a grape from the bin at the grocery store, nobody would notice. The owner stocks a few excess grapes anyway to avoid running out. However, if everyone eats a grape, the store owner runs out and loses a sale. Thus, eating a single grape is morally wrong. On the other hand, sometimes I'll wait to go somewhere to avoid rush hour traffic. If everyone did that, rush hour would just be later, and I'd still be stuck. Should I travel during regular rush hour even though it's impractical?

As for increasing obscurity, I guess that would depend on whether there's some threshold of unpopularity that makes writing malware not worth the effort, or relative popularity. That is, 20 OSes, each with 5% market share, would probably be targeted more than Linux is now, since there's no bigger target. However, the hassle of writing for 20 systems might make each of those OSes less of a target than Windows is now, so security would still be somewhat improved.

On a related note, does anyone know if viruses/exploits written for one version of Linux, say Ubuntu, generally work on other versions? Or is the sample size too small to say for certain?

User avatar
Drostie
Posts: 262
Joined: Fri Nov 03, 2006 6:17 am UTC

Postby Drostie » Tue Apr 10, 2007 11:27 pm UTC

So act by the maxim, "drive during times when the traffic is light." If everybody acted by this maxim, there would be no rush hour traffic anyway.

My point is that the equivalent scenario, "use OSes which are unpopular," would lead to an even market share division over several OSes which are mostly total crap in comparison; so it doesn't fit the categorical imperative.

I'm not sure that there should be a difference between moral action and practical action. To my mind, morality should be first and foremost a system for choosing between multiple practical actions.

User avatar
Azquelt
Posts: 98
Joined: Tue Apr 10, 2007 10:39 pm UTC
Contact:

Postby Azquelt » Wed Apr 11, 2007 12:02 am UTC

Daem0hn wrote:i believe he means that if linux were the only OS avaliable to the market, then alot of computer users would be lost due to the assumed complexity of the linux os when compared to windows.

However if windows were never created, then the Linux OS would have taken a completely different development path. One which presumably would (although not as quickly as Windows) lead to [near] idiot proof installs and configurations like we see from windows today.


We're seeing this today with distributions like ubuntu. In my experience it's pretty easy to install and get everything running. The general computer used by the rest of my family runs ubuntu and they get on with it just fine, I haven't touched it in about a year.

I expect that if retailers sell computers with linux already set up and working, as dell is planning, most users won't miss windows (although they may miss windows software such as office).

User avatar
SpitValve
Not a mod.
Posts: 5124
Joined: Tue Sep 26, 2006 9:51 am UTC
Location: Lower pork village

Postby SpitValve » Thu Apr 12, 2007 12:51 am UTC

I got a shiny new MacBookPro this morning. Took about 5 minutes to go from plugging in to browsing the web.


(Then another 2 hours running around the university trying to find out my staff password so I could access sites outside our university domain)

User avatar
RealGrouchy
Nobody Misses Me As Much As Meaux.
Posts: 6703
Joined: Thu May 18, 2006 7:17 am UTC
Location: Ottawa, Ontario, Canada
Contact:

Postby RealGrouchy » Thu Apr 12, 2007 2:07 am UTC

So? When I got my windows XP laptop three years ago, it was ready to go when I installed it.

Earlier today, I installed Firefox on a WinXP box, and the time from going to ie7.com, downloading it, installing it, and using it was literally less than two minutes.

Now, if you had never used a computer before and just got a Macbook Pro and was able to surf the web inside of five minutes, then that would be notable.

- RG>
Jack Saladin wrote:etc., lock'd
Mighty Jalapeno wrote:At least he has the decency to REMOVE THE GAP BETWEEN HIS QUOTES....
Sungura wrote:I don't really miss him. At all. He was pretty grouchy.

User avatar
Ren
Rockin' Robin
Posts: 2933
Joined: Tue Mar 06, 2007 3:06 pm UTC
Location: Kitchener, Ontario
Contact:

Postby Ren » Sat Apr 14, 2007 1:21 pm UTC

Which I think would be more possible on a Mac than on a PC anyway. The nice thing about Macs is that they kind of explain everything that has to happen as you're going along, whereas with Windows you have to read instructions--and if you do it yourself you could run into some interesting problems.

I switched from Windows to Mac a while ago, after a long and sometimes frustrating career with the former.

The nice thing about Windows is that it's accessible--at least in desktop form. You can open the thing up and put in hardware; it seemed to me to be more hands on. It did, however, take a lot to protect from viruses, and getting the right drivers for new stuff was a PAIN, especially if the equipment was older.

I guess it's true that the reason Mac/Linux doesn't get viruses is because it's not worthwhile considering the small percentage of the market. But...I think the point is that they don't get viruses. Why isn't perhaps so important.
MotleyJesster (12:34:04 PM): Better than moping around being all "I do not need love, I have indie music and a wind instrument!"

User avatar
d3adf001
Posts: 1000
Joined: Thu Mar 29, 2007 4:27 pm UTC
Location: State College, PA
Contact:

Postby d3adf001 » Sat Apr 14, 2007 6:33 pm UTC

so here i go:
security through obsecurity is the worst idea ever. just because windows source is closed, it doesnt stop "bad guys" from seeing it. ESR said something like with enough eyes all bugs become shallow.

also trojans should count because their exploit is human stupidity and that cant be stopped. i could write a trojan for openBSD the most secure os out there (only has had 2 remote exploits in 10 years) and it would work.

and the virus due to market share is total horse shit sort of. *nix dominates the big server/infrastructure market. if i was gonna desgined a virus for profit i would have one that breaks into big money corps and not some one that bought a 300$ computer at walmat that owes 13K to creditcards

if you want secure go openBSD if you wont want a bsd pick up a linux or osx. UNIXs design is more secure than windows and thats a fact.

User avatar
Gelsamel
Lame and emo
Posts: 8237
Joined: Thu Oct 05, 2006 10:49 am UTC
Location: Melbourne, Victoria, Australia

Postby Gelsamel » Sun Apr 15, 2007 7:26 am UTC

Neither are harder to hack/make viruses for. It's just the majority use windows so the majority of hackers/viruses target windows.

But expect similar results for positive things.
"Give up here?"
- > No
"Do you accept defeat?"
- > No
"Do you think games are silly little things?"
- > No
"Is it all pointless?"
- > No
"Do you admit there is no meaning to this world?"
- > No

User avatar
Vaniver
Posts: 9422
Joined: Fri Oct 13, 2006 2:12 am UTC

Postby Vaniver » Sun Apr 15, 2007 8:11 am UTC

Going back to the first line of Girl's post, wouldn't the new-ish Computer Science forum be the best place for this thread? Or, at least, best in terms of content, not necessarily getting people to see it :P
I mostly post over at LessWrong now.

Avatar from My Little Pony: Friendship is Magic, owned by Hasbro.

demon
Posts: 170
Joined: Tue Feb 06, 2007 8:13 pm UTC

Postby demon » Sun Apr 15, 2007 10:34 am UTC

Gelsamel wrote:Neither are harder to hack/make viruses for. It's just the majority use windows so the majority of hackers/viruses target windows.

But expect similar results for positive things.


did you actually write a virus that can make an average pc running an os other than windows pretty much unusable, or is this an opinion?
to my knowledge there is no generic hack to get superuser priviledges regardless of system configuration on linux/bsd/other *nix systems. the ones that work usually rely on some bugs in applications that can invoke other users' access rights - and even those tend to get fixed pronto. so unless the virus is lucky enough to get past the average user somehow - which is not precisely easy, as you will still probably have to count on that user's lack of knowledge or a security hole affecting a single application the user uses and somehow didn't patch - the chances of acquiring root powers are very small. not to mention that i have yet to hear of a process that cannot be killed - init excluded, of course:)

also - as was already mentioned a couple of times - hackers that try to hack only personal computers hardly deserve the name. what's the glory in finding a security hole which allows you to - ye gods - browse through photos? of course, momentuous achievements like finding that giant gaping hole in windows security that gave us blaster, sasser and the whole family of invisibly spreading worms is something different, but you get the point. so i really think the majority of hackers target *nix systems. we might not hear of their achievements because they often just file in the bug report. or fail in their efforts.


Return to “News & Articles”

Who is online

Users browsing this forum: Koa and 19 guests