Windows vs. Linux Security, Once More

TAGmclaren writes "The Register is running a very interesting article about Microsoft and Linux security. From the article: 'until now there has been no systematic and detailed effort to address Microsoft's major security bullet points in report form. In a new analysis published here, however, Nicholas Petreley sets out to correct this deficit, considering the claims one at a time in detail, and providing assessments backed by hard data. Petreley concludes that Microsoft's efforts to dispel Linux "myths" are based largely on faulty reasoning and overly narrow statistical analysis.' The full report is available here in HTML form, and here in PDF. Although the article does make mention of OS X, it would have been nice if the 'other' OS had been included in the detailed analysis for comparison."

Re:Geez..

[RangerRick98]

The latter two links appear to be broken, but match the links provided in TFA. Perhaps the Register forgot to upload the actual reports?

Re:What I Would Like to See

[RealAlaskan]

Well, he did address your question in the article.

He did use the Apache case as a counter-example, because that's one of the few cases where MS and Libre software compete, and Libre is the larger target. In that case, the smaller target comes out looking more vulnerable. Is there something special about Apache which makes you think that it wouldn't work that way for other Libre projects? If you know something we don't, by all means share it.

... I cannot think of any good way to measure this.

Oddly enough, Petreley covered that question, too.

Re:Linux is more secure. Once more.

[Theatetus]

Crackers are an ingenious lot, and security holes are security holes are security holes. They WILL be exploited in linux sooner or later.

Will be exploited? Download the metasploit framework sometime; there are more exploits for Linux than for Solaris or Windows. But this is where the guy's point becomes important: because of how Windows deals with security tokens (here is a good place to start if you're curious), any exploit that gains access can probably execute code in the SYSTEM context.

So, of the Linux exploits that are trivially available to exploit, none can reliably execute arbitrary system code, while all of the Windows exploits can. That's not this one guy's opinion, that's just how the operating systems work.

Or a better alternative

RSBAC should perhaps be considered. It is far more modular, been in production use a lot longer, has none of the disadvantages of selinux(eg works with any filesystem, needs no patches to filesystems, doesnt break other kernels on the same machone). It has a list of protections, has official PaX and virus(malware) scanner support, and the developer is always willing to take ideas from people and quickly fix issues. I would be interested for a detailed comparison of the two between slashdotters, thoughts and experiences etc.. But from everything I can see, RSBAC seems far superior. RSBAC.org

This isn't about "hardship". It's about numbers.

[khasim]

According to my calculations, this still meets the 99.9999% reliability that MS claims the server to be able to provide, on enterprise-grade hardware (and what I am running on is decidedly not enterprise-grade, unless eMachines has recently broken into the enterprise market and I forgot to read the press release.)

Nope.

Reboots take about 4 minutes to shut down, restart, wait for the services to resolve themselves, and try again.

4 minutes/month == 48 minutes/year.

99.999 availablility means 5.26 minutes of downtime per year.

At best, you've got around 99.99% availability.

However, 4 minutes a month isn't a hardship, and anyone who says it is needs to either look into something transparently redundant, fault-tolerant, or reevaulate why they are so dependant on that one system in the first place.

It isn't about "hardship". It's about reliability. Getting that last .009% is very difficult and really doesn't give you much in terms of real world reliability for MOST business needs.

But for those that require it, it is available. And because it is available to those, it is available to everyone. Even those who do not need it.

Sure, my print server probably doesn't need 99.999% reliability. But because it has it, I don't have to worry about it.

In my experience, it's the reboot that causes the hardware failures. The fewer reboots, the fewer chances for hardware failure.

Re:I'd rather see

[nine-times]

the scary part is that at bootup, the microsoft firewall or ANY software firewall is inactive and disabled for a long time after the ethernet and networking comes up and alive.

I think (correct me if I'm wrong) they fixed this in Windows XP SP2. The software firewall comes up first, then the network interfaces. If the firewall tries to start and fails, the network interfaces won't start either.

Re:Make Sure That You Only Present...

['nother+poster]

Umm. Actually you don't need tags. Right there next to the Submit and Preview buttons is a drop down menu that allows you to select three other formatting options.

They work well.

Re:Make Sure That You Only Present...

really ? what's this then? :

D:\ResKit>su.exe
UserName required!

above available from nt4.

or "run as" available from win2k?

Look, you'd better to educate yourself before posting.

Re:Does security really matter?

[argent]

Does security really matter?

YES

I mean neither Windows nor Linux are secure, we see new ways to exploid them every few weeks or even days

Um, no, there is a huge difference. UNIX applications are usually designed in an inherently secure manner, UNIX file permissions really do make a difference, and UNIX contains mechanisms that can be used to lock the system down to the point where you can give a user "root" access and they still can't modify anything outside the sandbox you set them up in.

Windows does not, in practice, provide some of these kinds of security at all... and others are purely nominal protections at the same level of asking people "are you going to rob the bank" and letting them into the vault if they say "no".

So where on Linux an error that lets someone break out of a CHROOT environment is listed as an "exploit", Windows doesn't even provide that kind of environment so you don't need an exploit to compromise it. When a Windows exploit is listed, it far more often means there's a way of completely compromising your computer and taking it over, rather than just letting the attacker from one locked room to another.

That is, if I was running an "anonymous FTP server", and the server application has a buffer overflow in it, on Windows that exploit would let them inject a backdoor and take over my machine at will, and modify the boot sequence to restart the backdoor if the computer is rebooted. On Linux, they would be able to run the backdoor as an unprivileged user, they wouldn't be able to even see any executable files that could be used to restart the backdoor, and in some configurations they wouldn't even have network access. They would need to find and run two more exploits... one to break out of the CHROOT environment and one to get root privileges... before they could do anything.

This is called "defense in depth". UNIX systems and applications, developed in an environment where you had to give mutually untrusting users access to the same computer at the same time in a timesharing environment, don't break down and give up with one attack.

SO...

Linux, like all UNIX systems, is built around inherent security and defense in depth, which means that it's MUCH harder to get in and MUCH harder to do anything once you are in.

AND...

It's not just a matter of relative popularity... for one example: back when 2/3 of the domains out there were running Apache on Linux, the less than 1/3 remaining IIS servers still represented 2/3 of the domains on the "defaced sites" list.