Slashdot Mirror
UNIX Security: Don't Believe the Truth?
OSNews has an interesting editorial about security on UNIX-like systems. "One of the biggest reasons for many people to switch to a UNIX desktop, away from Windows, is security. It is fairly common knowledge that UNIX-like systems are more secure than Windows. Whether this is true or not will not be up for debate in this short editorial; I will simply assume UNIX-like systems are more secure, for the sake of argument. However, how much is that increased security really worth for an average home user, when you break it down? According to me, fairly little"
I think the author of the editorial makes a rather trivial point. (They could have made the point a lot stronger, pointing out that malware, spyware, adware, trojans, etc., are all able to be run from within unprivileged user-space.)
But why would a home user care about Unix-type security? I'll give you a few reasons of my own.
(a) Smaller target. Yes, that's right, I'm saying that the largest increase in security that home users get is because they're using something that 90% of the home user market isn't. This isn't a feature inherent to Unix, obviously--but I still think it's a reason to switch. "But if everyone switches, won't that get rid of the security increase?" Perhaps a little, but the only way it would completely vanish is if everyone switches to the same flavor of Unix. If we have a Unixy, more secure home computing environment, but slightly different flavors, then viruses and malware will have a more difficult time propagating in such a non-homogenous environment.
(b) Remote exploits. This, I think, is a lesser issue, but not a trivial one--there are a considerable number of remote exploits in Microsoft software, and there have been a non-trivial number of viruses and malware that spread through this vector. Unix-based systems are historically less vulnerable to such attacks, and often the remote processes that are vulnerable run under a different user than the desktop user anyway.
Dlugar
Computer Go: Writing Software to Play the Ancient Game of Go
Now, J2ME is a flawed platform in many ways, but in terms of security they're light-years ahead of where desktop computing is. There are many things we could learn from it.
Who determines what the emergency is? The system itself? If there really is an "emergency," will the system even be in a state to realize it? The last thing users need is to be lulled into a sense of security by automatic backups that can't be retrieved when you really need them.
I continue to be surprised at those who still don't seem to understand the viability of UNIX on a home desktop. I took an old Pentium II-class Gateway laptop a few weeks ago that was running Windows 98. My six-year-old daughter wanted a system and since 98 is impossible to secure (technically, abandonware) and XP has no chance in hell of running on this fossil with any reasonable load of applications (96 MB RAM, 2 GB drive, etc), I loaded Gentoo on it with KDE.
Not only does she have no difficulty using it, but my wife and 12-year-old son are on it all the time checking emails and websites. The wife's a hard-core Mac user and my son normally uses XP. So while all the tech industry reporters out there muse about "when Linux will be viable for the home desktop," those of us out here who have a clue will continue to quietly use it.
I wonder why he didn't bring up that Dad has pictures of Little Johnny on his first day of school Mom has all of her and dad's wedding photos. Litte Suzy has all of her papers for school on the hard drive. Little Johnny likes to look up pr0n.
Windows situation, While trying to download hotmidgetdonkeypornheaven.exe, Little Johnny accidently picks up uber.worm. Uber.worm deletes Johnny's files, suzie's files, mom's files, dad's files, system files, makes the system useless, and you go from a windows computer to a nice paperweight until you reformat. *nix situation, While trying to download hotmidgedonkeypornheaven.sh, Little Johnny accidentally picks up the uber.deletion.script. Uber-del deletes johnny's entire home directory!
Of course, Mom, Dad, and Suzie are entirely unaffected because Johnny doesn't have permission to overwrite those files.
Wonder why the asshat, er, I mean, article writer didn't bring up that snippet?
Evil Walrus >83=
The logic is absolutely laughable, so it must be a joke. All systems fail, so all systems must be backed up. But what has 'backup' have to do with security? Thats recovery, not how to keep malware out of the system in the first place. I suppose all home users would rather "recover" their systems every other day rather than to do what they really want to do, like write letters and organize their photos. This poor guy needs help if thats how he thinks things should work.
I think it is tautologically true. Devastation is a noun, like "unique" that does lend itself to qualification. I think it's also true that Windows users meet with devestation and the hands of malefactors much more often than Unix users; in part this is due to the prevelance of Windows of course. But it hardly explains the mountain giving birth to a mouse response of Microsoft when it comes to improving the situation for their users.
There probably isn't a single kind of vulnerability in Windows that has not been in Unix. The only difference is that in Unix is a choice and Windows is a fact of life. Providers of Unix compete with each other, whereas Microsoft, while it may labor mightily on various things, only works barely hard enough to make life bearable. Nor should we expact it to do "better"; as a business they do what the market tells them to, and if the customer bears much, then the vendor does little. I was fascinated during the MS anti-trust trial of the idea of splitting MS up into competing windows providers. If there were competing providers for Windows variants, Windows would be ust as good as Unix, possibly better.
I expect as more customers desert Windows for Linux (there is no place to go but up), Windows security will improve greatly.
I am reminded of Lord Macaulay's speech on copyright, in which he explains that perpetual copyright is bad for books, "I believe, Sir, that I may with safety take it for granted that the effect of monopoly generally is to make articles scarce, to make them dear, and to make them bad. "
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Security issues have moved on a little since the 80's, where his point of view is from - very few security breaches today result in loss of data, because computers are really more valuable as zombies and so not many viruses really attempt to mess with much (even the most recent public example of a destructive virus on WIndows was pretty much a dud).
Another thing he does not account for is time. Time is a valuable commodity to all users, and anything that can prevent a virus or spyware from reaching further into the computer reduces the amount of time and knowledge needed to remove probelms from the system. That is at the core the value that UNIX brings to the security equation. Not absolute protection but like a teflon pan, easier cleanup when you do create a mess.
And last of all by not explicitly mentioning how much more inherantly secure UNIX systems are that start off with a base of no open ports are. Sure spyware and viruses can get in through the browser, but it's a much harder attack route than just scanning and finding a hole wide open that requires no effort on the part of the computer user to install.
In the end his rant boils down to noting that users should really back up files often - but even this message is dated, as a few years of sketchy consumer hard drives with short warranties has started to drive home this lesson in spades through failed hard drives. Forget hackers; little johhny's pictures today are in far greater peril from a simple lack of using the CD-burner.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Saying people are "just kids" are ignoring the fact that they are not. They're college students. After all, a kid eschewed the giant corporation funded operating system and slapped one together (with a fellow kid) to play Space Wars and revolutionize operating system design. A kid wrote the free implementation of Minix. A kid founded both the most portable operating system and the most secure one. A kid cloned an implementation of the Windows network file system onto the *nix platform. It may be surprising, but kids today start some of the most influential work in computing.
plan9 does this
and you get a day by day (or however much you fancy) snapshot so you can roll back your files to any snapshot in time you have recorded, on a process by process basis. I.E. you can have two different days open at the same time in different processes.
And, to add compliment to health, it doesn't use up extra space but uses Venti
Venti is also available for Unix-likes via plan9port
while I'm here, plan9 is secure BY DESIGN. No super user, networked authentication, networked file storage, diskless terminals etc. et bloody cetera.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Secondly, as someone who has seen trojaned PC's I can tell you that being used to spam viagra ads to the western world does have a practical cost for non-techs. While some trojans may leave the files alone the fact that a) all security is compromised, and b) your hardware is being used by others without your consent or knowledge; is meaningful to everyone. In this arena *NIX systems do have a significant leg up over windows. It is much harder for an errant e-mail to lead to a full system compromise on *NIX than on Windows. That having been said I can see how a user-specific trojan may do as much damage.
Thirdly, the author seems to be ignoring the truest source of vulnerabilities: applications. While the base OS is an issue the primary source of holes are applications (Outlook) or application-components (WMF). A *NIX system can be as insecure as Windows with respect to these. However a) There is a greater offering of secure forms, and b) *NIX's more modular form and coding traditions (sacrifice features for security) make it (in general) less suceptible to these kinds of problems.
Fourthly, Windows is developed on a different model from *NIX. Microsoft has always put new features first and foremost. This has led to the situation specified above.
That being the case, much of this is tradition. The traditions of Unix Development (Security over Features) versus Windows (Features over Everything) is what has led to the current state of affairs. Microsoft is in the process of learning the long hard lessons of their history and has been attempting to ape the *NIX model more closely. Meanwhile some in the Linux community have begun arguing that they should move to more "Feature Laden" distros like windows. If Microsoft succeeds in its painful changes and Linux distros begin chasing the "I want features now" crowd then the equations may reverse themselves.
I have found the ultimate solution to such issues in my VMWare testing environment - snapshots. We really beat on and hose our testing machines and, to make sure we were getting an acurate test, we would always have to reimage them from a Ghost image every time we went in there. We replaced that solution with running our testing in VMWare where reverting to a previous snapshot just takes a few seconds. Not to mention that you can branch off them in a tree fashion to track and test under various changes and conditions. I really don't understand why MS can't develop a simpler version of something similar for the OS. HD space on the vast majority of user's machines is plentiful and the ability to be able to make a snapshot of your system when it is exactly the way you want it that you can go back to later quickly and easily would solve myraid problems. If you could back up that snapshot to a DVD or external HD in such a way as the hypothetical snapshot manager could restore your PC config from it in the event of a physical HD failure all the better.
Now, obviously, we would need a way to prevent a malicious program for also corrupting the backup snapshot - maybe some password that is specifically for the modifying and changing of the system snapshot.
I doubt that MS will ever be able to make an OS as secure as Unix as long as they have to provide the level of backward compatibility they do. What they could do, however, is mitigate the risk by giving us a way to get our PC back to it's pristine state without all of the trouble of app reinstalls and haphazard backups/restores. The limitation always was the hard disk space this would entail and that limitation has been blown away by modern HDs...
I have a number of Unix/Linux users who use their systems as desktop workstations and don't use root (at all - I set them up and do all maintenance remotely)
Their systems do daily backups of home directories to a protected area that is read-only by their IDs. Whether or not the overall systems are less virus/worm prone is not really the issue, the fact is that only an attack that can get root access can actually do (locally) irretrievable damage.
The better thing IMHO about Linux/Unix is that there is transparency about what actually needs to be backed up in most cases (some require a bit of sleuthing but even they can be made transparent) - the home directory and maybe a major application data directory (MySQL for example)
Only these need to be dealt with - the rest of the machine's resources can be replicated/restored/reinstalled and add the data and go on your happy way.
Been there, done that, paid for the T-shirt
and didn't get it
This isn't necessarily the fault of Windows
And that is only because the FIRST step is learning enough about the system to know that there is a problem. It's easy for most of us who spend time and read
Viruses only spread when their infection rate EXCEEDS the removal/immunization rate.
When the infection rate is lower than the removal/immunization rate, the virus dies.
With most current versions of Linux, the default security configuration means that it is very difficult to infect a machine (not impossible) and very easy to remove the infection.
Before this "InterWeb" thingie, I was cleaning boot sector viruses from DOS machines that required someone to have booted from an infected floppy.
Linux boxes CAN be infected, but the odds of it happening are very, very slim.