Linux: Secure as You Want It to Be
My colleague Larry Seltzer thinks that we may be on the verge of an age of Linux worms that might rival the endless trouble that Windows users find themselves in.
First, none of the trio of vulnerabilities in the luppi worm actually have a thing to do with Linux. Yes, these worms target Linux systems, but the holes they use to target arent Linux holes at all. Theyre Web service script holes.
Saying that this is a Linux problem is like saying that the gaping Macromedia Flash hole is an XP problem.
So long as you dont run a vulnerable application, your system is as secure as ever.
Larry thinks that one reason why Linux systems are, generally speaking, more secure than Windows systems is that Linux users tend to be more aware of basic security practices than Windows users.
Id have bought that theory a few years ago, but Linux really is getting more popular. As a result, I now know Linux users whod be no more able to set up a basic firewall with iptables than a Windows user would be.
As a result, theres a growing market for Linux security programs. Just like I always recommend Zone Labs ZoneAlarm for Windows users, I now recommend new Linux desktop users either get a Linux desktop like Xandros Xandros 3.0, which comes with a firewall wizard, or, for corporate users, they buy Astaro Corp.s Security Gateway software (formerly Astaro Security Linux).
At the server level, Ive found Windows and Linux administrators to have equivalent levels of skills.
No, the real security difference between Linux and Windows is simply that by design Linux is inherently more secure than Windows.
From the ground up, Linux was designed to be a multi-user, networked operating system. Even now, Windows shows its creaky history as the descendent of a single-user, stand-alone PC operating system.
That gives Windows some strengths that Linux systems dont have. For instance, you can easily copy and paste from almost any Windows application to another. With some Linux applications its easy to cut and paste between them; with others its not.
The bad thing about the Windows approach, where everything from the highest level user applications like a Web browser or a word processor is linked to the lowest level of the core operating system, is that almost any vulnerability can be used to attack the entire system.
Why, this Tuesday, three Windows image-rendering flaws have made XP, W2K and 2003 users PCs vulnerable to takeover attacks. Your Windows PC could be gutted like a fish simply by viewing a rigged image in Outlook, Internet Explorer, or Word.
This is a perfect example of a Windows-only problem. First, even if there were the same holes in three Linux applications, say Thunderbird, Firefox and OpenOffice.org Writer, it still couldnt hammer a Linux system the way it could Windows. Linux simply doesnt have those useful, but dangerous, Windows internal links.
Make no mistake though, while Linux is far more secure than Windows, it is not invulnerable. No operating system is.
Security is a process, not an operating system or a product. Its just that when using Linux, today and tomorrow, you start ahead of the game.
Ziff Davis Internet Senior Editor Steven J. Vaughan-Nichols has been working and writing about technology and business since the late 80s and thinks he may just have learned something about them along the way.
Check out eWEEK.coms for the latest open-source news, reviews and analysis.