Linux operating systems offer the worst track record??
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
I automatically ignore any "research" that comes from Mi2g. They're the laughing stock of the analyst industry. I do happen to favor OS X very highly--I personally like OS X much better than any Linux distro that I've seen so far--but I don't put any stock in conclusions drawn by Mi2g; they just don't have any credibility.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Oh well, I read the article just for grins. It's actually a recycle of the very same "test" they did last year. They analyze manually compromised systems (i.e. systems that were broken into by hand, not by worms) and give the results based on based on raw numbers.
Now, given that the data is based on raw numbers, it pretty much stands to reason that the OS with the largest install base is probably the most compromised. In this case Windows wasn't manually compromised as often as Linux, which is slightly surprising. If you think about it for a second though, it's very difficult to write automatic compromises for Linux because there are hundreds of distros (dozens in common use) and some of them have significant differences. This means a lot more compromises must be done by hand rather than by worm.
So the numbers are a little bit skewed, but still for such a small install base Linux has a disturbing security trend. I would attribute this to two things:
1.) Gross lack of QA
2.) User arrogrance/ignorance
The reason why all the commercial OSs, and the BSDs tend to have less problems is that they do a lot of QA. NetBSD and OpenBSD do a lot of code auditing and regression testing, and FreeBSD has a large team dedicated to working on the complete system, as well as rigorous security tests for the imported software packages. This same theme was highlighted recently by Michael Zalewski in his malformed HTML tests (showing that IE handled malformed HTML far, far better than all the Open Source browsers).
A fundamental problem with programs developed by hobbiests is that lots of people love the "fun" aspect of writing the program, but no one likes the grunt work of painstakingly testing every possible branch and input value.
The second problem is that many people who use Linux OSs just automatically assume it's completely secure. You're going to need to pay attention to the security any any OS, and Linux is no exception.
Here is a part
"
The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded, with 154,846 successfully compromised Linux 24/7 online computers of all flavours. The number of successful manual hacker attacks against Microsoft Windows based online computers has remained steady and accounts for 25.19% of all breaches recorded, with 59,419 successfully compromised Windows targets of all versions. In sharp contrast, the number of successful hacker attacks against Mac OS X or BSD based online computers has demonstrated a declining trend and accounts for just 4.82% of all breaches recorded, with 11,370 successfully compromised BSD targets of all flavours including Apple.
"
Statistics can be misleading of course. Here's what I'll consider. What defines attacks? Were the attacks recorded because they knew it was happening? Maybe the Linux attacks are recorded because they knew it was happening while the Windows and BSD,Mac attacks are going on oblivious. It could also be that the Linux attacks are more common but less threatening? Personally, I dunno how much I can trust mi2g since I have no experience with it. But those are my thoughts.
Follow the dollar..find out who paied to do the study. That, lots of time, slants the results favorably toward Microsoft, especially when funded by them.
in a good linux setup, the only way in would be manual hacking ... vs windows were its easier to just download a stupid script that will do everything for you .......... ask yourself this, would you manually hack windows, or use a script that took 5 minutes to find and download if you wanted to get into a windows based computer ?
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802
Rep:
Actually, I think it's a combination of things,
1. M$ funded studies don't consider it an attack on the OS if they attack Apache running on a Windoze server. They DO consider an attack on Apache to be an attack on Linux.
2. M$ is funding the studies, they are scewed towards an absurd result.
3. The studies use systems configured on older versions of Linux, generally,... like old 2.2 and 2.4 kernel systems, with known exploits...
4. The prefered attack method on a Windoze machine is automatic, where the prefered attack on a Linux box is a manual crack. Linux defenses are just so much better that a simple script or trojan won't do the trick. The attacker has to actually KNOW something...
5. The studies probably count an attack on Linux successful if any user's account is compromised. Unlike Windoze, a compromised attack on a user's account is not fatal to a Linux system... just a prelude to a more pressing problem.
Well they had me going right up to the point I read the CONCLUSION.
Quote:
"More and more smart individuals, government agencies and corporations are shifting towards Apple and BSD environments in 2004," according to DK Matai, Executive Chairman, mi2g. "For how long can the truth remain hidden that the great emperors of the software industry are wearing no clothes fit for the fluid environment in which computing takes place, where new threats manifest every hour of every day. There is an accelerating paradigm shift visible in 2004 and busy professionals have spotted the benefits of Apple and BSD because they don't have the time to cope with umpteen flavours of Linux or to wait for Microsoft's Longhorn when Windows XP has proved to be a stumbling block in some well chronicled instances."
I'm sorry but whomever wrote that conclusion is not "neutral" period.
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802
Rep:
OS X is nice, it offers the power and stability of FreeBSD with a really nice tuned front end... which is probably responsible for making it so easy to set up.
Linux, on the other hand, suffers from the problem of having an interface for certain services that is just harder for newer sys-admins to work with. Therefore there is a higher probability that a (the average) Linux box is not set up to be as secure. A Linux box in the hands of an experienced sys-admin is as secure as anything proprietary Unix, FreeBSD or OS X has to offer...
As far as M$ being better??? Crap. As V.P. Chenney said in Nazareth, PA recently, "you can put lipstick on a pig, but at the end of the day, it's still a pig." These studies are funded by M$ to use in their FUD campaign. They are utter crap.
I just started using my SUSE Linux 10 operating system so I do not know how vulnerable it is.
What I do know is that Microsft builds multitudes of " holes " in its operating systems so as to enable Microsoft and the computer manufacturers to know what has/is being done on those computers all the time.
With all of the ways built in to get in; it is no wonder why just about any computer programmer can come up with spyware, adware, viruses, trojans, and hijacking software to penetrate the Microsoft operating systems.
I am through having my hard drive reformated because of those many Microsoft " holes ".
Well they had me going right up to the point I read the CONCLUSION.
I'm sorry but whomever wrote that conclusion is not "neutral" period.
I agree completely. I just happen to be a network security engineer with DoD and I can tell you that there is a big push towards linux right now. Solaris is still the most prevalent os for mission critical servers but linux is starting to gain ground. We currently have quite a few linux servers performing basic functions like web serving, dns, nfs, ect. Whenever it is time to purchase new hardware, the decision always comes down to solaris or linux. Hell BSD isn't even an approved os(atleast on the federal/state level) so I would really love to find out what agencies are supposedly switching to a nonapproved os for their servers. Its obvious this person has no idea what he is talking about, atleast when it comes to what the govt is doing and linux.
Mac OS X and BSD Unix represent a smaller installed base of computers than Windows or, by some estimates, Linux machines. This has led to what some security experts and industry pundits call "security through obscurity": Because there are fewer Macs, fewer hackers will try to exploit them, since they aren't as familiar with the operating system and their efforts are less likely to have a widespread impact.
LOL lets all run to the other end of the row boat since its sinking slower. Oops look what happened. Oh well.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.