Why Linux is more secure than Windows, and why it runs better...

Why Linux is more secure than Windows, and why it runs better...

Post by tblanchard » Fri, 29 Jun 2007 05:11:12


ttp://www.theregister.co.uk/security/security_report_windows_vs_linux/#bursting

After scouring the web, I believe this is one of the most thought out
and well put reasons why windows continues to suck, and why Linux is
obviously much better. I especially like the snippett below.

"Windows is Monolithic by Design, not Modular
A monolithic system is one where most features are integrated into a
single unit. The antithesis of a monolithic system is one where
features are separated out into distinct layers, each layer having
limited access to the other layers.

While some of the shortcomings of Windows are due to its ties to its
original single-user design, other shortcomings are the direct result
of deliberate design decisions, such as its monolithic design
(integrating too many features into the core of the operating system).
Microsoft made the Netscape browser irrelevant by integrating Internet
Explorer so tightly into its operating system that it is almost
impossible not to use IE. Like it or not, you invoke Internet Explorer
when you use the Windows help system, Outlook, and many other
Microsoft and third-party applications. Granted, it is in the best
business interest of Microsoft to make it difficult to use anything
but Internet Explorer. Microsoft successfully makes competing products
irrelevant by integrating more and more of the services they provide
into its operating system. But this approach creates a monster of
inextricably interdependent services (which is, by definition, a
monolithic system).

Interdependencies like these have two unfortunate cascading side
effects. First, in a monolithic system, every flaw in a piece of that
system is exposed through all of the services and applications that
depend on that piece of the system. When Microsoft integrated Internet
Explorer into the operating system, Microsoft created a system where
any flaw in Internet Explorer could expose your Windows desktop to
risks that go far beyond what you do with your browser. A single flaw
in Internet Explorer is therefore exposed in countless other
applications, many of which may use Internet Explorer in a way that is
not obvious to the user, giving the user a false sense of security.

This architectural model has far deeper implications that most people
may find difficult to grasp, one being that a monolithic system tends
to make security vulnerabilities more critical than they need to be.

Perhaps an admittedly oversimplified visual analogy may help. Think of
an ideally designed operating system as being comprised of three
spheres, one in the center, another larger sphere that envelops the
first, and a third sphere that envelope the inner two. The end-user
only sees the outermost sphere. This is the layer where you run
applications, like word processors. The word processors make use of
commonly needed features provided by the second sphere, such as the
ability to render graphical images or format text. This second sphere
(usually referred to as "userland" by technical geeks) cannot access
vulnerable parts of the system directly. It must request permission
from the innermost sphere in order to do its work. The innermost
sphere has the most important job, and therefore has the most direct
access to all the vulnerable parts of your system. It controls your
computer's disks, memory, and everything else. This sphere is called
the "kernel"., and is the heart of the operating system.

In the ab
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by Hadron Qua » Fri, 29 Jun 2007 05:39:00


XXXX@XXXXX.COM writes:


You do know that Linux is a monolithic kernel don't you?

No?

How embarrassing for you.

http://www.yqcomputer.com/


,----
| http://www.yqcomputer.com/
|
| True, linux is monolithic, and I agree that microkernels are nicer. With
| a less argumentative subject, I'd probably have agreed with most of what
| you said. From a theoretical (and aesthetical) standpoint linux looses.
| If the GNU kernel had been ready last spring, I'd not have bothered to
| even start my project: the fact is that it wasn't and still isn't. Linux
| wins heavily on points of being available now.
`----

LOL.

 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by Roy Schest » Fri, 29 Jun 2007 07:38:48

____/ XXXX@XXXXX.COM on Wednesday 27 June 2007 21:11 : \____

http://www.yqcomputer.com/ #bursting

Also see:

2006 Operating System Vulnerability Summary

http://www.yqcomputer.com/


Linux vs. Windows: Which is Most Secure?

http://www.yqcomputer.com/


Linux Security: A Big Edge Over Windows

http://www.yqcomputer.com/


The problems with Vista laid bare - What might have been

http://www.yqcomputer.com/


Why Windows is less secure than Linux

http://www.yqcomputer.com/


Linux more secure than Windows, national survey shows

http://www.yqcomputer.com/


Microsoft Windows: Insecure by Design

http://www.yqcomputer.com/


If Only We Knew Then What We Know Now About Windows XP

http://www.yqcomputer.com/


Why Windows is a security nightmare.

http://www.yqcomputer.com/


The Structural Failures of Windows

http://www.yqcomputer.com/


--
~~ Best of wishes

Roy S. Schestowitz | "Black holes are where God is divided by zero"
http://www.yqcomputer.com/ | GNU is Not UNIX | PGP-Key: 0x74572E8E
http://www.yqcomputer.com/ - proposing a non-profit search engine
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by [H]ome » Fri, 29 Jun 2007 09:20:35

Verily I say unto thee, that XXXX@XXXXX.COM spake thusly:
[...]

Any well designed system (monolithic or otherwise) will work well, the
problem is maintaining monolithic systems is infinitely more difficult.
As far as it possible to tell without access to the source (anecdotal
evidence), Windows is neither well designed nor well maintained, and
also (and perhaps more importantly) seems to be constantly compromised
by some perceived need to inhibit user control and access, usually
driven by demands outside the developers' control (i.e. MPAA), but also
at the behest of upper management (i.e. change SMB to "f**k with Samba").

Microsoft are their own worst enemy, and having started out on a weak
foundation, continue to further weaken it in the name of Draconian
restrictions. The fact that they seem inept at designing and maintaining
even the fundamentals, only exacerbates the problem, but then given the
business methods employed by those who steer the company, the developers
are immediately at an unfair disadvantage. They have my sympathies.

--
K.
http://www.yqcomputer.com/

.----
| "Our enemies are innovative and resourceful, and so are we. They
| never stop thinking about new ways to harm our country and our
| people, and neither do we." - George (Dubya) Bush.
`----

Fedora release 7 (Moonshine) on sky, running kernel 2.6.21-1.3194.fc7
01:19:16 up 22 days, 13:05, 3 users, load average: 0.24, 0.38, 0.40
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by spike » Fri, 29 Jun 2007 09:35:47

Hadron Quark < XXXX@XXXXX.COM > did eloquently scribble:





You know that linux is modular OUTSIDE the kernel, don't you?
That this modularity includes the GUI.... don't you?
That the kernel itself is modular. Monolithic and modular are not mutually
exlusive...

You do also know that windows comes as one big fat blob, don't you?
you can't seperate out the windows part of windows from the kernel and get
anything useful?

You DO know all those things don't you?

No?

How embarrassing for you.


My, quoting Linus back when linux was VERY small and not modular in the
least? A post from 15 years ago? How very clever of you.
--
______________________________________________________________________________
| XXXX@XXXXX.COM | |
|Andrew Halliwell BSc(hons)| "ARSE! GERLS!! DRINK! DRINK! DRINK!!!" |
| in | "THAT WOULD BE AN ECUMENICAL MATTER!...FECK!!!! |
| Computer Science | - Father Jack in "Father Ted" |
------------------------------------------------------------------------------
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by BearItAl » Fri, 29 Jun 2007 17:25:25


http://www.yqcomputer.com/ #bursting

This is true, ok fair play to MS in that at first they didn't really know
how things would turn out. But they have had more than one chance to sort
it out.

Win98 was a major change and I happen to know that a great deal was done to
sort out the code. There would be Win98 for home, less safe than NT for
business, but better for home users. If the NT for business and Win98 for
home had happened, then maybe things would be better for them now. I know
NT got hit badly with the virus's, but it was still a much better platform
from which to fight them.

But since then MS has taken the slap-n-snot approach to changes (a bit like
the space shuttle, no one knows what every line of code does, so they dare
not touch it, changes are added as extras rather than risk changing a
function that might be unexpectedly called from rarely active code).

They had two opertunities. First after Win98 was extablished they had time
to reassess, they could have said 'Ok, home users need as much protection
as business users, so we will redesign for a safer environment. Also
business users have gone with Win98, because for a time NT was proving just
as vulnerable to virus attacks'. But they didn't do that, such a simple
lesson to learn but they didn't learn anything.

Then while XP was out they had another chance. In five years they could have
completely modulated the code, proper seperation of layers. Instead they
apparently 1/2 wrote something that failed.

MS had access to the worlds best developers, I can't believe that any of the
greater teams of developers I know of would fail to put together a good
safe OS in the 5 years that they had to do it in, unless they were
seriously inhibited.
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by [H]ome » Fri, 29 Jun 2007 18:08:40

Verily I say unto thee, that BearItAll spake thusly:


AFAICT all the real talent at MS has gone, replaced by HB1-visa
personnel, presumably as a cost-cutting exercise. Meanwhile Sweaty B.,
in a series of evermore desperate measures, leads MS down into the gutter.

--
K.
http://www.yqcomputer.com/

.----
| "Our enemies are innovative and resourceful, and so are we. They
| never stop thinking about new ways to harm our country and our
| people, and neither do we." - George (Dubya) Bush.
`----

Fedora release 7 (Moonshine) on sky, running kernel 2.6.21-1.3194.fc7
10:07:09 up 3:04, 2 users, load average: 0.49, 1.05, 0.92
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by tblanchard » Sat, 30 Jun 2007 00:42:38


Ha! common sense wins against magwa shaft cronies again, and again,
and again... The fact of the matter is that Linux is winning on
every angle!!!!!
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by Mark Ken » Sat, 30 Jun 2007 22:55:15

H]omer < XXXX@XXXXX.COM > espoused:

The problem with vertically integrated systems, particularly if they're
coupled with other vertically integrated systems across proprietary
interfaces (eg., windows desktops to windows servers, as an example), is
that the interactions become too complex to model.

This leaves anyone working on systems with an increasing fear of
changing anything /just in case/ it breaks some other component in an
undefined way.

What's not really brought out in the Register's very excellent article
above is the amount of testing which takes place on open-source
systems, modules, libraries, applications, and so on. Since this is
all publicly documented (just look at the Debian website as an example),
it's been kind of accepted, but in reality, it is of major importance.
In principle, it could be very easy indeed to break a modular system,
just look for the module which has most dependencies (libc, kernel vfs
subsystem, etc.) and break that bit. The reason why this hasn't happened,
or at least, has not happened so often, is that the degree of testing
which takes place is phenomenal - debian has a rule regarding package
stability which must be met /before/ a package can make it to testing,
and similarly, before it can make it to stable. Once in stable, there
is no tinkering, only security fixes are applied.

This leads to a massively stable system, and in particular, discourages
the tendency to bodge one bit of the system to fix flaws in another,
something common in vertically integrated systems, if the "newer" piece
is considered less "central" than the older one.

The Register's article is so good, I wonder if we should consider adding
to the FAQ with a link to it?

--
| Mark Kent -- mark at ellandroad dot demon dot co dot uk |
| Cola faq: http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/ |
| Cola trolls: http://colatrolls.blogspot.com/ |
| My (new) blog: http://www.thereisnomagic.org |
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by Dr Gang Gr » Sat, 30 Jun 2007 23:17:11


Yesterday lienux was "just the kernel." Today lienux is more than the
kernel. Which will it be tomorrow?

Seems that the definition of lienux being the kernel or everything else
swings depending on the argument you want to make. How convenient.




--
Posted via a free Usenet account from http://www.yqcomputer.com/
 
 
 

Why Linux is more secure than Windows, and why it runs better...

Post by spike » Sat, 30 Jun 2007 23:58:20

Dr Gang Green < XXXX@XXXXX.COM > did eloquently scribble:





When it's compared to windows, how else would you compare it?
Linux is the kernel
Linux distributions are OPERATING SYSTEMS

Linux is often referred to as the distribution, not the just kernel.

I realise it's confusing for the typical dense troll. But it's quite easy to
understand by the rest of us.
--
______________________________________________________________________________
| XXXX@XXXXX.COM | "Are you pondering what I'm pondering Pinky?" |
|Andrew Halliwell BSc(hons)| |
| in | "I think so brain, but this time, you control |
| Computer Science | the Encounter suit, and I'll do the voice..." |
------------------------------------------------------------------------------