I have read in many different sources people claiming that Windows and IE are horribly insecure, Linux is better, Firefox rocks, and so on and such…
My question is:
Are Microsoft products really less secure, or is it simply a matter of the hackers and virus makers out there choosing to attack the programs that are most prevalent?
I think it’s a combination of factors, not just one, which add up to make securing Windows difficult:
[ul]
[li]First, like you said, Windows is the most common target for virus writers and hackers.[/li][li]Windows defaults to Administrator accounts, allowing all programs total access to the system. Linux buffs preach the use of different permission levels and not using administrator unless absolutely necessary. Windows has similar capabilities too, but most users do not know how/do not care to use it.[/li][li]Microsoft is often slow to patch security vulnerabilities.[/li][li]Microsoft, in the name of increasing functionality, likes to add executable code wherever it can. Office macros, ActiveX, VBscript in Outlook Express, etc. – they all contribute to making normally secure read-only documents into potentially dangerous virus carriers.[/li][li]Windows boxes, up until Windows XP SP2, did not come with a firewall turned on by default. This allowed worms to attack and infect any computer connected to the net.[/li][li]Microsoft failed to anticipate users’ ignorance and apathy towards security issues. I would say this is the single biggest cause of the problems. People just don’t spend the time to learn about and secure their systems. But it isn’t really their fault. Computers are a commodity now, and people should be able to expect them to work out-of-the-box and not have to worry about all these things.[/li]
It might be better if the systems came secure and locked down, but there’s a delicate balance between usability and security that can be hard to maintain. Microsoft announced a security initiative a while back, and XP SP2 was a good first step… now we just have to see if they can keep it up with future versions of Windows.
[/ul]
Anyway, Windows, for the above reasons, is less secure by default, but that doesn’t mean it can’t be secured. You just have to spend the time and effort to do it. Disabling ActiveX, running a good virus scanner, a firewall, and a spyware program will stop 90+% of malware from affecting you. That, and maintaining good security practices like never running software that didn’t come from a trusted source, getting the latest security patches as soon as possible, giving programs and websites as few permissions as possible, stuff like that. Basically, treat the entire Internet as hostile – because it is – and trust as few things as you can.
I can’t say much about Linux since I haven’t used it much, but as for Firefox, it’s definitely an improvement over IE. There are already Firefox security vulnerabilities, but they are usually patched quicker than IE ones. Thankfully, Firefox also does not use ActiveX. On the usability side, Firefox also has interface improvements that make it better than IE, but that’s not really relevant to this discussion.
For the “vulnerability vs popularity” argument, I present to you Apache webserver. It’s the backbone behind 70% of webservers on the internet today, and is considered the premium in security.
Boy, is this one headed for GD or IMHO.
I’ve used every version of Windows and played around with Linux quite a bit.
You’re going to find people fall into a couple of camps:
(a) Windows is inherently less secure, Microsoft are teh suxx0r, Windows is more full of holes than a Swiss cheese.
versus
(b) Windows is no more unsecure than any other large OS - it’s just a bigger target.
As usual in this type of situation, there’s no real right answer. It’s a matter of opinion and perspective.
Reply explained it very well.
The thing about “not running as administrator” is very important. There’s a huge drive within Microsoft to ween people off of this, including Microsoft employees. Unfortunately a lot of software breaks in strange ways if you run as a mortal user.
I would say that Windows 2003 Server was the first MS OS that came out giving real serious thought to security. I would rate it about on par with a generic linux box, especially with the new SP2.
A competant administrator can make a windows box as secure as a linux box but competent administrators are rare.
Very often, when some big worm hits, Microsoft has had a patch out for some time, but a lot of sysadmins don’t bother keeping up to date with the latest patches.
My take is that Microsoft could do a lot more in the way of security, especially with regards to IE. However, the users could also do a lot more to take care of what’s out there.
This is a very good example - Microsoft’s competing IIS webserver is used by roughly 20% of servers on the net, yet IIS is compromised much more often than the open source Apache.
Here is a pretty good article comparing Microsoft vs Linux Security.
Another factor to consider is that Windows is a closed source operating system. The program code that makes up the OS is not available for general viewing by users.
This means that the bad guys must stumble onto security holes by trying out different attacks. Microsoft will then release patches to fix those holes, and the cycle starts again.
With an open source operating system or program (such as Linux, FreeBSD or Firefox), the general public can browse the source code, and identify potential security holes.
The bad guys can too, of course, but so can the good guys. Many eyes (thousands in the case of Linux) have gone through the code and removed security holes. There are fewer successful attacks because there are fewer attack vectors.
With Windows, there are an unknown number of attack vectors awaiting discovery. In fact, Microsoft’s Group Vice President, Jim Allchin, has stated under oath that some Microsoft code was so flawed it could not be safely disclosed. (http://www.eweek.com/article2/0,3959,5264,00.asp)
I agree with Mr Sakamoto. The argument that more vulnerabilities are found because Windows is attacked more frequently is weakened when the popularity of Apache, and its very low level of security holes, is taken into account.
No non-trivial software is bug-free. One needs to decide whether an open solution, with no known security holes, or a closed solution, with no undiscovered security holes, is better.
I’ve never really bought the “given enough eyeballs, all bugs are shallow” argument (and God, what a clumsy way of putting it). How many people are really familiar with the source code of, say, Firefox or Open Office? More than the number of people Microsoft pay to pore over Windows’ source code? I’m not convinced.
People who know how to lock down their computer are more likely to switch to a non-M$ software/OS.
Guess who this leaves behind using M$?
So if you are going to attack a computer, who are you more likely to attack? Firefox, which people who use it know something about security, or IE where most of the users have no idea about it?
No one argues — or should argue, anyway — that open-source code review eliminates all bugs and security flaws. The general idea though is that the more people there are looking for problems, the less likely a problem will go undetected, and uncorrected.
OpenBSD was once able to boast that they never had a security flaw in their X years of existence. Since then, one flaw was indeed found, and subsequently fixed. Despite that bit of egg on their face, they still have a pretty admirable record on security. That dependable level of security was achieved largely through extensive code review, made possible by the fact that the OpenBSD source code is open for all to see.
Microsoft is a large company, but the number of programmers they have reviewing Windows source code is still going to be dwarfed by the number of programmers reviewing BSD, Linux, and Apache source code.
Apache is popular for a web server, but does the number of servers out there even approach 1% of the number of desktops in use? I’d be skeptical that it’s even that high.
My take on this is a bit different: Microsoft is very well aware of users’ ignorance and apathy but draws different conclusions from it, namely:
"If we enable proper security by default, users will experience what to them will be “Windows not working”, e.g. in cases when
How does Mac work in all this. Is it more secure, or just less prone to attack because it isn’t the big kid on the block? I ask because the current argument seems to be suggesting that Microsoft is more vulnerable becuase it favors towards easier user interface. If this is true, how does Mac, suggested to be the most user friendly OS, fair in the security game.
Also, to add to the current discourse, if I was inclined to create a virus or wanted to disrupt as many people as possible, I would almost HAVE to aim for Microsoft. It is the largest consumer base, and they’re one of those “evil empires” that people are inclined hate for their successes. i.e. Walmart, Starbucks, McDonalds, Microsoft, AOL.
I think that the various flavors of Unix (Linux included) are more secure than Windows, although MS has made great strides in the last few years. A couple of reasons:
The Unix family has one or two decades of additional development work on it compared to Windows. Unix goes back to the late 1960s, Windows started in the 1980s.
Basic philosophical difference in design - Windows was designed as a single-user OS, one person on a standalone workstation. Unix was built from the ground up as a network OS.
Open source vs. closed source; I think that the open source model is simply better at disclosing and fixing problems. More eyes on the problem, and many of them belong to talented folks who regard finding and fixing problems as fun. They don’t have a dog in the fight (which can be a problem in a given organization - “Don’t bring up problems with the new OS, management doesn’t want to hear it”). Steve Jackson Games put out a game design book years ago which had some wonderful advice that I find applicable to many fields - playtest with idiots. They will find mistakes that you could never imagine, they will do things that seem utterly insane, some of them will even try and cheat. If your product survives that kind of scrutiny then it’s good.
Well, the point is that there are more than 3 times as many Apache webservers out there as their are Microsoft IIS webservers, yet IIS servers are hacked more often.
Given the number of important sites running on Apache, you would think there would be plenty of crackers trying to take them down. Also, webservers tend to be installed by people with a considerable degree of computer skills, so user skill is less than a factor than when considering operating systems, where more computer savy people will be using Linux, and others using Windows.
Thus, we can conclude that the open-source method produces more secure code than Microsoft, at least for webservers. I would wager that the same holds true for other code, though if Linux did have the market share, and non-technical users that Windows has right now, you would see more viruses and spyware on Linux, but it wouldn’t be as bad as it is on Windows right now.
Ideally, for security, I would prefer 3-5 operating systems, each with roughly equal shares of the OS market - this would force each OS to compete more strongly, and reduce the damage a single bad security vunribility can cause.
I’m certain that the code for say, the Linux kernel, has been analyzed by far more minds than the source code for the Windows XP kernel. I think the same applies to any popular open-source project. The number of people working on Microsoft products is limited by the financial resources of the company, rather than the number of people using whatever product. As the popularity of Linux increases, so does the quality and security of the code. Logically, the open-source community wants as many flaws as possible to be discovered and reported - or less ideally, exploited. When that happens, a number of patches are developed to solve the problem, so the developers responsible for official chances in the code can choose which they think is best. Anyone can submit changes. Anyone can change their copy of the code.
I think the web server is bad, the OS must suck too suggestion might be a false analogy. If MS was a smaller company, you could claim that the inferior quality of one product might apply to a different product by the same company (and event hat is questionable). However, MS is a large company, and the people/personnel/resources that create the web servers are not the same as the p/p/r that create the OS. Additionally, the requirements and demands of each product are vastly different. Your analogy is akin to saying the Ford Explorer has had many problems, the new Ford GT40 probably sucks too.
event hat = promo freebee hats given at trade shows
it is not a typo for even that… 
That’s not the argument being made, though. Here’s how it runs:
MS says that the only reason Linux suffers from fewer security issues than Windows is that it’s a smaller target, and nobody makes the effort.
However, amongst webservers, this logic doesn’t hold. If Microsoft’s argument re: OS security is valid, then we should expect to find that the webserver with the greatest market share is also subjected to more successful attacks, because it is the largest target and will receive the bulk of crackers’ attention. Since that turns out not to be the case, it casts extreme doubt on the initial argument, i.e., that the only reason Windows is subjected to successful virus and worm attacks is because it is popular.
This doesn’t demonstrate that Windows is inherently less secure than Linux, but it does undermine the argument most often given in defense of Windows.