Jump to content

Cre8asiteforums Internet Marketing
and Conversion Web Design


Photo

XP SP2 released this week


  • Please log in to reply
99 replies to this topic

#81 Ruud

Ruud

    Hall of Fame

  • Hall Of Fame
  • 4887 posts

Posted 31 August 2004 - 09:19 AM

Compromising security in Linux demands root access (comparable to running Windows XP logged in as Administrator). It's security stands or falls with the configuration.

Linux follows a system of file security which, by logic reasoning, make it inherently more secure - especially more secure in case the system is compromised. For evidence of this you will have to rely on opinions. 30 years of Unix use has convinced sysadmins that in daily life Unix-based systems are more secure thanks to this setup.

Script kiddies know that it is very easy to hack into a well configured, well patched Windows box. The same cannot be said for Linux. Hackers who do get in and get root are renowned because it is so difficult.

What is important to remember in discussing system security is that the security stands or falls with the configuration. In this respect Linux offers much more control than Windows. Then when the security fails Linux inherent seperation of kernel and user allocation makes attacks on the system much more difficult then in Windows.

Ruud

#82 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 09:22 AM

Not one word in the article is evidence that linux or mac os are inherantly more secure.


Then you didn't understand it properly then.

As Ruud illustrates, if you understand how the file security sytem works, then there is no room left for any doubt. That is evidence enough, and is explained in the article.

#83 Eddie

Eddie

    Mach 1 Member

  • Members
  • 404 posts

Posted 31 August 2004 - 09:35 AM

I beg to differ - it is you that didn't understand it.

What is important to remember in discussing system security is that the security stands or falls with the configuration.


That I agree with 100%.

Properly set up Windows systems run on the same principle. I maintain several LANs and WANS, and the users are most definitely not given root access.

You are comparing well set up linux systems with badly set up Windows systems. Not, imo a proper comparison.

On my own LAN we have 4 XP machines, 1 Linux and 1 Mac.

If unix or the mac had the same numbers, then this argument would fall flat on its face.

#84 ac

ac

    Light Speed Member

  • Members
  • 917 posts

Posted 31 August 2004 - 09:40 AM

Great post Ruud, but I think we have more to go before this one is done.

#85 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 09:41 AM

Eddie - the point is that Linux is safer by design, as I originally stated.

If you understood the article and still don't get that, then fine, but you are standing alone.

Maybe you'd care to explain how a system with file security like linux cannot be safer by design than Windows?

#86 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 09:46 AM

I beg to differ - it is you that didn't understand it.


Well, me and a few thousand others then.

Surely it can't be only you that does understand it?

#87 Eddie

Eddie

    Mach 1 Member

  • Members
  • 404 posts

Posted 31 August 2004 - 09:48 AM

I'm happy to stand alone if needs be, but I know that isn't so. Saying something 3 times only makes it true in fairy tales.

All operating systems have holes, and anyone with open eyes must see that. Even if you have nothing but the web to go on, there are inumerable examples of unix hacked sites.

The author of that article certainly made some good points ( although many of them are no longer true ) but he did not prove that one operating system is inherantly more secure than another.

#88 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 10:01 AM

Eddie

We have explained our reasoning, but I am sure we are all happy to be swayed by a carefully reasoned rebuttal, so, I repeat:

Maybe you'd care to explain how a system with file security like linux cannot be safer by design than Windows?

...instead of just repeating the 'no it isn't' mantra

#89 Eddie

Eddie

    Mach 1 Member

  • Members
  • 404 posts

Posted 31 August 2004 - 10:52 AM

No you have not.

Windows can, and should be set up in the same way. Granting administrator willy nilly rights in any system is asking for trouble.

It was you that stated the Linux and the mac os were inherantly more secure than windows. So far you have just shown links to 2 documents, neither of which support your main contention.

Quote: 
Maybe you'd care to explain how a system with file security like linux cannot be safer by design than Windows? 

...instead of just repeating the 'no it isn't' mantra


The words pot and kettle come to mind here.

#90 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 11:04 AM

No you have not.


Yes we have, both Ruud and I have told you why - its because the file security requires far more effort to compromise even than a well set-up Windows PC.

That is our reasoning, and you were referred to an article that suported this.

Presumably you have a logical reason for believing that the Linux file system is NOT inherently more secure than Windows.

Are you going to share it with us, or not?
You seem reluctant for some reason.

As for Pot and Kettle - well the Pot has explained its reasoning and the Kettle hasn't.

[added]
Alternatively, point us to some of the articles written by the people who agree with you - I'd love to read them.

#91 Eddie

Eddie

    Mach 1 Member

  • Members
  • 404 posts

Posted 31 August 2004 - 11:11 AM

Yes we have, both Ruud and I have told you why - its because the file security requires far more effort to compromise even than a well set-up Windows PC. 


So with a bit more effort the security fails anyway. That means logically that neither system is INHERANTLY more secure. One just takes a little bit more effort.

I rest my case.

#92 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 11:14 AM

inherent: existing as an essential constituent or characteristic

That the files system needs more effort to compromise, (which you agree), is in essential characteristic of Linux over Windows.

Your case does not rest, it is blown out of the water.

#93 Eddie

Eddie

    Mach 1 Member

  • Members
  • 404 posts

Posted 31 August 2004 - 11:22 AM

Clear reasoning, but not correct. Using that type of answer we can prove that a bullet can never catch a running man.

I'm afraid I do need to get some work done now so any more replies will have to wait until the morning.

Incidently, I'm sure it is a coincidence, but since posting here my fire wall has gone beserk and I've had 15 viruses blocked by my server

#94 gravelsack

gravelsack

    Mach 1 Member

  • Members
  • 401 posts

Posted 31 August 2004 - 11:26 AM

Hopefully, tomorrow you'll explain why the reasoning is not correct.

I can't see the running man/bullet argument as being even slightly related.

I am usually pretty good with logic, if I've made an error I'd be glad to know.

#95 ac

ac

    Light Speed Member

  • Members
  • 917 posts

Posted 31 August 2004 - 11:39 AM

http://zdnet.com.com...?tag=zdnn.alert

http://www.internetn...cle.php/3374251

http://zdnet.com.com...?tag=zdnn.alert


Some articles on security for the discussion here.

#96 Ruud

Ruud

    Hall of Fame

  • Hall Of Fame
  • 4887 posts

Posted 31 August 2004 - 11:39 AM

Linux inherent seperation of kernel and user allocation makes attacks on the system much more difficult then in Windows


Maybe this is why Microsoft addresses this indirectly and partly in Windows XP, raising the security bar a bit. Maybe Longhorn is meant to secure the seperation of kernel and user space even more because this model is so secure. It is not I but Microsoft who claims this is more secure.

If so then Unix has had this more secure model already since 30 years. If MS thinks model B is more secure than model A and Unix already has model B.... doesn't it somehow follow than that Unix at this point in time is (therefore) more secure than MS?

You are comparing well set up linux systems with badly set up Windows systems. Not, imo a proper comparison.


In that case my mastery over my 2nd language is not at the level I like it to be and I have failed to accurately convey my opinion: given two well configured systems Windows exposes more risks once compromised due to its inherent OS setup.

Users need to keep in mind that there are philosophical differences in the design of Linux and Windows. The Windows operating system is designed to support applications by moving more functionality into the operating system, and by more deeply integrating applications into the Windows kernel. Linux differs from Windows in providing a clear separation between kernel space and user space. This matters because the ability to make either operating system more secure varies depending on architectural design. [...]

Microsoft is taking strides to redesign the security of its products and provides patches for its installed base. Still, security issues in legacy Windows products persist and complicate this task. This leaves many Microsoft users exposed to security threats, since patches must be well documented prior to deployment. Also, the tendency for Microsoft to mix data and program code in its applications, e.g., ActiveX, can allow untrusted data from outside the system and can cause the activation of arbitrary code with untrusted data. In some cases, Windows even allows digitally signed code to be supplied from outside the system, which means a local systems administrator can't audit the code. Instead the system administrator is dependent on whoever signed the code to perform an appropriate code review. [...]

Security considerations in Linux and Windows continue to fuel the debate on which is better, an open source or closed source operating system. Industry logic is that an operating system based on open standards and open source enables interoperability, improves bug detection and fixes, and is superior to a model of security through obscurity. Open source also forces Linux distribution providers to be absolutely transparent in the production process. Every step can be re-run by users, and this enables incremental security on a meta level. Windows, for which no source code is available, does not enable equivalent transparency.

While Linux provides equivalent to superior security capabilities in comparison to Windows, the security of a Linux system is largely dependent on the choice of Linux distribution, the kernel it is based on, and the skill of the IT staff in implementing and supporting the system. Since your success in implementing and maintaining a secure operating system rests with your IT shops, make sure that they have the training and expertise to deploy, manage, and troubleshoot.[/b]


Quoted from Newsforge.

Note: my emphasis.

To sum up:
[list] Linux's file security is much better than that of Windows. Traverse your system directories in Windows logged in as a user and do the same in Linux. See the difference?

[*] The way the operating systems are built from the ground up differs strongly. If on your LAN'd systems you employ a firewall you understand the basic idea of seperation of zones: you don't want the internet to be an integral part of your local system. The same idea applies to kernel space and user space.[list]

As for delivering proof... I can't see why on a SEO forum one would pose a question which answer can easily be found by employing any of the search engines whose attention we attempt to engage. Realizing your reluctance I have done your research for you, provided a link to an explanation about file security and now one to a comparision between Linux and Windows security. If this, otherwise moot, discussion were to continue I believe it would be fair you would act in like manner and support some of your posts with one or more relevant link to, as you reference it, evidence for I fear that otherwise your posts remain, I quote, "someone else's opinions".

Ruud

#97 DaveChild

DaveChild

    Honored One Who Served Moderator Alumni

  • Hall Of Fame
  • 3446 posts

Posted 31 August 2004 - 11:56 AM

I'm in agreement with Ruud and Gravelsack here. A well set up Windows XP system and a well set up Linux system are both tough to compromise. I'd say Linux is almost certainly tougher, based on pure conjecture - Microsoft need a product out of the door and ready for sale according to a deadline. They frequently have to cut things out of specs to make their deadlines - and it's no stretch of the imagination to guess that their products ship with security flaws, it's a known fact. They also tie things in to the OS, as part of an impressively successful markting strategy - but that means a vulnerability in a program can in fact mean an entire system is compromised. Linux is written with no such pressures motivating authors. It is written to do what it does well, and compartmentalises everything - so when a program is compromised is usually means the entire system isn't.

The download.ject vulnerability in IE recently is a great example. It allowed someone to install anything they wanted on a remote machine without the user even knowing it was happening. Because IE is tied to the OS. Such a vulnerability is an impossibility in Linux.

The root vs administrator argument is a tricky one. You get a higher percentage of Windows users logging in as administrator than Linux as root, but that doesn't prove much except that Windows users are usually not quite as well educated in security matters.

Finally, nice to see a subject being discussed with such passion, but play nice, everyone :).

#98 Ruud

Ruud

    Hall of Fame

  • Hall Of Fame
  • 4887 posts

Posted 31 August 2004 - 12:02 PM

...  but play nice, everyone


*drops slingshot and spitballs behind back - kicks dust*

Not fair, never any fun here! :)

Ruud

#99 ac

ac

    Light Speed Member

  • Members
  • 917 posts

Posted 31 August 2004 - 12:07 PM

We are always nice, right Ruud?

#100 ac

ac

    Light Speed Member

  • Members
  • 917 posts

Posted 28 September 2004 - 01:45 PM

http://www.eweek.com...,1639508,00.asp

If folks want the latest news and updates the above page will provide it for you.



RSS Feed

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users