Everyone says Linux is secure, here are the facts!
Posted by slayton on October 7, 2008
I have been asked by more people then I can count “How is linux better then windows?“ My response is usually, something like “better is kind of a subjective term, but one thing linux does better then windows is security.“ To that the usual response I get is “Why is linux more secure?” Today I hope to answer this question by illustrating a few key differences between the ways that Windows and Linux handle security and why Linux does a better job. (Buckle up this may be a longer post)
Inherent Vulnerabilities Exist in the OS
The first thing I want to talk about is why security is an issue. If computer programs could be written perfect then we wouldn’t need anti-virus software or firewalls, but like a physical lock all programs have ways that they can be exploited, sure some pretty ingenious locks have been developed, but given enough time and resources any lock can be circumvented and any software program can be hacked.
Windows and Linux both have their fair share of vulnerabilities, that is why every week or so Microsoft releases a series of updates in an attempt to close some of these holes. The same thing goes for Linux. Most major distributions release security updates. These updates like with windows close known security holes.
I’m not going to address the relative number of known security problems between Linux and Windows because honestly I don’t know them, and anyone who is publishing such numbers is usually pushing an agenda and can’t really be trusted. Every now and then some group (usually associated with Microsoft) publishes saying Linux has more and other groups publish back showing that Linux has less.
I don’t really care who has more I just want to point out that ALL operating systems have security holes. Unless you’re running programs that you’ve written yourself on a machine that is not, has not, and will never be connected to a network you cannot guarantee security.
Inherent Vulnerabilities Exist in the User
Most viruses that get popular do so because of stupid users. People open emails that are obviously scams and download attachments that are designed to catch their attention, only to have a virus installed on their computer. So the problem with stupid users will never go away. If the Linux community wants Linux to gain wide spread acceptance it can’t do so by alienating 90% of its user base. To get around the problem of having stupid users Linux has come up with a few ways of protecting both the user and the system from security vulnerabilities. Here is a short list of a few points I’m going to try to discuss
- Running Commands as User vs Root
- File Permissions
- Separation of Church and State.. err… Separation of User and System Files
- The current number of Viruses written for linux
- Open vs Closed Source
Running as User vs Root
In most Linux distributions user accounts are created without Administrative privileges (Linspire doesn’t do this for this reason I advise against using Linspire under any circumstances). Put simply in order to edit or change a system file you must have administrative privileges. So if you somehow download a virus in linux and run it the virus will not be able to make any system changes. Much like Scotty told Kirk “I can’t do it captain I don’t have the power” the virus or more correctly you as the user just don’t have the power or the administrative privileges to do any damage. Granted if you were to run the virus or malicious command as root with lets say sudo then the virus will be able to do all the damage in the world, but in order for this to happen the user would have to explicitly run the command as root and nobody can prevent stupid people who are bent on doing stupid things from doing just that.
Now to juxtapose Linux with Windows. Almost all users created in Windows are given root access (administrative privileges). I’m not sure as I haven’t created a Windows user in a long time but I believe administrative privileges are granted by default. (I’m 100% positive the first user created is given these privileges). That means that anybody given a Windows account (in the default scenario) is given enough power to administer the system any file they download and run will have FULL access to the internals of the operating system. In fact many programs in windows rely on the user being root and cannot run if the user does not have administrative privileges. Scary huh?
In Linux each file has a set of permissions. If you were to look at a particular file’s permissions you would see three categories: Owner, Group, All. Each of these would then have a value from the set: 1, 2, 4, 6, 7 with each value corresponding to read, write, execute or a combination of all three (for more information see the chmod man page). What I want to discuss is the execute permission. When a user creates or downloads a file the file will NEVER have execute permissions. This means that if a user wants to execute a file the user must first give that file permission to execute.
Now this may sounds backwards and stupid, why would a user first want to give a file permission to execute before they execute the file. The simple answer is this protects the user from downloading an executable without knowing it. Auto-executing files is one of the number one ways that windows viruses spread. People download a executable that has been renamed or hidden with another file extension, they double click on it and BAM the virus has been run and has already started to do its damage! So first requiring the user to give a file permission to execute is a great way from preventing malicious programs from being accidentally run.
Seperation of User and System Files
This goes back to the idea of separating the User and Root account. All of a users files are stored in their home directory under /home/username/ if somehow a user downloads a virus and nukes their files the system files are untouched. This allows the user to completely delete their home directory without any worry of deleting system files. The opposite is also true. If the system files get compromised but the users files are safe the user can simply re-install the operating system and their personal files and preferences will remain untouched.
The current number of Viruses written for Linux
Wikipedia estimates that the number of viruses written for Linux in 2005 was 863. It has been estimated that well over 100,000 known viruses exist for Windows. So you have the numbers on your side. Let say for ease in math that there are currently 1,000 Linux viruses and 999,000 windows virus, and that the average file on the internet contains a virus with probability p. The probability that a downloaded file will contain a virus that will run on Linux is 1,000/100,000 * p or .01*p. The probability that a file contains a virus is extremely small, probably less then 1 in a thousand. So the probability of downloaded a Linux virus is so small that it can be considered negligible, especially since most people are smart enough to avoid sites that actively try to infect computers.
Granted these numbers won’t hold up forever as linux becomes more and more accepted more and more people will try to write viruses but as long as windows is a bigger target, it will remain the primary target.
Open vs Closed Source
The final point I wish to make is that because Linux is open source it is more not less secure. This may sound counter intuitive because having an open source operating system means that anybody can read the source code, and having the source code makes it much easier to find exploits and security vulnerabilities. However, because the code is open source hundreds of thousands, yes hundreds of thousands, of paid and volunteer programmers spends hours every week trying to find security holes and come up with patches. I don’t care how much money Microsoft has, they simply can’t afford to employ that many people. In the open source communities when security holes are found you can’t afford to ignore them and cover them up. Microsoft and sadly Apple both have a history of doing this.
Both companies have filed gag orders against researches who have tried to publish security reports Windows XP/Vista and OS X. Sure anonymity can protect you for a while and maybe buy you a few weeks but eventually other people will discover the vulnerabilities. Vulnerabilities simply do not go away by sweeping them under the rug, they must be addressed head on and in a way that people can scrutinize the solutions to ensure they work.
Recently a security bug was discovered in the Open-SSL library which could allow a system using ssh-keys to be compromised. This bug was discovered by a programmer who was upgrading the Open-SSL libraries. Within a day of the discovery I was getting notification of a Critical Software Update from Ubuntu that fixed this issue and every week after that I’ve gotten a list of compromised keys automatically added to my keyring to prevent any of these keys from accessing my system. Now compare this to the recent DNS vulnerability that was discovered. Linux was updated in days. It took Microsoft weeks to path XP and Vista, it took Apple months. Linux was updated quickly because people all over the world could look at the code and as a community came up with a secure solution. Microsoft and Apple have never had that kind of response never can. The open source community has reliably been the fastest to update software when new security vulnerabilities are discovered.
I hope I still have your attention and that by now you are beginning to understand how Linux is “better” when it comes to security. Linux like all operating systems has its vulnerabilites but for several reasons it is more secure and will be more secure then any of the closed source options.
For more information you can consult the following webpages, all of which I read and consulted when writing this post:
- Wikipedia – Linux Malware
- Linux.com – Note to new Linux users – No Anti-Virus Needed
- The short life and hard times of a Linux Virus
- UbuntuForums.org Post on Linux Viruses
I’m sure there are other sources I haven’t mentioned. If you still have questions post below and I’ll try to respond to them.