Is Linux more secure than Windows?
-
While neither Linux or Windows can claim to be 100% bulletproof, the perceived wisdom is that Linux is more secure than Windows. We try to find out if that’s the case.
Click here to see the full blog post
-
This is all well and good... Until chip manufacturers muck it up for everyone. If the hardware is vulnerable I don't think it matters much what os you choose.
-
The biggest vulnerability for any system is seated right in front of it 🥴
🎻Volunteer helper · Forum moderator · Sopranos tester 🛠️Troubleshooting 🐛Report a bug 📜Markdown help
🦆"With a rubber duck, one's never alone" -Douglas Adams🦆 -
"On Linux, system-related files are owned by the “root” superuser. If infected, viruses can be easily removed as they can only affect the user account where they were installed, and they do not affect the root account"
Windows system files (most of them) are readable by other users but editable only by Administrator. Standard user can't delete any file from Program Files or Windows directory (except temp folder).
Windows can be as secure as Linux, if configured properly.
Biggest problem of Windows for decades is, that by default first account created have admin privileges and most of the people doesn't know that. And therefore they are using computer with admin rights.
-
It just isn't viable to create sophisticated malware for an OS that has a 2% market share unless you have a very specific target in mind. Add to this that the average Linux user will have a better knowledge of what's going on in their system and it just isn't very attractive to bad actors.
-
@gwen-dragon: If you take the average knowledge level of all Linux users and compare it with the average knowledge level of all Windows user, I'm pretty sure you'd end up with more knowledge on the Linux side. Simply because Windows is the default option everybody uses, so you'll have a higher percentage of total beginners using Windows, compared to more power users on Linux.
Sure, malware for macOS exists, and so does malware for Linux. But way, way, WAY fewer than for Windows. If you want money, you attack Windows systems.
-
@Pathduck It's true that at the end of the day if a user does silly things like disable UAC on windows or pipe random scripts into the console via
curl | shon linux that there's not much you can do.But an OS should still provide as much help to users as possible for securing their system. Configurable, but on by default.
💻 Windows 10 64-bit Sopranos Builds • en-GB • 🗳 vote for features • 🕵️♀️ Code of Conduct • 🐞 Report bugs
-
As it says in the blog, no OS is absolutely safe. So far the only difference from Windows and Linux lies only in the fact, that Windows is the most used OS and therefore also more attacked than Linux, which on the other hand has led that MS has more experience regarding attacks and that there is a huge amount of software to reinforce security, which on Linux simply do not exist, or only poorly.
But ultimately, the best protection is always the common sense of the user and be careful when the worst virus of all approaches the PC, which measures 1.20m and is called nephew.>Laptop ACER, AMD Ryzen, GPU AMD Radeon RAM 16GB, SSD 512GB -Win11 Home 64 v24H2| Vivaldi last stable|
-
Additional ways to make the use of Vivaldi more secure on Linux would be the isolation from other GUI clients via Wayland and the isolation from the filesystem via sandboxes (as snap or Flatpak package).
Any chance this will happen?
-
We shouldn't understate how important the user is in this whole affair. A smart user, who takes the time to learn a bit about security and researches things properly before downloading/installing, is pretty safe in my experience.
-
Windows Defender (soon to be Microsoft Defender) is an anti malware program not an anti virus program.
Why Open the Web?
Despite the connecting purpose of the Web, it is not entirely open to all of its users.
When used correctly, HTML documents can be displayed across platforms and devices.
However, many devices are excluded access to Web content. -
@lonm said:
@Pathduck It's true that at the end of the day if a user does silly things like disable UAC on windows or pipe random scripts into the console via curl | sh on linux that there's not much you can do.
But an OS should still provide as much help to users as possible for securing their system.
Quite right.
Many do understand system security configurations but when the industry is selling so many units to the consumer market they must make it easily configurable as you say. -
@Chas4 said in Is Linux more secure than Windows?:
Windows Defender (soon to be Microsoft Defender) is an anti malware program not an anti virus program.
>Laptop ACER, AMD Ryzen, GPU AMD Radeon RAM 16GB, SSD 512GB -Win11 Home 64 v24H2| Vivaldi last stable|
-
@gwen-dragon: Sure. Never said Linux was safe. But the risk of getting compromised while doing standard work is way higher with Windows than with any Linux.
-
Maybe you guys should do an article on running V. in a sandbox such as FireJail. I'd think there would be interest in that.
-
Nice to see these linux-related articles
-
This post is deleted! -
From my experience, Linux is more secure than MS-Windows overall. This comes from using Linux for the past twenty years and raising two kids. We had two computers for the family to use (aside from the third PC my wife and I shared). One PC ran MS-Windows and one ran Linux.
The kids would always be doing something to screw up the MS-Windows PC, whether it be virus related or other tinkerings. But that Linux PC ran day-in day-out with no problems. I had the Root password and, if the kids messed up their own account on it, I'd just wipe their /home directory and start them off again fresh."It ain't retro to me, it's just how I live."
Current system: Acer Aspire One netbook, ALT Linux P9, Window Maker 0.95.7, SeaMonkey 2.53.8 | https://dbouley.vivaldi.net -
To give at least some credit where it's due - Windows has gotten a lot more secure over time. The main problem 15-20 years or so ago was that Windows was never made to be placed directly onto the internet (even if Bill & co said otherwise to sell more units). It was meant for workgroups on local networks, and this showed in the horrible security of stuff like NetBIOS, RPC and other default services at the time.
In the days of dial-up connections, with the infamous Blaster worm, even just connecting an unpatched Windows system to the internet would make it infected within a couple of seconds. That was a fun time to be the "IT guy" to family and friends
These days most Windows PCs (at least in the "first world") are fortunately being kept in (relative) safety by something as simple as being behind a router, since NAT complicates things for these kinds of direct port attacks. But now shi**y vulnerable routers are another vector for attack instead...
A drawback is that modern OSes, and probably including mainstream desktop Linux distros, are running a whole bunch on "convenience" services listening on inbound traffic, or doing broadcasts to discover other devices on the network. And all of these can potentially be vulnerable to attack.
For example, these are the ports my Win10 machine is currently listening:
https://pastebin.com/2bEJbt8MI'll leave it as an exercise for anyone willing to figure out what all those ports are
Of special interest for us are these:
UDP 0.0.0.0:5353 *:* UDP 0.0.0.0:5353 *:*That's Vivaldi and the Chromecast MediaRouter extension... and AFAIK it can't be disabled, I've tried
Anyone running a Linux distro "brave" enough to do the same? A quick
netstat -an | egrep "LISTEN|UDP"would do the trick
-
@dbouley That's what I was writing about in my post. I guess you were running Windows with account which had admin rights, because standard user can't screw up the system, only own profile. Same as in Linux.
