Chris Pirillo » linux security

Is Microsoft Windows Security a Myth?

Chris — Sat, 06 Dec 2008 09:32:14 +0000

Is Microsoft Windows Security a Myth? is a post from Chris Pirillo

This is Sushruta’s submission for the HP Magic Giveaway. Feel free to leave comments for this article as you see fit – your feedback is certainly welcomed! If you’d like to submit your own how-to, what-is, or top-five list, you can send it to me. Views and opinions of this writer are not necessarily my own:

Any Linux geek would tell you Linux thrashes Windows in more ways than one. But does it? And why? What makes a system better than another? At this stage, are they even different at all?

If there were no Windows vs. Linux battles, the geek life would have been notably duller. Technology forums would inevitably get boring, and life would generally never be the same. The most contentious issue, of course, is security — Windows is notorious for not having much in that department. However, Vista is loaded with a bunch of new security measures, and claims to be able to thwart malicious software better.

What makes an operating system more secure? The way it’s built, of course. And that is the question we’re asking. But first, some myth-busting.

The biggest security breaches occur when malware is allowed to run with on your system with elevated privileges — which means that it has access to critical programs and data that only your system’s kernel should have. Once it’s reached that level, your PC becomes its humble servant, and can be brought down at the slightest whim. Who gives this malware its privileges? Well, you do.

With Windows XP, the person who installs the operating system becomes the Administrator, so if you’re the only one using your PC, you’ve got the privileges to wreak all sorts of havoc, should you choose to. Consequently, any application you install and run is also accorded the same royal treatment, no questions asked. Now add to that the fact that Windows’ system services run under a user account called SYSTEM (you can check this out in the Task Manager)—the most powerful account on your system, with access to everything critical—and that the first processes that malicious programs hijack are system services. You’ll be drawing pretty accurate conclusions by now…

Vista, thankfully, changes this. The user who installs Vista is still part of the Administrators group, but even this administrator runs with regular, limited privileges. When administrative tasks—including installing new programs—need performing, User Account Control (UAC) kicks in, telling you that you need to give the task a go-ahead before it, well, goes ahead. If you read the UAC prompt and don’t know the program it’s warning you about, you can prevent it from running. But what if you’ve blindly allowed the task to continue ?

Services in Linux run as separate users, with access only to files that they own; more often than not, they don’t even have the rights to use the terminal, so they can’t run commands or start other services. This is where the multi-user approach comes handy again—since users are isolated from each other, services can’t access the data used by other services. The Apache server, for instance, runs as a user called www-data, which only has access to the Web pages it serves. If a hacker exploits an Apache vulnerability to get into the www-data user account, he can’t really do much to the other services, because www-data doesn’t own those files. He can, however, mess with Web pages, so while this isn’t a doomsday scenario, it’s certainly not ideal.

What is the scope of the damage it can do? Again, with both Linux and Vista, damage caused by malware is restricted to the service it exploits, and the files that the service can access. What happens when the malware goes about its dirty deed? With Vista, if a critical service—like the Remote Procedure Call (RPC) service—is compromised, all manners of chaos may ensue. Every application under Windows needs to use RPC, so you’re sunk without it. With Linux, services aren’t as tightly integrated with the OS, so while your Linux PC can be crippled—some applications won’t run, you may not have network access and so on—the kernel is still safe, which means that with a little root wizardry, it can be brought back to life again.

Bottom line: for daily desktop use, both systems are equally secure — but if things do go wrong, they go more wrong with Windows.

How to Handle Remote Tech Support

chris@lockergnome.com (Chris Pirillo) — Mon, 13 Jul 2009 06:30:00 GMT

Using GoToAssist is the easiest way to view and control another person's computer online. Use it to provide instant technical support to family, friends and customers. Start a session with just one click, and instantly connect with the other party.

Network Tools for Windows

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

You need these network tools, no matter which operating systems and networks you have to support. SolarWinds ipMonitor: Affordable Network Monitoring for SMBs. Get turnkey network, server and application availability monitoring with SolarWinds ipMonitor v9.0. This easy-to-use, reliable solution for SMBs delivers out-of-the-box availability monitoring so you always know exactly what's up with Active Directory, DNS, Exchange, FTP, Web, IMAP, MS SQL Server, and SMTP. Download your free trial today. Or, try their totally free tools! And, through 2/29, save 20% when you purchase ipMonitor 9.0.

Get Your Own Web Site

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

Starting at just $3.99/month, web hosting from GoDaddy includes 99.9% uptime, 24/7 support and free access to GoDaddy Hosting Connection, THE place to install over 30 FREE applications sure to help you get the most from your hosting plan and Web site. Enter code CP2 at checkout, and save an additional 10% on any order.

Plus, as a friend of Chris Pirillo, enter code CHRIS7, that's C-H-R-I-S and the number 7, when you check out, and save an additional 10% on any order. Get your piece of the internet at GoDaddy.com.

VMware and Parallels for Virtual Machines

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

It doesn't matter if you're running on Windows or Mac OS X - every power user needs either Parallels or VMware (or both). There's never been an easier way to test software without destroying your primary operating system's stability. Think of how many times you wish you could press a 'reverse' button on your computer. Plus, there's no easier way to try new Linux distributions - see what all the fuss is about. Run Windows in OS X, run Linux in Windows, but the best way to do either is with VMware and/or Parallels.

Coupons for Online Shopping

chris@lockergnome.com (Chris Pirillo) — Sat, 12 Jul 2008 07:56:13 GMT

This feed is fueled by Lockergnome Online Shopping and Coupon Codes

Before you shop next time, see if we have a coupon first.