Home arrow News Articles arrow News Articles arrow Computer Security on Linux or Mac OS
Computer Security on Linux or Mac OS

As our Safety Surfers Online Security site mostly deals with Windows-based computer security, we pay little attention to the world of Mac OS or Linux, but it seems that the problem should be thrown some light upon as a lot of people use alternative operating systems nowadays.

When we speak about computer security we usually mean operating system security. MS Windows has always been the favorite of hackers as it is the most popular with users worldwide. A reasonable question may arise: if Mac OS and Linux become popular, will hackers write more viruses for them? Will the OSs become more vulnerable?

A lot of people who work in the computer security sphere express their belief that "we will be seeing more Linux viruses as the OS becomes more common and popular" (Jack Clarke, European product manager at McAfee).

There are others who think Linux and Mac OS are more than secure when speaking about their vulnerability. The quantity of viruses for Windows outnumbers those for Mac OS and Linux manifold. But it is not only the matter of numbers. The reason of such an approach is not simple and it requires deep understanding of the operating system insides. To tell a long story short, there are internal factors, like being prone to social engineering, poorly designed software, that will not let hackers do the same harm they did to MS Windows. Social engineering is the art of making someone do something they shouldn't, or reveal something that should be kept secret. Virus writers use social engineering to convince people to do silly things, like open attachments that carry viruses or worms. Poorly designed software makes it easier for social engineering to take place, but such software can also subvert the efforts of a knowledgeable, security-minded individual or organization. Together, the two factors can turn a single virus incident into a widespread disaster. A Windows-based computer may even be infected when a user reads e-mail. This sort of social engineering requires far greater effort on the part of the Linux user. Instead of just reading an e-mail, a Linux user would have to read it, save the attachment, set executable permissions to the attachment, and then run the executable. Further, due to the strong community around Linux, new users will receive education and encouragement in areas such as e-mail security that are currently lacking in the Windows world, which should help to alleviate any concerns on the part of newbies. Further, due to the strong separation between normal users and the privileged root user, a Linux user would have to be running as root to really do any damage to the system. Mac OS X doesn't even let users to use the root account unless they first enable the option. So, it's obvious that the number of viruses and worms coming from e-mail cannot be too large on those platforms. Windows is always installed with root (Administrator's) privileges and hardly anyone changes his or her account permissions, thus increasing security risk. Even non-privileged users can still add DLLs and other system files that can be run at a level of permission that might damage the whole system. Finally, Linux or Mac OS platforms are various, they run on many architectures and are sometimes so different that it is impossible to create one effective harmful piece of malware for the OSs. Lots of e-mail clients in Linux do not let you activate HTML in the e-mails. As for Windows, we all know the domination of Outlook or Outlook Express that rely on IE to show HTML containing e-mails.

To sum it up: social engineering on Windows os easier than on Mac OS or Linux due to the fact that it is much more difficult to fool a Linux or a Mac OS user to do something stupid as it requires more effort and actions on their part: set up user's permissions, use non-integrated browsers, saving attachments before reading them. It is funny, but it seems to me that such heavy security is preventing and will always prevent Linux or Mac OS from becoming popular.

We have stated that Linux and Mac OS are safer than MS Windows and viruses are not so numerous for these operating systems. Do they need anti-virus software? The answer is affirmative. Lindows is the most vulnerable version of Linux that runs at the root level and needs anti-virus software badly. Samba or NFS servers also require the use of online security packages, as they store documents in undocumented, vulnerable Microsoft formats, such as Word and Excel. Linux mail servers should run anti-virus software in order to neutralize viruses before they show up in the mailboxes of Outlook and Outlook Express users.

Bottom line: Windows platforms cannot be operated without trusted and reliable anti-virus internet security software. Mac OS and Linux are better designed to withstand viruses, as they demand high computer awareness on the part of the user. The wiser the user, the less is the risk to get an infection. However, no system can be considered absolutely safe if it is set up to do something automatically (like executing a file on clicking) or has a network connection. Again, better safe than sorry!

The article is inspired by Linux vs. Windows Viruses article.

Last Updated ( Sunday, 25 May 2008 )
 
< Prev   Next >
© 2008 Safety Surfers Online Security Web Portal - XML Sitemap - Sitemap
If you want to copy any material from this site and post it on the internet, you are obliged by copyright to note the source and to give a link back to this page.