Windows Security vs. Linux Security | Beginning SUSE Linux: From Novice to Professional

If you've switched to SUSE Linux from Windows, there's a very good chance that the security failings of Windows featured in your decision. By any measure, Microsoft's record on security within its products is appalling. There's a new and serious security warning seemingly on a daily basis, and a new and devastating virus makes news headlines with similar frequency (usually described as "a PC virus" rather than what it actually is: a Windows virus).

There's an argument that Windows is the target of so many viruses merely because it's so popular. Although it's true that most of the underground crackers who write viruses dislike Microsoft immensely, there's also little doubt that Windows is fundamentally insecure and always has been. The task facing a cracker when creating a virus or worm is trivial in many cases.

Microsoft's latest operating system, Windows XP, provides many good examples of why it's an easy target. Upon installation, the default user is given root powers. True, there are a handful of tasks that only the genuine Administrator user can do, but the default user can configure hardware, remove system software, and even wipe every file from the hard disk, if he or she pleases. Of course, you would never intentionally damage your own system, but hackers use various techniques to get you to run malicious software (by pretending it's a different file, for example) or by simply infecting your computer across the Internet without your knowledge, which is how most worms work.

Viruses and worms also usually take advantage of security holes within Windows software. As just one example, there was a famous security hole within Outlook Express that meant that a program attached to an e-mail message was run when the user simply clicked a particular message to view it. In other words, infecting a Windows machine was as easy as simply sending someone an e-mail message!

I would love to say that security holes are not found on Linux, but the sad truth is that they're a fact of life for users of every operating system. Yet Linux is considered nowhere near as insecure as Windows. Why?

Once again, there is a school of thought that Linux isn't attacked by crackers because it's not as popular as Windows, and once again there's a grain of truth to this allegation. The Internet underground that generates viruses and worms holds Linux in high regard. However, there are many so-called rootkits available, generated by these same individuals, which aim to exploit holes within the Linux operating system and its software. So this theory clearly isn't true.

The bottom line is that writing a virus or worm for Linux is much harder than doing the same thing on Windows.

No Windows system is complete with an antivirus program. Antivirus programs for Linux are rare, although some are available (see www.centralcommand.com/linux_workstation.html).

image from book
Figure 9-1. An antivirus program for Linux

Note

A few companies offer antivirus programs that run under Linux for server computers, such as file servers or e-mail servers. However, these programs don't watch for viruses that run under Linux. Instead, they check files stored on that particular server for viruses that run under Windows. This adds an extra level of protection for Windows machines that use the server.

Cracker VS. Hacker

Linux users are often described as hackers. This doesn't mean they maliciously break into computers or write viruses. It's simply using the word hacker in its original sense from the 1970s, when it described a computer enthusiast who was interested in exploring the capabilities of computers. Many of the people behind multinational computing corporations started out as hackers. Examples are Steve Wozniak, a co-founder of Apple Computer, and Bill Joy, cofounder of Sun Microsystems.

The word hacker is believed to derive from model train enthusiasts who "hacked" train tracks together as part of their hobby. When computing became popular in the early 1970s, several of these enthusiasts also became interested in computing, and the term was carried across with them.

However, in recent years, the media has subverted the term hacker to apply to an individual who breaks into computer systems. This was based on ignorance, and many true hackers find the comparison extremely offensive. Because of this, the term cracker was invented to clearly define an individual who maliciously attacks computers.

So, don't worry if an acquaintance describes herself as a Linux hacker, or tells you that she has spent the night "hacking." Many Linux types use the term as a badge of honor.