ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Which do YOU think is the most secure OS?

By | June 1, 2010, 9:35am PDT

Summary: The report that Google might be dumping Windows for Mac and Linux because of security concerns has raised that age-old question - What’s the most secure OS?

The report that Google might be dumping Windows for Mac and Linux because of security concerns has raised that age-old question - What’s the most secure OS?

Personally, while I think that it’s interesting to try to read between the lines and guess why Google might have made this switch (if indeed it has), the bottom line is that the company is doing what it thinks is best. Same with individuals and smaller businesses. We make decisions like this based on our experiences, knowledge and bias (yes, bias comes into the equation … deal with it).

With that in mind, let’s ask the obvious question …

Poll

Which do YOU think is the most secure OS?

Reasoned arguments only, please!!!

My take is that the answer to this question revolves around what OS you know most about and are comfortable with. Remember too, that beyond security, you do, in a business environment at any rate, have to think about productivity. Also, remember too that one of the weakest links in the security chain is not the tech, but the person sitting in the chair in front of the tech! Education is one of the most effective weapons in the fight against hackers.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Operating System, Operating Systems, Security, Software, Adrian Kingsley-Hughes, Google-Windows

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
66
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Which do YOU think is the most secure OS?
zhangsan 10th May 2011
This is so awful. My sister (ten years older) and I were not all that

close growing up due to our age difference, but I cannot imagine my life

without her. The 8 years we shared in the same home were some of my fondest http://www.china-bambooflooring.com/

childhood memories.
View in thread
0 Votes
+ -
The most secure (Windows) is also the most targeted.
No_Ax_to_Grind 1st Jun 2010
Who would bother writing a virus / exploit for 1% (Linux) or 10% (Apple) market?
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
grant@... 1st Jun 2010
@No_Ax_to_Grind
Unfortunately, that is not the case. Look at web servers, where Linux outnumbers Windows, and yet, is still less hijacked. That said, AS/400 is probably the most secure. Not much use on a desktop, though.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
toadlife Updated - 1st Jun 2010
@grant@...
"Look at web servers, where Linux outnumbers Windows, and yet, is still less hijacked. "

[citation needed]
0 Votes
+ -
You are wrong
NonZealot 1st Jun 2010
@grant@...
1. LAMP is hacked at a higher rate than IIS.

2. Servers are attacked in radically different ways than desktops. Users do not (typically) log in to servers, browse, read mail, install neato utilities, and so most of the mass distributed malware that targets the desktop simply doesn't work against ANY server, be it Windows or Linux. So No_Ax's comment is right on. When you are using mass attacks, you target the largest audience, period. When you want to attack a server, you don't use a mass attack, it simply isn't very effective because your biggest attack vector (the user) has been removed from the equation.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
No_Ax_to_Grind 1st Jun 2010
Say what? Network (internet) servers are hacked CONSTANTLY. Read and learn.

http://www.zdnet.com/blog/security/research-76-of-phishing-sites-hosted-on-compromised-servers/2707
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
itguy08 1st Jun 2010
@grant@...

Citation is here:
http://news.netcraft.com/archives/2010/05/14/may_2010_web_server_survey.html

Apache 110,752,854
Microsoft 51,284,570
0 Votes
+ -
There were two parts required.
ye 1st Jun 2010
@itguy08:

Apache110,752,854
Microsoft51,284,570

"Look at web servers, where Linux outnumbers Windows, and yet, is still less hijacked. "

You provided the part that is not highlighted.
0 Votes
+ -
Web servers
Lester Young 1st Jun 2010
@grant@...

http://www.zone-h.org/archive

Doesn't support your argument at all.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
andreime 1st Jun 2010
@No_Ax_to_Grind
Whenever someone ask about security, some windows fan boy always comes along with this claim, that windows get viruses because it owns 90% of the market. You should do some research, mac and linux have a completely different architecture than windows, that offers many advantages compared to nt, like for example, not allowing everything to run an app. There are security issues for linux and mac, but they are way fewer and much harder to exploit.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
toadlife 1st Jun 2010
@andreime

You have no idea what you are talking about. The NT security model is every bit as capable as the UNIX security model.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
No_Ax_to_Grind 1st Jun 2010
No fan boy here, just someone that see's it everyday in my work. As I said, why would a hacker bother for a tiny slice of the pie when they can have 90% of it.
0 Votes
+ -
Please do tell
honeymonster 1st Jun 2010
@andreime

So do tell us, what are exactly the "advantages" of the Linux or OS X architectures which makes them more secure?

Is it the fact that Windows ancestor was made with multi-user + network security in mind? (hint: Unix was made for a non-networked world in acedemic circles where me-us-everyone else was enough).

Is it the fact that only Windows has any meaningful built-in sandbox? OS X "sandbox" is a joke - and not even enabled. Ubuntu *does* come with apparmor (an add-on as opposed to intrinsic security); *but it is not even enabled by default for Firefox*!

Is it the fact that managing a network and keeping it secure is a nightmare with Linux and (to a lesser extent) OS X because you have to script everything in the absence of declarative policies?

Is it the fact that Windows has the most fine-grained permission system out of them all?

Is it the fact that both Linux and OS X - thanks to their Unix heritage - both are dependent on the woefully dangerous setuid and setgid because they lack the capability to properly secure objects and not just "files"?

Is it the fact that Windows has the most advanced anti-exploit mitigations out of them all, like ASLR, SafeSEH, NX/DEP, variable reordering?
0 Votes
+ -
Promiscuous systems
Yagotta B. Kidding Updated - 1st Jun 2010
@toadlife

The NT security model is every bit as capable as the UNIX security model.

That might be interesting if it actually had any relevance. As is, there are so many wormholes in the actual implementation that it's just a distraction.

For instance, the #1 compromise for MS systems is still the bogus attachment -- which still works. That's why we're constantly barraged by warnings against clicking on attachments.

Send me a mail attachment and I'll click on it -- and not worry, because I'm not running a system which (rude metaphor) for every bag of bytes that wanders by and whistles.
0 Votes
+ -
Can you elaborate?
ye 1st Jun 2010
@Yagotta B. Kidding: For instance, the #1 compromise for MS systems is still the bogus attachment -- which still works. That's why we're constantly barraged by warnings against clicking on attachments.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
NonZealot 1st Jun 2010
@yagootta
Send me a mail attachment and I'll click on it -- and not worry, because I'm not running a system which (rude metaphor) for every bag of bytes that wanders by and whistles.

Neither are Windows users or OS X users so I'm not really sure what you are talking about.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
ryanstrassburg 2nd Jun 2010
@andreime
And it is that type of thinking that will get you infected...
0 Votes
+ -
"Reasoned arguments only, please!!!"
OS Reload 1st Jun 2010
@No_Ax_to_Grind

Please respect Adrian's wishes.
0 Votes
+ -
Regardless, any way you look at it, you are safer running Linux or OSX
DonnieBoy Updated - 1st Jun 2010
And, that will not change until the market share of Linux and OSX get large enough for them to a substantial target.

But, the thing to note is that the need for Windows is going away.

Finally, Windows is in no way more secure that either Windows or Linux, it is NOT just that there are more people using it.
0 Votes
+ -
And exactly why is the need for Windows going away?
wolf_z 1st Jun 2010
@DonnieBoy

I wouldn't quote Open Office, because it's floundering. So how exactly, for instance, has the need for Office gone away? How about all the millions of corporate apps? How has the need for them gone away--and they're either written for Windows or IE6 so same difference really...

Reasoned arguments only, please.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
rtk 1st Jun 2010
@DonnieBoy Safe and secure are not synonyms. As Charlie Miller pointed out, Macs are safer while being far less secure.

The poll topic is security.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
NCLI 2nd Jun 2010
@No_Ax_to_Grind
Linux is more secure than NT-based Operating Systems, and even Unix-based OS X. If you don't believe me, just compare the links below. They are security assessments of Ubuntu Linux 8.04 LTS, OSX, Windows XP, and Windows 7.

http://secunia.com/advisories/product/18611/
http://secunia.com/advisories/product/96/
http://secunia.com/advisories/product/22/
http://secunia.com/advisories/product/27467/

Way more security exploit are discovered and fixed in Linux-based systems due to the open development model, and please note that there are no unfixed exploit in Ubuntu 8.04, while there are several in OS X, XP, and Windows 7.
0 Votes
+ -
They who realize that most (99.999%) of desktops depend on servers..
AzuMao 2nd Jun 2010
..which run mainly on UNIX-like systems.

Also, the whole market share argument is complete bollocks anyways, since even if decrease in market share did just linearly decrease all attacks and importance, it would also decrease developers/updates/patches etc, these two canceling eachother out.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
rtk 2nd Jun 2010
@AzuMao This again? Your logic is fatally flawed.
  • Flagged
0 Votes
+ -
@rtk Sorry, there's more to making an argument than automatic gainsaying.
AzuMao 2nd Jun 2010
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
uftr@... 2nd Jun 2010
Clearly, Other is the OS to beat when it comes to security for the simple reason that no one, not even the dedicated malware writers of the former Soviet Union, have ever heard of it. Where can I get a copy? Cool name... I like it... "Other".... hmmmm.
0 Votes
+ -
From my experience using all 3 OSs
NonZealot 1st Jun 2010
If security is the ONLY consideration:

1. Linux: most secure out of the box and can be tweaked to get very secure.

2. Windows: slightly less secure out of the box and has more limited tweaking.

3. OS X: first to fall within seconds at PWN2OWN. Apple started by stealing a great kernel but every line of code they added made the OS less secure until we are left with the swiss cheese we have today.

I still personally prefer using Windows because while it isn't quite as secure as Linux, I feel that it is secure enough for my purposes and I appreciate the extra usability of the OS. Linux is great and if I was forced to switch tomorrow, I wouldn't fight it at all, but my choice is still Windows.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
jmiller1978 Updated - 1st Jun 2010
@NonZealot

2. Windows: slightly less secure out of the box and has more limited tweaking.

Don't fiddle with Group Policy very much? Windows' central management and policy enforcement give it a "leg up" compared to linux. A properly defined GPO can lock any Windows install down tight and still leave it usable. Problem is most people still run with admin rights by default.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
NonZealot 1st Jun 2010
@jmiller1978
I said it had more limited tweaking, not that it had limited tweaking. happy Yes, I agree that you can lock down a Windows machine quite tightly. I still give Linux extra marks for 2 reasons:
1. You are able to remove more uneeded code from a Linux system than you can a Windows system. MS has come a long way here but Linux still gets more points.

2. I don't believe MS has anything as robust as AppArmor or SELinux. These require a LOT of tweaking but they are available. GPO and IE Protected Mode are more limited in comparison.
0 Votes
+ -
I think it depends on the target user.
ye 1st Jun 2010
@NonZealot: "I don't believe MS has anything as robust as AppArmor or SELinux. These require a LOT of tweaking but they are available. GPO and IE Protected Mode are more limited in comparison."

While I agree SELinux and AppArmor are more complete than Mandatory Integrity Levels (MIL) they're no good to the average user because they're too complicated for most users (even knowledagable ones). A security feature, no matter how good, is useless if it's not used.
0 Votes
+ -
Given the fact that almost nobody targets Linux, Windows is about 100X less
DonnieBoy 1st Jun 2010
secure, right here, right now, today.
0 Votes
+ -
The most secure OS is the one I have control over
Michael Kelly 1st Jun 2010
That's why I tend to choose Linux. However I will gladly use Windows 7 in situations that call for it, but I will make sure I only use it for what it is intended to be used for and will check everything that goes on it. Of course I do the same for Linux, but Linux tends to make this easier.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
grant@... 1st Jun 2010
Linux is more secure than Windows for a few reasons:
1) Permissions rather than file names denote whether or not a file is executable.
2) Shared libraries are versioned (prevents DLL hell)
3) Protected memory extends beyond kernel space.
4) The system was designed around multiple users, and therefore it is reasonable to run applications as an unprivileged user who has write access to only the home directory.
5) Package management makes it easy to keep all applications up to date, rather than just those that shipped with the OS.

Mac has the potential to be more secure through many of the same things, but chooses not to. Most secure, though, goes to none of the three most popular on the desktop.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
toadlife 1st Jun 2010
@grant@...

1) How is that a problem? In windows one can easily lock down a user profile using default ACLs and accomplish the "no execute by default" behaviour that UNIX does. besides the no execute by default is only useful in server scenarios.

2) DLL was solved in Windows a decade ago

3) What are you talking about here?

4) NT was designed around multiple users too. Employees here have been running their desktops without admin rights for around eight years now, starting the day we rolled out Windows 2000.

5) Every app we run in deployed remotely. We use pakcages too; the .msi variety.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
grant@... 1st Jun 2010
@toadlife
1) You said it: the no execute by default is only useful in server scenarios
2) MSVCRT40, enough said.
3) When you have a protection exception, the application to show the error is the one whose storage was stepped on, not the one that overran its boundaries. The only memory space with protection key checking before write is kernel space.
4) Perhaps, but the applications are still not. The registry is still a central point for all users. Most applications require write access other than the user home directory (Documents and settings\USERID) and temp space.
5) But there is no central update mechanism. I cannot go to one place and update all of my OS an applications. The packages are only half the battle. The management of them is the real battle. I can simultaneously update every application on my system. Acrobat reader does not update separately from Open Office.

BTW, OS/400 is the most secure, not Linux.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
toadlife Updated - 1st Jun 2010
@grant@

2) No, that's not enough. You've typed the name of a library. So what? The occasional library conflict can still happen on BSD and linux too.

3) What do you mean by "protection exception". Windows, starting with NT3.51 has has protected memory.

4) Each user has their own registry hive which is separate from the main system hive. badly coded applications say nothing about the underlying windows security model. It's *not* hard to write an app that runs without admin rights.

5) There would be no central update for Linux apps if it had 89% market share. The market would not stand for it. Most proprietary vendors would flat-out refuse to let their apps be distributed by a third party.
0 Votes
+ -
DLL solves a decade ago, then why can't you use Jet on Vista 64
Uralbas Updated - 1st Jun 2010
Or, if you install PdaNet twice on box, you can't get it to work. DLL and registry issues.

Windows is intrinsically unsafe, beyond the free ports used by some agencies to monitor use of each system.

Or if you are on the same network and you don't have you box locked down, its easy to run a vba application that will start another process on a remote machine.


Linux is completely more secure cause the end user can actively limit any application or user in very simple terms. There are applications and services that user can't limit on a Windows box, or you have to go through cumbersome methods to do so.

Linux is definitely more secure in server or user scenario.

You can run a Linux box with out Anti virus software. In Windows systems including Vista, even with antivirus software just by surfing a website or opening a pdf file your box can get easily infected.

Then to clean the mess, with Linux its easy, with windows you need to hack the registry and do all sorts of operations in safe mode to clean things up.

Keep your Windows, I'll choose Linux anytime.
0 Votes
+ -
Wow, so many things wrong with what you wrote!
NonZealot 1st Jun 2010
@grant@...

toadlife did a fantastic job with his response to you but I figured I would add these 2 comments:

1) Permissions rather than file names denote whether or not a file is executable.

And you need admin permissions to set the execute bit on a file, right? Oh, you don't? Then it is a security fail. Oh, and if a file is tarred with the execute bit set, it is untarred with the execute bit set. Again, a security fail. Oh, and buffer overruns work just fine if a file without the execute bit is parsed by a program with the execute bit set (like the infamous libpng vulnerability).

2) Shared libraries are versioned (prevents DLL hell)

.NET DLLs are versioned too.
0 Votes
+ -
Most Secure OS? That must be Open BSD.
OS Reload 1st Jun 2010
Linus once called the Open BSD guys "a bunch of masturbating monkeys" because of their excessive focus on security.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
Loverock Davidson 1st Jun 2010
@OS Reload
Crap, I hate agreeing with you but I must this time.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
Loverock Davidson 1st Jun 2010
I had to select Other as OpenBSD is not on the list. Linux couldn't touch it in terms of security. Theo and his crew are elite at what they do, designing an operating system with security in mind, not an afterthought like in linux.
0 Votes
+ -
More secure by design
pjotr123 1st Jun 2010
Linux has, of course, the most secure design. Because it has strict rights management over all the files and requires a root password for installing software.

More explanation:
http://sites.google.com/site/easylinuxtipsproject/security

But possibly BSD is even more secure than Linux. Not because of design, but because of obscurity. A low number of users has it's advantages.
0 Votes
+ -
All the desktop OSs require root / admin password for installing software
NonZealot 1st Jun 2010
@pjotr123
Not sure why you are chalking that one up as an advantage for Linux.

All 3 desktop OSs will also allow you to run programs without "installing" them first so none of them, in their default configuration, will prevent users from downloading and executing applications.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
toadlife 1st Jun 2010
@pjotr123

"it has strict rights management over all the files"

So does Windows.

and requires a root password for installing software.

Not true. If a system required root/admin rights to install ANY software, it wouldn't be a true multi-user system.

"because of obscurity. A low number of users has it's advantages. "

You're hitting on something here.
0 Votes
+ -
Four Words
tk_77 1st Jun 2010
OpenVMS.
0 Votes
+ -
They're all about the same.
ye 1st Jun 2010
As far as general purpose operating systems go they're all about the same in this area. If I had to rank them it would be as follows:

1. Windows and Linux.
2. OS X.
0 Votes
+ -
The biggest thing is that Google has no need for Windows, and, FUD works!!
DonnieBoy 1st Jun 2010
NT.
0 Votes
+ -
Its pretty simple
Bodazapha 1st Jun 2010
Firewall + locked down browser + smart downloading (nothing with file extension that can manipulate code).
0 Votes
+ -
That's easy
eMJayy 1st Jun 2010
The more secure OS is the one running on my friend's PC that I can confidently borrow to access my bank account without worrying about whether the machine is loaded with malware. Obviously, that's not Windows.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
rtk 1st Jun 2010
@eMJayy That's not any OS. Come log into your bank account on my linux machine, without any malware. Bet I can save your account number and password pretty easily.
0 Votes
+ -
OS/360
Yagotta B. Kidding 1st Jun 2010
No networking, requires hands-on operators, not multi-user.
0 Votes
+ -
RE: Which do YOU think is the most secure OS?
zhangsan 10th May 2011
This is so awful. My sister (ten years older) and I were not all that

close growing up due to our age difference, but I cannot imagine my life

without her. The 8 years we shared in the same home were some of my fondest http://www.china-bambooflooring.com/

childhood memories.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix