BetterMakeWay

Hello folks,

Knowing that no OS in the world is flawless and thus each and every one is more or less prone to malware, from your multiple OS experience, i'd like to ask you which one do you think or feel is the most secure?

Also i opened this thread as i've read here and there some stuff, and i think there is a big misconception about one security issue:

Many believe, myself once included, that the more spread an OS is the more is prone to attacks, as logic could dictate this way. In other words, there must be a strong direct and proportional correlation between how common an OS is and the number of malicious codes written for it (including viruses, trojans, worms etc...). But recently i've read something that opened my eyes and here it is:

The mac malware mith

and Why mac won't inherit Microsoft's malware crown

I don't know how truthful those articles are but i've found them good reads as they are quite documented and have strong fundaments. So i recommend them to you.

So what do you think?

craigm1841

Linux is supposed to be the most secure. used by governments for the most sensitive information

tex_phil

It depends on how you use it. As a general OS, I'd say that Mac is the most secure from a virus or remote access attempts. Mac was build off unix btw^^ Linux would be behind it, there aren't really any virus's, there will always be exploits for applications or kernels. Its important to keep software on linux up to date, like php, and apache. There are all sorts of exploits out there depending on what you are running, sql query injects etc. I'd rate windows last.

BetterMakeWay

I also think as for the general user Mac OSX is the most secured. I read once an article about Windows (lack of) security and that article was very well based and the approach was less from an IT stand point. It showed that Windows suffers from such continuos and numerous attacks not because it is very wide spread but because of two things:

1. Poor software development. And an example i can recall is that the author showed how bad windows XP approached the user rights when you first installed the system, meaning that once you install it XP automatically grants you administrator privileges, and if you do something stupid be it from your fault or by catching some malware you automatically cause full damage as the administrator can do almost anything. With Windows Vista the MS(hit) folks changed the strategy or so it seems. When you install the OS and create your account you get the feeling you are administrator, but little do people know that account is in fact a hybrid. Not a normal user as in linux but NOT an administrator account. Not once i got into the situation i had to "run as administrator" smth to work properly. Which is dumb since that administrator account is not password protected, only your account is (or should be) and if the malware is installed it gets very easily elevation privileges. Yes Vista came with UAC but that is so stupid and annoying that you want to immediately disable it, making it useless.

and
2. Social engineering. Due to the ease of access to the exe files (related to no 1 above) it's quite easy to send people on emails attachements of exe files that clueless secretaries can double click and catch automatically some sort of virus or even worse. In Linux for example there is no easy way to do this, being in fact almost impossible. For once to execute anything (like a rpm tar ball) in Linux one has to grant root access, which is a totally different account with totally different privileges, but most of the software doesn't come compiled so you have to compile it in a multi step process, again as root. There is no simple way, like in Windows, to double click a .bat file that contains a few command lines meant to format your entire HDD.

OverSoft

Well, i use all 3.
Vista for personal home use and as my development machine. I also use a Vista box as a Mediacenter.
Mac OSX on my MacBook Air which i use to DJ on location and produce music with (in combination with a A&H Xone:4D).
Linux as our production machine which we actually sell (and all our software runs on).

First of all:
Exploits are widely available for all of them, which means that any system not firewalled properly and not running the latest updates will always be at risk of being compromised.
I have to admit that these exploits are most commonly seen on Windows based PC's (look at the amount of worms out there, Sasser, etc...), but there are lots of other hacks used on Mac and Linux machines too.
(Like kernel exploits, SSH exploits, SSL exploits and common Apache/PHP/Mysql exploits)

Firewall:
So, firewall any system that you have or put them behind a decent router. Even if you only have one PC, it'll save you boatloads of crap just picking up a router for 20 bucks and it'll save you from 95% of the exploits currently used on the internet. Also be SURE that you have selected a proper WiFi protection scheme if you use wireless, at least WPA but preferably WPA2 with a strong password (at least 10 characters).

Virus scanner:
You simply cannot get around this on a machine you'll be using internet on, on a day to day basis. Granted, there are no virusscanners for Linux (there are no virusses, ergo: no scanner), but on Mac OSX or Windows just stick with a cheap or free scanner (like AVG free for Windows). It'll take you 2 minutes to install and can possibly save you a load of crap later on.

Common sense:
Use common sense when using a PC. Don't click "Yes" every time you see a popup box asking you something, just read the dialog and understand why you should click yes (let me give you a heads up: most of the time you should select NO). The most important thing about using it sensibly: READ and UNDERSTAND. If you follow these simple rules, chances that you'll get a virus, worm or malware will be reduced by AT LEAST 99%


The most important one is "common sense". Just understand what you are actually doing will save you from having to do last weeks work all over again... This applies to EVERY operating system and every internet enabled device on the planet, so it's not just a Windows thing.

/edit:
Reading back my little story, i see that i'm using the word "crap" way too often

ld00d

I don't get viruses on my Windoze machine, but it's because I'm careful.

Anything dangerous happens on my Debian laptop. It's safe.

http://www.engadget.com/2008/03/27/pwn-2-o...2-minutes-flat/

tex_phil

Yeah I use all 3 myself too. Home PC is Vista 64 with 8GB of memory, my gaming PC. I've got a macbook pro which I have at work, along side my linux machines.

BetterMakeWay

http://hiderefer.com/?http://www.infoworld...-contest_1.html

yes i've read that on a different website but here's what i've already commented on the subject:

Unfortunately i ended up getting a monster of a PC last year and now i regret it completely. With that kind of money invested i would have easily gotten a Mac Pro, but without the crashes and freezes and bluescreens that come from God knows what (hardware incompatibilities, weak WINDOWS etc).

Here is my home PC
Now i found that all the new games, i can play on my iMac also using bootcamp. The only game that will for sure show up machine fatigue is Crysis but then neither my expensive worthless PC can play that with everything maxed. In fact i've heard that there is quite no home/user machine on the Planet that can play Crysis well (around 40fps) with everything maxed at resolutions equal or above 1920x1200

OverSoft

Well, crashes and bluescreens are not an issue if a PC is setup correctly.
I'm using my Vista x64 machine now for a year and a half without any problems or stability issues.

ImolaRedM

Lucky you. I use Unix (HP-UX/Solaris), OSX, Windows (XP/Vista/Win7), and Linux (RedHat/Fedora). Each have their issues. Those issues can be with hardware, other software, misconfiguration, etc. Vista has improved but still has lots of work ahead. Win7 is turning out to be a more polished WinOS.