January 29, 2011

Why Microsoft Windows can never be as secure as GNU/Linux

Posted in Uncategorized at 23:26 by frifan

There are many reasons why Microsoft Windows has a very poor security record, but I won’t go into that here. Instead I will focus on why this is unlikely to change, even if Microsoft puts its best minds together to try to solve the situation. I will state upfront that it, of course, is possible to fix the Microsoft Windows security problems, although they would have to totally rebuild it and break backwards compatibility, in other words, it wouldn’t be Microsoft Windows anymore.

In this post, I will try to explain why Microsoft Windows can never be as secure as GNU/Linux. Many people seem to believe that Microsoft’s poor security record is due to its overwhelming popularity, but even counting per capita, it still is outstandingly bad. That Microsoft Windows is targeted by spyware, viruses and other malware, has other reasons too, not only because it is the most popular choice. Read this article to find out.

I’m not going to go into all aspects of why Microsoft Windows has bad security, but rather focus on why it will never get as good as GNU/Linux. Please, note that these are just the three things that I think are the most important:

1. Close Source

Good security in software does not rely on being secret, because inspecting it will not reveal any vulnerabilities, just proof of its security and robustness. GNU/Linux is open source and anyone can inspect the source code. Many software and security specialists have investigated and analyzed the Linux kernel. Their conclusion is that it has the highest known quality in the world. Many security analysis firms commonly use it as a benchmark for their code analysis tools.

Microsoft Windows is close source, and receive much less code review by software and security professionals. The source code could be either good or bad without us knowing about it. Those selected few who do get to see the code are under non-disclosure agreements not to talk about it. What we do know is the security holes that Microsoft chooses to publish, which unlike GNU/Linux, is far from all known weaknesses. Part of reporting security problems to Microsoft is signing non-disclosure agreements, which means that the users are left in the dark as to what the problem is, how it will be solved, or even if it will be solved. There are numerous cases where reported security holes have remained unpatched for years and Microsoft has also acknowledged that they do not publish all security holes that they know about. Not even after fixing them.
Microsoft relies on obscurity as the security principle, which leaves security holes undisclosed and unpatched for long periods of time. Microsoft also stated, on the record in its court trial over monopoly abuse, where it was convicted, that it cannot disclose all its programming interfaces, because some of them contain unfixable security holes, which only a rewrite and redesign could solve. Despite Microsoft best effort to minimize security holes in their software the number of published vulnerabilities have not diminished and remain as high as ever.

When it comes to security vulnerabilities in Microsoft Windows, we’re only allowed to see the tip of the iceberg. Those few weaknesses that they choose to publish in their patch-Tuesday security updates. Those published numbers of security holes are then used in Microsoft advertisements to compare it to the full disclosure of all GNU/Linux security vulnerabilities and even in such a slanted comparison they come out arguably about equal. So the tip of the security problem in Microsoft Windows is comparable to the total of all security vulnerabilities in GNU/Linux. Thank you, Microsoft, for pointing that out to us!

2. Single User Design

Microsoft Windows was designed as a single user system and that design decision is carried into most of the application programming interfaces (API’s). This means that many applications run with the highest security clearance. If there is a security hole in such an application, then the whole system has been compromised.
The pathetic User Account Control (UAC) has done little to change anything, from a security perspective, as it is flawed and vulnerable itself.

GNU/Linux, by contrast, is a true multiuser system, where applications always run with reduced security clearance. Thus breaking the security of one application, does not give the malware access to the whole system, just the application and user data.

3. Homogenity

A Microsoft Windows system is pretty much predefined by Microsoft, i.e. they have decided what is included in the system and then the users almost always have the Microsoft Office Suite installed too. This provides a big attack surface for viruses and other malware, as they can rely on certain software to be installed. Also remember that the office suite runs with security clearance for the whole system. On top of this, Microsoft’s preference for convenience and simplicity will allow many malware to install unnoticed and automatically.

GNU/Linux systems come in many shapes and forms, where system libraries have different versions and enable different features. They may even be placed in different locations. There is not a single piece of software, except the most basic libraries and the Linux kernel, that remain the same across most distributions. Some malware would need to be much more complex just to perform simple tasks on a GNU/Linux system.

References:
Techrights
Groklaw

As time allows I will update the text and, maybe, include direct links to back up some of the most important statements. In the meantime, I refer you to the sources above, which will provide support for all of the statement in this blog, and lots more…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: