Security in unix vs windows

This means that getting in through some network port usually gets the intruder no further than the affected service. This is even true of many services that are started from a normal user account, because those services are typically configured to switch user account "owners" when they start to take advantage of the benefits of privilege separation.

Many tools of malicious security hackers require administrative access to work effectively for them. Keyloggers are one of the major bogeymen of MS Windows security, but they require access to administrator-level components of the system to operate effectively on Unix. This means that a keylogger inserted into the system via some unprivileged user account does not have the access it needs to do its job.

Other security threats, such as rootkits, trojan horses, and botnet clients, also require root access on a Unix system to work. On MS Windows, the lack of rigorous privilege separation short-circuits this defense against malware. Microsoft Windows is well known for its tendency toward virus and worm infections. This is in large part because of the fact that MS Windows tries too hard to do everything for the user.

Arbitrary malware often automatically executes when effectively unrelated tasks are performed. When opening what appears to be a Microsoft Word document, but is, in fact, a cleverly designed malware executable, MS Windows will helpfully redirect the execution of the file from Word to what is actually needed to execute the file. By contrast, Unix systems do not do this sort of thing by default. Microsoft introduced a series of versions with the latest functions.

Unix and all its Linux distributions are available under the General Public License. Windows Operating System is proprietary software owned by Microsoft, meaning its source code is not available to the public.

User Interface: Unix operating systems are relatively harder to grasp and produce significant barriers for newcomers. However, some Linux distributions like Ubuntu are changing such perceptions by bringing in more GUI-based applications. Windows Operating System on the other hand is designed with the outset of keeping the UI as simple and user-friendly as possible, so that non-IT people can easily use computers for their work.

Processing: UNIX operating system supports Multiprocessing , meaning m any processes are executed simultaneously. In Multiprocessing, every process has a separate address space and CPUs can be added for increasing computing power. Not very likely, in other words. In the realm of e-mail, so too do Outlook and Outlook Express. Just as genetic diversity is a good thing in the natural world because it minimizes the deleterious effects of a deadly virus, so a diversity of computing environments helps protect users.

Fortunately, a diversity of environments is yet another benefit that Linux offers. There are also many shells, many packaging systems, and many mail clients; Linux even runs on many architectures beyond just Intel. So, whereas a virus can be targeted squarely at Windows users, since they all use pretty much the same technology, reaching more than a small faction of Linux users is much more difficult. Even though assurance requirements started primarily with government accounts, and in particular the U.

Department of Defense, they are applicable in a commercial setting as well. However, most customers do not need to meet the same level of assurance as the Department of Defense. Trusted Computing is an architecture that prevents tampering with applications and enables secure communication with a vendor. A number of vendors, like Intel, Microsoft, and IBM, are embracing the potential of this emerging technology.

At present, this capability is more vision than reality and neither Linux nor Windows is superior at this time. The open source community currently sees little value in Trusted Computing. Linux is superior to Windows because it supports open standards. Microsoft added an authorization capability to the Kerberos ticket, and although Kerberos was initially defined for this specific purpose, the functionality was never used.

Moreover, Microsoft embraced and extended the Kerberos standard by specifying the process for other applications to share the authorization data field in the ticket. If the criteria for a secure operating system is open source, then Linux is clearly superior to Windows. Despite the pragmatism of this initiative to add transparency and emphasize partnership, there are varying requirements organizations must meet to access and use Microsoft source code.

Security considerations in Linux and Windows continue to fuel the debate on which is better, an open source or closed source operating system. Industry logic is that an operating system based on open standards and open source enables interoperability, improves bug detection and fixes, and is superior to a model of security through obscurity.

Open source also forces Linux distribution providers to be absolutely transparent in the production process. Every step can be re-run by users, and this enables incremental security on a meta level. Windows, for which no source code is available, does not enable equivalent transparency. While Linux provides equivalent to superior security capabilities in comparison to Windows, the security of a Linux system is largely dependent on the choice of Linux distribution, the kernel it is based on, and the skill of the IT staff in implementing and supporting the system.

Since your success in implementing and maintaining a secure operating system rests with your IT shops, make sure that they have the training and expertise to deploy, manage, and troubleshoot. Formulate discipline on the part of the IT manager and system administrators who need to understand how to apply security best practices.

If you are considering migration to a different operating system or upgrading your current product, select an operating system environment based on a qualitative analysis of security capabilities, rather than beginning with point products.

When you combine consideration of your business needs with an understanding of operating system security capabilities, you can fulfill functional requirements, reduce risk, and ensure compliance. Stacey Quandt is a principal analyst at Quandt Analytics, where she covers key market trends important to IT vendors and corporate users of Linux and open source technologies.

About Us. Sign in. Forgot your password? Get help. Password recovery. Home News Linux and Windows security compared. Managers need a framework to evaluate operating system security that includes an assessment of base security, network security and protocols, application security, deployment and operations, assurance, trusted computing, and open standards.

In this study, we compare Microsoft Windows and Linux security across these seven categories. The overall findings of this qualitative assessment are that Linux provides superior to comparable security capabilities in comparison to Windows, except in the category of assurance — for now. Fundamental changes in Linux and Windows security For users, the evolution of Linux and Windows has all the trappings of a muscle car drag race. Open source, shared source A purely philosophical difference between Linux and Windows is the approach to code transparency.

Patch management Related to the differences in design of Windows and Linux is the process and complexity of patch management. Next: Key findings: Linux vs.

Windows security capabilities Key findings: Linux vs. Deployment and operations With deployment and operations, Linux has a slight edge over Microsoft, since most administration is done through a command-line interface. Trusted Computing Trusted Computing is an architecture that prevents tampering with applications and enables secure communication with a vendor. Open standards Linux is superior to Windows because it supports open standards.