Secured Linux vs Secured Windows?

[shmu26]

Windows suffers from a lot more security issues than Linux does. But on the other hand, it has highly developed security apps to deal with them.
So at the end of the day, which wins: a well secured Windows machine, or a well secured Linux machine?
And am I safer surfing with Chrome on Windows, protected by HitmanPro.Alert, for instance -- or surfing on Chromium on Linux, protected by... you name it

 

[Dirk41]

Less viruses around ( for home user)-> less probability to get infected .

But lately there were some important vulnerabilities. But just update .


But you have to know Linux .
I mean I could click on thisismalware.something without knowing that is a malware

 

[tim one]

So at the end of the day, which wins: a well secured Windows machine, or a well secured Linux machine?

Speaking of malware infection, Linux is based on the concept of multi user: there is a user working on the computer, and there is a super user, that can do everything. Also, as an intrinsic system, it makes difficult the life of a malware.

For example, if we receive a malware and we give - write and execution permissions - the malware can only infect all of the files that are not related to the filesystem. It may infect all files inside the home folder, but the system will be intact and still working although we have given the write permission!

Thanks to the multi user system we have given the execution and writing permission, related only to our user, which is certainly not the root user, the superuser, so the malware may not have access to the protected file system.
Of course, if we give different permissions, the malware can compromise the system, but it is a very difficult thing.

Do you think that Linux or Windows is well configured/secured, there are differences ? Behind the computer there is always a user, and how the operating system is well programmed, it is not always possible to say the same thing of its user.

 

[Ramona]

Linux is by far more secured, it's even easier to secure it.

Windows: you can't really secure it (you can never secure windows), if you look at the last test done by AvLab.pl Comodo Internet Security failed (this god product that people love lately), two ransomware encrypted the files.
Linux: you install only from repository, set your firewall to block all incoming connections (if you wanna share files with other Windows PCs just allow ports 137 and 138), install NoScript Security Suite in your Firefox and you are done (you can also use FireJail if you really want).

On there other hand, there is a lot of marketing when it comes to security products so be aware.
Even if you use the so called best, there is human behavior (you don't know what is good or bad).

In the end, the best security software is this.
If you need help on securing your linux distro, feel free to PM me

 

[MalwareBlockerYT]

Linux for sure. I have never really fully tried Linux but I know for a fact that it's more secure than Windows. Most people use Windows which is obviously why everyone wants to infect a Windows PC and not a Linux PC - barely anyone uses Linux or MacOS compared to Windows.

 

[Sr. Normal 2.0]

Linux here. It's safer and it's very comfortable, but ... I'm the only one who misses registry cleaners, antivirus ...? I have been using Linux for several years and never suffered an infection. There are different free and paid antivirus solutions, but I just set up the firewall in the different distros I've used

 

[shmu26]

okay, the average windows user is much, much more likely to get hit by malware than the average linux user.
But what about a windows user who is already set up with his default/deny, and his anti-exploit, and his other security toys? Why is Linux better?

 

[Wave]

And am I safer surfing with Chrome on Windows, protected by HitmanPro.Alert, for instance -- or surfing on Chromium on Linux, protected by... you name it

Neither. You won't be "safer", but you will find less active threats for Linux than Windows and this is due to the popularity usage differences. That being said, you can still do things like injection, keylogging, etc for Linux; there's nothing stopping an attacker of doing this, however they'd need to study development for Linux which could take time if they were an existent Windows programmer instead.

You could use Linux as your Host OS and use Windows as your Guest OS in a Virtual Machine, that would be much safer. Then revert with a snapshot on the Windows OS if you become infected; Linux is lightweight too depending on what you use, so it could work well in terms of performance as long as your specs are pretty decent (but I wouldn't ask me about this as I lack knowledge on good/bad specs really).

Less viruses around ( for home user)-> less probability to get infected .

Try to use the term "malware" instead of "viruses", since a virus is a type of malicious software and viruses are much more obsolete compared to other types of malicious software these days. These days, it's much more common to find ransomware, keyloggers/password stealers, botnets, clickers, and typical spyware/adware, compared to viruses.

 

[Wave]

okay, the average windows user is much, much more likely to get hit by malware than the average linux user.
But what about a windows user who is already set up with his default/deny, and his anti-exploit, and his other security toys? Why is Linux better?

Linux isn't necessarily "better" since no OS is fully secure, everything can be exploited... However due to popularity and the differences between Windows and Linux, it may be more common to find threats on Windows (usually). If you are working with Default Deny and Anti-Exploit on Windows then you'll be much safer, but at the end of the day, if you don't pay attention and watch closely then you'll become infected no matter what you do. Once you are infected it doesn't matter if you have on-demand scanners which can help you, because the point is that the system did become compromised... How do you know personal information hasn't already been stolen or that threats are really all gone after removing detected items?

Just watch what you do and don't be click-happy and you'll be safe on both Linux and Windows. A problem on Linux and OS X is some people believe they are bullet-proof when they aren't using Windows... Nope! That isn't the case in reality. Linux is also famous for the Backtrack distro, often used for penetration testing.

Edit:
I will add as an addition to my previous post: Linux is quite similar to Windows, in the sense that to inject into an admin process on Windows you need to be running as admin, whereas on Linux to inject into a root process you'll need to be running with root privileges. For injection on Linux you can just use the ptrace function (ptrace.h), so you can still do malicious things like this on Linux, it's not just exclusive to Windows. Linux has lots of power for malicious software, but we hear more about Windows because attackers are usually more adapted to Windows in terms of viruses, injectors, ransomware, and the such. Wait a while and malware will crash down on other OS versions like Linux one day the same way it is now on Windows. But do not use either OS and assume you are secure just because it's not Windows as this isn't the case.

 

[Ramona]

okay, the average windows user is much, much more likely to get hit by malware than the average linux user.
But what about a windows user who is already set up with his default/deny, and his anti-exploit, and his other security toys? Why is Linux better?

Default Deny it's not the answer, you need strong BB (Qihoo, BitDefender, Emsisoft).

Why Linux is better ?
By default you have an non-root account, you don't have any opened ports (use firewall to block all incoming connections), the only way you can get infected is if you install it yourself. If you have an updated OS don't worry about exploits ( + use things that I talked above).

Let's look at Dirty Cow, the last big exploit for linux

In order for Dirty Cow to work you need an active port and an exploit to be able to drop the payload (dirty cow), in other words you need other exploits to use this one. Dirty Cow is a "local exploit".

Also about this "But what about a windows user who is already set up with his default/deny, and his anti-exploit, and his other security toys?", remember "On there other hand, there is a lot of marketing when it comes to security products so be aware."

 

[Amiga500]

Neither. You won't be "safer", but you will find less active threats for Linux than Windows and this is due to the popularity usage differences.

I beg to differ.
linux is the primary os for the majority of the worlds servers and its for a very good reason,if you compare usage figures then sure there is more windows users but an attack and breach of a linux server would be far more devastating and thus a linux system HAS to be more secure at default.

 

[Dani Santos]

In fact Windows 10 is far more secure than some linux distros in terms of JUST the operating system. What makes windows more vulnerable is the high ammount of users, which makes it more worth to spend time finding vulnerabilities than for other OS, the high ammount of novice users using the OS and the ammount of vulnerable programs like flash, java and web browsers. Windows is a closed source OS and there are many microsoft's highly trained engineers just to find and fix the vulnerabilities and make it more secure. Linux relies on a wide comunity of programmers to find and fix its source code. Which being it open source there are advantages and disavantages compared to Window's closed source code.

Spoiler: image

 

[Wave]

Default Deny it's not the answer, you need strong BB (Qihoo, BitDefender, Emsisoft).

Nice!

 

[Wave]

I beg to differ.
linux is the primary os for the majority of the worlds servers and its for a very good reason,if you compare usage figures then sure there is more windows users but an attack and breach of a linux server would be far more devastating and thus a linux system HAS to be more secure at default.

Cool!

But it doesn't matter which OS you use, it's about how you use it. If you go around clicking on every website link from search engines + email and downloading and running everything without research then you'll become infected no matter what. But cool!

 

[Dani Santos]

I beg to differ.
linux is the primary os for the majority of the worlds servers and its for a very good reason,if you compare usage figures then sure there is more windows users but an attack and breach of a linux server would be far more devastating and thus a linux system HAS to be more secure at default.

There are also big windows servers: azure. So no diference there. Both are good and secure.

 

[Wave]

There are also big windows servers: azure. So no diference there. Both are good and secure.

I totally agree!! Nice work

 

[_CyberGhosT_]

Linux is far more secure than Windows, Windows by default
has too many open ports which Linux does not do.
Windows has far many more attack vectors some of which are
created by the very software that's supposed to protect it.
Comparing Windows to Linux is like comparing a kevlar vest to
a dirty sock.

 

[Soulbound]

None is more secure than another basically. Totally different file systems, encryption methods for partitions and the list goes on.

To those who say to block ports in firewall in Linux, 90% of the distros do not contain Firewall for starters.

Linux is a bit more "secure" in a way due to how SU/ROOT/normal user accs are setup by default, but doesnt mean a decent malware script can trash your system. The difference is that the majority of linux users know how to restore Kernels, dig and get things fixed.

Average joe in Linux will not know how to compile kernels and know some basic commands in Linux.

Then we have Windows: where theres tools available to plug in holes, easier to use and way less maintenance than a Linux system.

Oh and lets not get started on hardware and drivers compatibility...

 

[Dani Santos]

Oh and lets not get started on hardware and drivers compatibility...

I agree with you on the rest. But the Windows drivers are far better optimized. One example is gaming. The problem is when you install windows 10 on a pc with drivers only for windows 7. You may be lucky like me and it works or it can cause lots of problems.

 

[Soulbound]

I agree with you on the rest. But the Windows drivers are far better optimized. One example is gaming. The problem is when you install windows 10 on a pc with drivers only for windows 7. You may be lucky like me and it works or it can cause lots of problems.

no one said otherwise. hardware and drivers compatibility in Linux will never be like windows. Been the case for many years and before was even worse.