Question What is more secure, desktop Linux or Windows?

Please provide comments and solutions that are helpful to the author of this topic.

Which is more secure, Windows or Linux?

  • Windows

    Votes: 11 30.6%
  • Linux

    Votes: 25 69.4%

  • Total voters
    36

Stenographers

Level 2
Thread author
Nov 11, 2022
48
A topic of much heated discussion. Which one is more secure? Lets frame this in some context to help answer the question. For this example, take a Fedora Linux desktop with SELinux configured and ClamAV installed. And lets compare this to a Windows desktop with the optional security features like ASR rules and controlled folder access enabled. This would be in an enterprise environment.

Additionally, some people say that open source development is more secure because anyone can review the source code for security holes. Others argue that open source is less secure because bad actors can look at the source code for vulnerabilities. Research has shown that security holes, once discovered, are patched in about the same amount of time for both closed source and open source software.

Windows has virtualization based security and sandboxing for user space applications. Fedora has Flatpaks which are sandboxed applications you can control the permissions of.

So, which one is more secure in this example? Does Linux have an edge over Windows when it comes to security? (Ignoring things like Qubes OS, which is by design much more secure than any other OS.)
 

Bot

AI-powered Bot
Apr 21, 2016
4,207
Both Linux and Windows can be made secure with the right configurations and settings. However, Linux may have an edge over Windows in terms of security due to its open source development model, built-in security features like SELinux, and a smaller population of potential targets for attackers. Nevertheless, it ultimately depends on the specific environment and how well security measures are implemented and maintained.
 

Stenographers

Level 2
Thread author
Nov 11, 2022
48
Are you we talking about an environment with an end-user, or not?

All end-users are an additional unnecessary risk.
Sorry should have been more clear. Lets assume that both OS's are being ran by a seasoned systems administrator with experience in both. Essentially under ideal conditions, where configured for maximum security and done properly, which would be more secure?
 

wat0114

Level 13
Verified
Top Poster
Well-known
Apr 5, 2021
617
Lets assume that both OS's are being ran by a seasoned systems administrator with experience in both. Essentially under ideal conditions, where configured for maximum security and done properly, which would be more secure?

I think only a seasoned systems administrator with experience in both can reliably answer your question.
 

Stenographers

Level 2
Thread author
Nov 11, 2022
48
I think only a seasoned systems administrator with experience in both can reliably answer your question.
I wouldn't call myself a seasoned system administrator, but I was a sysadmin for a while before becoming a security engineer. My understanding is that Fedora is more secure out of the box, but both can be configured to be reasonably secure. But I've been wrong about things before, and I'm hoping to get some different perspectives, sysadmin or not :)
 

Brahman

Level 18
Verified
Top Poster
Well-known
Aug 22, 2013
871
A topic of much heated discussion. Which one is more secure? Lets frame this in some context to help answer the question. For this example, take a Fedora Linux desktop with SELinux configured and ClamAV installed. And lets compare this to a Windows desktop with the optional security features like ASR rules and controlled folder access enabled. This would be in an enterprise environment.

Additionally, some people say that open source development is more secure because anyone can review the source code for security holes. Others argue that open source is less secure because bad actors can look at the source code for vulnerabilities. Research has shown that security holes, once discovered, are patched in about the same amount of time for both closed source and open source software.

Windows has virtualization based security and sandboxing for user space applications. Fedora has Flatpaks which are sandboxed applications you can control the permissions of.

So, which one is more secure in this example? Does Linux have an edge over Windows when it comes to security? (Ignoring things like Qubes OS, which is by design much more secure than any other OS.)
It doesn't matter much for sys admins, as they can make both equally secure imho. But I feel Linux has an advantage of being more secure out of the box. Windows without a 3rd part security software is not as secure as Linux is. I have installed fedora in my wife's laptop with nextdns doh and firewall set to drop all incoming with a user account without admin privileges and I know she will not be able to install a malware in it at all. What this gives me is peace of mind, i know I don't have to worry about security of her system. She is also happy with fedora, everything she needs to run on it runs just fine. So I vote for linux, especially for fedora.
 

RansomwareRemediation

Level 4
Verified
Well-known
Jun 22, 2020
187
I have understood, from my experience and what I have investigated, is that Windows in terms of security is 10 years ahead of Linux (Unix). And that is due to the gigantic number of users that Windows has. Regardless of the fact that Linux is used more than Windows on servers. Greetings. ps: the amount of malware that is created for windows is gigantic and usually many are created on Linux.
 

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
One can only assume you have conceded MacOS is the most secure and you are just comparing the 'also ran's'...

Afterall, according to Wiki, Apple laptops have been in the top 5 seller's by volume since 2012, so there couldn't be any other reason not include MacOs in your comparison...
 

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
Let's face it, even after 40 years of development, Windows, or more generally Microsoft software, is the most porous software in the World.

As far as I know, 'Patch Tuesday' is THE day of the week for Windows users...

Thanks BryanB, good timing as usual...

 

Stenographers

Level 2
Thread author
Nov 11, 2022
48
I was forgetting something. The Linux kernel is freely accessible, for everyone it is even downloadable. The Windows kernel is encapsulated. No one can access it. That increases security. Just because Windows is attacked doesn't mean it's not safe.
That is one argument that people make - that open source allows for bad actors to find flaws more easily. Others argue that open source means security issues get patched quicker. Data shows that Fedora Linux and Windows have about the same number of critical vulnerabilities and patch them about as quickly, with Fedora having a slight edge. I think the data shows that those two arguments are two sides of the same coin - they balance each other out!
 

Stenographers

Level 2
Thread author
Nov 11, 2022
48
Let's face it, even after 40 years of development, Windows, or more generally Microsoft software, is the most porous software in the World.

As far as I know, 'Patch Tuesday' is THE day of the week for Windows users...

Thanks BryanB, good timing as usual...

Windows by design isn't very secure out of the box. It is intended for maximum compatibility, at the expense of security. But there are many obscure optional features you can enable via archaic menus and powershell commands that help plug the leaks.
 

Stenographers

Level 2
Thread author
Nov 11, 2022
48
I have understood, from my experience and what I have investigated, is that Windows in terms of security is 10 years ahead of Linux (Unix). And that is due to the gigantic number of users that Windows has. Regardless of the fact that Linux is used more than Windows on servers. Greetings. ps: the amount of malware that is created for windows is gigantic and usually many are created on Linux.
Windows does have many more security features, but out of the box it appears to be less secure than a stock Fedora Linux install. And Linux is designed as a multi user system, and generally has tighter security by this design. Windows originated as a single user system, and Microsoft's intent on backwards comparability makes it hard for them to fix these fundamental issues.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
This article was posted back in 2021.
Linux is an open-source operating system, which means that the source code for it is available for anyone to see and modify, you can even create your personal Linux distribution and commercialize it if you want and nobody will stop you.

At first, you might think that this is a security risk since bad people can look at the code. But the benefits outweigh the risks in this case. Since even more, developers and researchers all over the world find bugs and exploits and send patches almost every day to the Linux source code, which makes it safer and more secure over time

Despite all of that, user actions are what matters in the end. Windows can be as safe as Linux if it is piloted by a good user who takes security measures into consideration.

The point where Linux beats Windows the most in my opinion is that it makes it hard for you to screw up because it gives you good security options by default and pushes you to do the right thing.

Microsoft could learn a lot from the way Linux does that. And as the developers of the most used desktop operating system in the world, they should implement better default options for security to combat nowadays risks.
Source: medium.com/codex/5-reasons-why-linux-is-more-secure-than-windows
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top