[Foss-cafe] Windows vs. Linux (and Unix) security breakdown
Steven Hatfield
steven at knightswood.net
Sat Oct 23 20:47:57 CDT 2004
Hello to all of the Free and Open Source Software loving people of the
world, or at least this email list...
A friend of mine and I were talking a couple of weeks ago about Linux
vs Windows security, and he said "If Linux were as populous on the
desktop as Windows, it would be experiencing the same security
problems". I read this report yesterday, and immediately thought of
that conversation:
http://www.theregister.co.uk/security/security_report_windows_vs_linux/
This report breaks it all down, and explains exactly what I was trying
so hard yet so unsuccessfully to say: The design is what matters, and
what matters is the design. Linux was and is designed for security
first and features second, while Windows is the other way around.
Microsoft has it back-asswards. If you read enough of that report
(it's BIG), you'll know why the world is a much safer place for
businesses that deploy Linux to their business desktops and data center
server rooms.
I know that Microsoft is moving Windows toward managed code, but that
is likely not to happen for a very long time (maybe 5 years or more).
Besides, even with Microsoft's managed code, you can run unsafe code
and step right out of the sandbox anyways:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/csref/
html/vclrfunsafe.asp
James Gosling, creator of the Java Programming Language, had this to
say about it:
From: http://www.eweek.com/article2/0,3959,741330,00.asp
[quote]
Gosling also spoke of Microsoft's .Net strategy and its Java-like C#
language, saying C# and Microsoft's memory model around C and C++ is
unsafe. "C# has this unsafe access facility," he said. "The C and C++
memory model strikes a bullet through the heart of Microsoft's CLR
[Common Language Runtime] strategy."
[/quote]
So even in the "new world order" of .NET and Managed code, Microsoft
puts features first, security second. This is the "big thing" that
will always bite them, and as black hats get more crafty, Microsoft's
OS is going to look all that much worse to the rest of the world.
Have a wonderful weekend,
-Steven
More information about the Foss-cafe
mailing list