×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

UNIX Security: Don't Believe the Truth?

Hemos posted more than 8 years ago | from the the-flame-war-begins dept.

Security 520

OSNews has an interesting editorial about security on UNIX-like systems. "One of the biggest reasons for many people to switch to a UNIX desktop, away from Windows, is security. It is fairly common knowledge that UNIX-like systems are more secure than Windows. Whether this is true or not will not be up for debate in this short editorial; I will simply assume UNIX-like systems are more secure, for the sake of argument. However, how much is that increased security really worth for an average home user, when you break it down? According to me, fairly little"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

520 comments

Backup (3, Insightful)

biocute (936687) | more than 8 years ago | (#14651586)

So if an OS is to make a daily backup of user's home directory (or My Documents) automatically and locks it away (until emergency) from user access, it might just win the heart of users.

Re:Backup (5, Insightful)

RailGunner (554645) | more than 8 years ago | (#14651632)

So if an OS is to make a daily backup

Google "How to use cron".

The OS already can be set up to do this. The premise of the article is flawed; and based on a premise that I reject. Chances are, if you're smart enough to run Linux, then you're probably smart enough to backup your important files.

Plus, given the author's scenario - let's flip it around: A Windows virus can bork your data and your OS. At least with UNIX, backups notwithstanding, the OS is still there and you'd have a much better chance at recovering your data than you would with Windows.

Mod article -1, Flamebait.

Re:Backup (1)

SirGeek (120712) | more than 8 years ago | (#14651776)

Plus, given the author's scenario - let's flip it around: A Windows virus can bork your data and your OS. At least with UNIX, backups notwithstanding, the OS is still there and you'd have a much better chance at recovering your data than you would with Windows. I fully agree with you. I just had one virus basically roach a friend's laptop. The virus attached itself to EVERY executable image on the hard drive. I had to wipe the programs ( Adaware, Spy Bot, or Avast could not remove the virus and all recomended deleting the files ). I had to re-install Windows inorder to get the system to start after virus find/repair/delete was done. The system is fine now. Its running Avast and Zone Alarm and I'll be educating them in how to use Firefox and to run Adaware and Spybot.

Re:Backup (0)

Anonymous Coward | more than 8 years ago | (#14652009)

The virus attached itself to EVERY executable image on the hard drive.

Who has executable images?

Its running Avast and Zone Alarm and I'll be educating them in how to use Firefox and to run Adaware and Spybot.

I'm thinking they're not the only one who needs some educating.

Re:Backup (5, Funny)

MandoSKippy (708601) | more than 8 years ago | (#14651950)

My grandmother would like to know what this "cron" you speak of is... it sounds like a old science fiction movie, but she can't figure out the connection between movies and backups....

Re:Backup (0, Redundant)

xtracto (837672) | more than 8 years ago | (#14652003)

Then I would recommend you setting up an NON ADMINISTRATION privileged account on any system she uses.

The only real difference between Windows and all Unix flavors now is that the first gives administrator privileges to its users by DEFAULT, and *promotes* the use of the computer with them, while the last (all unix flavors including Linux and BSDs) promotes the contrary.

I think Windows is less secure than say, Mandriva on the same way that Mandriva is less secure than OpenBSD, they just leave the more "dangerous" services/tools disabled by default.

It won't do anything for users, heh... (0)

Anonymous Coward | more than 8 years ago | (#14651655)

...and I couldn't help it this time.
 
  Don't believe the truth? YOU CAN'T HANDLE THE TRUTH.
Good day, sir! --AC

Re:Backup (3, Insightful)

Jordan Catalano (915885) | more than 8 years ago | (#14651659)

Wow. This snippet of an article really misses the point. If nothing else, it's just mean. It finds this "flaw" which exists not as part of the OS's security systems, but in user behavior. It waves its arms in the air, trying to make it seem like a big deal, and offers no insight into any sollution. Responsible computing has responsible users as a requisite. You have to give users SOMETHING to call their own. If they don't respect this space, backing it up or storing off-site copies of important files, they don't deserve to have it. I don't mean to be snippy, but how much hand-holding is the OS supposed to do? Would the author prefer a computer that was more TV than anything else, showing a lot of output but not taking any input from a user that could conceivably "gum up the works"?

Re:Backup (2, Interesting)

Chrismith (911614) | more than 8 years ago | (#14651699)

So if an OS is to make a daily backup of user's home directory (or My Documents) automatically and locks it away (until emergency) from user access...

Who determines what the emergency is? The system itself? If there really is an "emergency," will the system even be in a state to realize it? The last thing users need is to be lulled into a sense of security by automatic backups that can't be retrieved when you really need them.

Re:Backup (2, Insightful)

PastAustin (941464) | more than 8 years ago | (#14651782)

I am sorry but first of all if you have important data that matters to you, you should be backing it up.

Second since when was it true that Windows backed up the data? As he says in the article Windows and Linux do the same for that.

I would take the car with airbags (linux / unix with security and less vulns) over the car with a shaky tinfoil frame that I always need to take to the shop -- even if that photograph I have pinned on the sun visor gets burned in both cars if I get in an accident.

I don't see the point of this terrible "article" (if it can be called anything more than a short, unsubstantiated rant) or why it was posted anywhere, let alone /.

Get a mac (1)

goombah99 (560566) | more than 8 years ago | (#14651799)

Look at the risk of being labeled a fanboi, macs are easier to use than windows and when used in the manner that most home users will use it are arguably more secure than Linux. Sure it's possible to make a more secure linux, but not one that's usable to a home user.

As for locking it away add something like the following to your cron jobs running as root:

find / -depth | cpio -dpl /backup

this makes a virtual backup of your files sufficient for most user's anti-viral backup needs. It does not protect you against some forms of file modification or a disk crash. But on the otherhand it consumes almost no space ont he hard drive, so it can be done almost anywhere.

you need to add to that files to avoid, and be sure the directory is only root accessible. If you want to get fancy you make copies of these virtual backups for weekly.monthy yearly backups. If you want to get tricky you can do crazy shit like mounting another filesystem on top of that directory to hide it from accidental or viral access.

 

Re: What is the point of the article? (1)

OneWebster (949438) | more than 8 years ago | (#14651981)

What a great article. The ad in the middle of this "Microsoft Article in Disguise" really makes me want to switch away from OSX. How much was VISTA again? and I can't stop thinking about SQL Server!!!!!! I want IT!!!!

Re:Backup (1)

electroniceric (468976) | more than 8 years ago | (#14652010)

To be honest, this is an long-overdue idea. What an end user really wants is something like FreeNet (minus the creepy libertarian/spook overtones) where your data is transparently saved, unreconstructable except by you, to a whole raft of peers, with a full local copy that flushes out to the 'Net at the right times. It would be nice to have the whole OS whole OS hosted, but for the pressure that puts on having a reliable and fast internet connection.

The core technical idea of FreeNet is an excellent one, but people's interest in it has much less to do with liberty and freedom from censorship, and everything to do with robust access to data. Frankly I don't give a rip if my mom can see my bank number or even my cheesy love letters to my ex-girlfriend as long as I can relax and know that my data isn't a either a hard drive failure or a virus away from elimination or widespread dissemination to Russian teenagers who I do NOT want seeing either of the aformentioned items.

As for the article, about the only assertion one can find there is "compromization of userland matters too". Yup, it does.

I'll Field a Few Questions (4, Insightful)

eldavojohn (898314) | more than 8 years ago | (#14651589)

How much is that increased security really worth for an average home user, when you break it down? According to me, fairly little. Here's why.
Yes, it is duly noted that you're the only person from which this information is originating.
But what is more important to a home user? His or her own personal files, or a bunch of system files?
If "Johnny's first day at school" is more important that system critical resources, perhaps you should have hard copies (CD, DVD, tape, etc.) of this media.
Of course, they should make backups-- but wasn't Linux supposed to be secure? So why should they backup?
You're right, you should make backups. You have a love-affair-dependency on your hard drive. Everyday you need it to retain the ones and zeros it holds that forms your data. One day, your personal hard drive isn't going to be there for you. That's why you should back up regardless of how secure you feel. Most "normal home users" don't have redundant RAID arrays running. Furthermore, it isn't "secure period," it's touted to be one of the most secure operating systems. Wait, weren't we talking about Unix?
Isn't Linux immune to viruses and what not? Isn't that what the Linux world has been telling them?
I don't think anyone but Mac users claim that. And anyone that claims that for any processing device is lying to you. There are Linux Viruses [viruslibrary.com] out there, just use your favorite search engine.
UNIX might be more secure than Windows, but that only goes for the system itself.
Oh good, we're back on Unix here (they're not exactly the same, you know). I disagree, both sides (user and system) are more secure in the case of Unix or Linux for that matter.
In the end, the result of a devastating virus or other malware program can be just as devastating on a UNIX-like system as it can be on a Windows system
While this might be true, I think you should take into account the frequency of said viruses [theregister.co.uk] . When's the last time a massive virus attack has taken down entire networks of Unix machines?
To blatantly copy Oasis: don't believe the truth.
So you talked about Unix security without quoting a single authoritative source on the issue. And to finish off this article, you rely on a one-hit wonder brit pop band to prove your thesis. May Slashdot have mercy on your soul, Thomas. Endure the onslaught.

Re:I'll Field a Few Questions (2, Insightful)

yroJJory (559141) | more than 8 years ago | (#14651689)

The article immediately takes the position that any data loss due to malware attack means the system isn't secure. However, the fact that you do not have to rebuild the system because only one user got nailed by the attack is never mentioned. Nor that other users were not affected and could continue using the system without disturbance (most likely).

So, in effect, the user who was attacked was quarantined, making things _more_ secure.

Re:I'll Field a Few Questions (1)

yroJJory (559141) | more than 8 years ago | (#14651731)

And one more thing:

Mac users don't think their system is immune (at least not intelligent ones). They just know that because so much OSS software is included, the patches for vulnerabilities tend to come quickly.

And there's no point in paying Symantec for virus software that quarantines the swapfiles anyway. :-)

Re:I'll Field a Few Questions (0)

Anonymous Coward | more than 8 years ago | (#14651709)

Oasis? One hit wonder?

Wow, may the British Slashdotters have mercy on *your* soul.

Re:I'll Field a Few Questions (0)

Anonymous Coward | more than 8 years ago | (#14652014)

"may the British Slashdotters have mercy on *your* soul"
damn right!

mod parent up!

Re:I'll Field a Few Questions (2, Informative)

TheRaven64 (641858) | more than 8 years ago | (#14651723)

While I agree with most of your arguments, I think that describing Oasis as a 'one-hit wonder' is a bit far from the truth [wikipedia.org] . Even I've heard of them, and it takes a lot for pop culture to penetrate my little reality-bubble.

Re:I'll Field a Few Questions (0)

Anonymous Coward | more than 8 years ago | (#14651747)

Off-topic, but...Oasis a one-hit wonder?? Come on, now...I'm assuming you're either an American that doesn't acknowledge the rest of the world (in which case, why should we take you seriously?), or you don't know jack about music and yet insist on trying to make judgements in ignorance (in which case, why should we take you seriously?)

Re:I'll Field a Few Questions (0)

Anonymous Coward | more than 8 years ago | (#14651859)

Oh, come on. They spout the same whiney atonal not-music that every other 'rock' band does today; the only thing I'll give them is that they were whiney and atonal before most of the other bands figured out that it would sell albums.

Re:I'll Field a Few Questions (5, Funny)

xappax (876447) | more than 8 years ago | (#14651754)

redundant RAID arrays

I don't know if it was intentional or not, but that's pretty funny.

It's not funny ... (2, Funny)

eldavojohn (898314) | more than 8 years ago | (#14651791)

I get called out on this a lot and I'm going to point out some key differences between two types of RAID arrays [wikipedia.org] . A RAID 0 (also known as a striped set) splits data evenly across two or more disks with no parity information for redundancy. Therefore, it is an example of a RAID array that is actually not redundant (despite the acronym). Even if a normal user was running RAID 0, a hard drive crash would be catastrophic.

Still laughing?

Re:It is funny ... (2, Funny)

Anonymous Coward | more than 8 years ago | (#14651922)

Still laughing?

Yes, thank you. This time at you.

Re:It's not funny ... (2)

Shisha (145964) | more than 8 years ago | (#14651973)

"You're technically correct Hermes Konrad, the best type of correct." Futurama.

Re:I'll Field a Few Questions (4, Interesting)

hey! (33014) | more than 8 years ago | (#14651827)


>>the end, the result of a devastating virus or other malware program can be just as devastating on a UNIX-like system as it can be on a Windows system

>While this might be true,


I think it is tautologically true. Devastation is a noun, like "unique" that does lend itself to qualification. I think it's also true that Windows users meet with devestation and the hands of malefactors much more often than Unix users; in part this is due to the prevelance of Windows of course. But it hardly explains the mountain giving birth to a mouse response of Microsoft when it comes to improving the situation for their users.

There probably isn't a single kind of vulnerability in Windows that has not been in Unix. The only difference is that in Unix is a choice and Windows is a fact of life. Providers of Unix compete with each other, whereas Microsoft, while it may labor mightily on various things, only works barely hard enough to make life bearable. Nor should we expact it to do "better"; as a business they do what the market tells them to, and if the customer bears much, then the vendor does little. I was fascinated during the MS anti-trust trial of the idea of splitting MS up into competing windows providers. If there were competing providers for Windows variants, Windows would be ust as good as Unix, possibly better.

I expect as more customers desert Windows for Linux (there is no place to go but up), Windows security will improve greatly.

I am reminded of Lord Macaulay's speech on copyright, in which he explains that perpetual copyright is bad for books, "I believe, Sir, that I may with safety take it for granted that the effect of monopoly generally is to make articles scarce, to make them dear, and to make them bad. "

and one egregious error (4, Insightful)

Quadraginta (902985) | more than 8 years ago | (#14651828)

The guy skips lightly over the fact that it's the system that mediates interactions between the Big Bad World (a/k/a the Internet) and the user and his precious files, so that if the system is well-designed and set up properly, it will do a great deal to protect the user even from his own actions.

An analogy one might usefully make is to the highway: good system-level security is like a well-designed, well-lit highway. Sure, the user (driver) can still kill himself, but he has to behave unusually recklessly. On the other hand, poor system-level security is like a rutty, unexpectedly curving dark country road. Even reasonably careful drivers at moderate speeds can get in trouble.

The guy is focussing on the fact that in both cases the driver can get himself killed. But that isn't the whole story. One "road" (system) makes it easier for a moderately careful "driver" (user) to survive. The other puts even careful "drivers" at risk. And, of course, there's the obvious fact that no "road" (system) can possibly protect the completely reckless "driver" (user).

Re:I'll Field a Few Questions (1, Insightful)

Anonymous Coward | more than 8 years ago | (#14651938)

An important factor to bear in mind is that an increasing number of home computers are multi-user environments where an entire family may have individual user profiles on the machine, isolating those users so that something one of the Kids or, more likely, the over confident father, may install can't destroy everyone's data is a pretty major improvement over the default way in which windows systems work. Having installed and configured windows systems for people and tried to enforce a similar protection with separate admin users and non-privileged users I know first hand that there is no solution as elegant as the GNOME desktop's graphical sudo and these users will invariably either ask to have admin privileges for their own users, or a friend will come round and disable the security so that they can get the user to install junk they send to them with MSN!!!

Haha (4, Funny)

BHearsum (325814) | more than 8 years ago | (#14651590)

This story was ripped on for being lame on osnews earlier this week. Now the slashdotters get to make fun of it too.

Pointless (2, Funny)

Dashing Leech (688077) | more than 8 years ago | (#14651593)

Why is this necessary? How many people actually run UNIX at home and where's the push to get it at home? Linux is another story, but security is only one of many reasons there.

Re:Pointless (2, Informative)

Dashing Leech (688077) | more than 8 years ago | (#14651629)

And yes, I note that the article mentions Linux and OSX, but as I mention in the parent post, I would argue security isn't a big reason why people switch. It's just a bonus.

Linux at home (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14651711)

I continue to be surprised at those who still don't seem to understand the viability of UNIX on a home desktop. I took an old Pentium II-class Gateway laptop a few weeks ago that was running Windows 98. My six-year-old daughter wanted a system and since 98 is impossible to secure (technically, abandonware) and XP has no chance in hell of running on this fossil with any reasonable load of applications (96 MB RAM, 2 GB drive, etc), I loaded Gentoo on it with KDE.

Not only does she have no difficulty using it, but my wife and 12-year-old son are on it all the time checking emails and websites. The wife's a hard-core Mac user and my son normally uses XP. So while all the tech industry reporters out there muse about "when Linux will be viable for the home desktop," those of us out here who have a clue will continue to quietly use it.

Re:Linux at home (0)

Anonymous Coward | more than 8 years ago | (#14651816)

So the only Unix you run at home is Mac OSX? (Hint: Linux is not Unix even though it looks and behaves similarly to it...)

Re:Pointless (1)

Anonymous Monkey (795756) | more than 8 years ago | (#14651777)

but security is only one of the many reasons there

I'm not a Super Linux Master(tm) and doubt I ever will be, but I can say that Linux is more fun. Recently I got a copy of DSL, and it's cool. It's quite nostalgic to boot up a computer with only one disk. Reminds me of my old 8086 I used in high school. Two floppy drives, no hard drive, and it even had a dot matrix printer. Computers like that are just more fun...ok, so I'm weird.

*sigh* (0)

Anonymous Coward | more than 8 years ago | (#14651603)

If you don't patch Windows, you're screwed.

If you don't patch Unix/Linux/*BSD/et cetera, like with Windows, YOU'RE SCREWED.

Thank you.

*sigh*

Doesn't Matter So Long As It Works (5, Insightful)

American AC in Paris (230456) | more than 8 years ago | (#14651611)

That sucks, but: UNIX rocks, the system keeps on running, the server-oriented security has done its work, no system files were affected, uptime is not affected. Great, halleluja, triumph for UNIX.

and a triumph for the home user. If you had to choose between having a virus that both destroys your personal files and compromises your system or a virus that only destroys your personal files, which would you pick? He's making light of a very significant thing for most home users--a full wipe and reinstall of the operating system and applications. That's a day's work for your typical user, more if you have a bunch of programs you need to go hunting for.

But what is more important to a home user? His or her own personal files, or a bunch of system files? I can answer that question for you: the pictures of little Johnny's first day of school mean a whole lot more to a user than the system files that keep the system running.

What's the value of Johnny's first day of school photos if you can't boot the damned computer? Again, the author makes light of the value of the system to the home user. Just because John Q. Public cares more about his cup holder than his engine block doesn't mean he won't care when the cylinder head cracks.

Of course, they should make backups-- but wasn't Linux supposed to be secure? So why should they backup? Isn't Linux immune to viruses and what not? Isn't that what the Linux world has been telling them?

Actually, no. I have yet to speak with a single techie who says that you don't need to back up important files under any circumstances. In fact, viruses are almost always a "secondary" reason for backing up files; the primary driving reason behind backing up your files has traditionally been that of hardware failure.

The crux of his entire argument rests on the supposition that, to the home user, the system simply doesn't matter. In a most cosmetic sense, this is true; home users don't give a damn about kernels and drivers. The instant something goes wrong with that system, however, it's a nightmare for that archetypical home user (who, remember, doesn't know and doesn't care how the thing works). When everything works, they can open and print Johnny's files just fine, but what the heck are you supposed to do when the omgwtf32.dll pops up an error message when you try to open Johnny's picture?

Re:Doesn't Matter So Long As It Works (1)

dc29A (636871) | more than 8 years ago | (#14651726)

If you had to choose between having a virus that both destroys your personal files and compromises your system or a virus that only destroys your personal files, which would you pick? He's making light of a very significant thing for most home users--a full wipe and reinstall of the operating system and applications. That's a day's work for your typical user, more if you have a bunch of programs you need to go hunting for.

That has nothing to do with Windows vs Unix. Windows offers the same facilties to secure your OS. Juste use a non administrator user and you are pretty much set. On my PCs I always use a non administrator user once system is installed. To patch, log on root, patch, log off. A virus can only erase my files only, just as if I were using unix.

The problem is, that MS (and many software producers) encourage people to use an administrator accounts. And that's the big part of the problem. The other part is that on Windows you have a plethora of useless services on by default. It's gotten better with XP SP2 but still, many useless services (and some dangerous like Remote Registry) are on by default.

Don't blame Windows for lack of security, blame the people who use it and to an extent Microsoft.

Re:Doesn't Matter So Long As It Works (1)

digitalhermit (113459) | more than 8 years ago | (#14651767)

When everything works, they can open and print Johnny's files just fine, but what the heck are you supposed to do when the omgwtf32.dll pops up an error message when you try to open Johnny's picture?

I think you give that author way too much credit :D His article would hold a lot more water if I was the only user on my WindowsXP box. I'm not and share it with two other users. I certainly don't want them to trash my files as well as theirs when they click on some Spanky.mpg link.

Re:Doesn't Matter So Long As It Works (2, Insightful)

thc69 (98798) | more than 8 years ago | (#14651814)

He's making light of a very significant thing for most home users--a full wipe and reinstall of the operating system and applications. That's a day's work for your typical user, more if you have a bunch of programs you need to go hunting for.
Actually, for "your typical user", it's a lot worse than that. It's dropping the computer off for a week or more, paying $100 or more, and getting it back not working the way you want it to, and struggling to get your settings and preferences and programs back the way you like them...and, like you say, STILL not having the pictures of Johnny's first day at school.

Besides, I mostly don't hear that Linux (or any UNIX-like OS; collectively referred to by myself as "unixen" or maybe "unices") is automatically and inherently more secure than any other OS (except a few rare cases whose main purpose is security, such as OpenBSD); the truth (which is what you find if you pay attention) is that it's easier to secure, and can be secured better.

I'm not sure how important that is anyway. The bugaboo for typical home users is so rarely a targetted attack on their data. Rather, it's the daily destruction of their OS by common malware. Their data generally survives even the worst collections of OS-crashing adware, spyware, virii, and Sony rootkits. In this arena, unixen are much better, with their limiting the user to a home directory.

Of course, OTOH, practical usability (including the fact that Windows is almost exclusively common as the pre-installed OS, and the OS for which classes are available everywhere and for which applications are taught at schools) for joe schmoe still leaves Windows as the most satisfactory for such users.

Meanwhile, I'm off to test a bunch of modern Linux distributions (as well as a few BSDs and an Amiga OS clone) on old hardware to see what runs best for my purposes (one as a file server, another as a combination thin VNC and RDP client and print server)...

Re:Doesn't Matter So Long As It Works (1)

Otter (3800) | more than 8 years ago | (#14651848)

The point (and this comes up in the opposite direction when pompous Linuxers slam Lindows and other distros that routinely run users as root) is this: the perception of the security advantages of Unix is based on professionally-maintained multi-user systems and is irrelevant to home Linux use.

On a traditional university or engineering system, files are routinely backed up, and the design of Unix kept anyone but the admin from breaking anything system-wide or for other users.

On a home system, files are almost invariably not backed up, with the result that $HOME is precious. The rest of the system is relatively unimportant -- most of the non-default configuration is in $HOME anyway -- and can easily be reinstalled in an hour. (A day?!? Maybe on Gentoo!) Besides, given that the user is the admin, and necessarily has to be able to break anything he has the capacity to fix, there's no reason to assume the magical safety of system files.

Re:Doesn't Matter So Long As It Works (1)

isotropique (635117) | more than 8 years ago | (#14651885)

There is another point the author of the article is missing. Imagine the desktop computer is used by 3 different persons, each one having its own account. Under Windows, a virus could wipe everyone personnal files plus the operating system. Under UNIX/Linux, only the personnal files of the negligent account are lost.

Re:Doesn't Matter So Long As It Works (1)

advocate_one (662832) | more than 8 years ago | (#14651918)

Actually, no. I have yet to speak with a single techie who says that you don't need to back up important files under any circumstances. In fact, viruses are almost always a "secondary" reason for backing up files; the primary driving reason behind backing up your files has traditionally been that of hardware failure.

Amen brother... having personally experienced two catastrophic hard disk failures... I don't want to go down that road ever again... I save important stuff off to cdrw AND usb sticks and also use a USB hard disk for backups (I regularly make sure that important stuff on that USB disk (the baby photos and the like) is also duplicated on DVD). Basically, I'm paranoid about disk failures now... the last one came with NO warning...

Re:Doesn't Matter So Long As It Works (3, Insightful)

poot_rootbeer (188613) | more than 8 years ago | (#14651949)

What's the value of Johnny's first day of school photos if you can't boot the damned computer?

System files are fungible; user files are not.

If my OS gets trashed but my photos are unscathed, I can still view them if I rebuild the OS using the install discs -- or I can even switch to a different OS entirely, and the photos will be viewable there. It may take some time to recover, but it's possible and even likely.

If my photos get trashed, though, and I don't have a a good backup copy, they're gone forever. There's nothing that can be done.

Open Source (2, Insightful)

wesw02 (846056) | more than 8 years ago | (#14651621)

Open source, maybe?

The ability to change and fix problems within the code? I mean I'm not a top level programmer who is constantly editing his kernel source code, but I have changed quite a few applications to benefit my needs.

What me worry? (0)

Anonymous Coward | more than 8 years ago | (#14651626)

"Is that increased security really worth for an average home user, when you break it down? According to me, fairly little."

Until someone steals your identity or uses your computer for maliciousness. Plus, I dont know about you but I don like he inconvenience and frustration of closing pop ups every ten seconds because of all the adware that forced iself to get installed.

http://www.cifas.org.uk/identity_fraud_is_theft_se rious.asp [cifas.org.uk]

Idiotic article... (0)

Anonymous Coward | more than 8 years ago | (#14651627)

Yes, it's true that it is possible to abuse user files.. however, unix software has been working on this problem for the last 30 years. Bill and Co only realized this could bite them in the ass a couple years ago. I think I'll trust the bearded men with clue rather than the fresh faced windows developer who's been at this ever since he got out of tek skool.

Bastille-Linux (2, Insightful)

Ransak (548582) | more than 8 years ago | (#14651638)

Maybe more distros should come with an install routine for Bastille-Linux [bastille-linux.org] . The FTA never mentioned this product, although it's more geared toward servers, not desktops. My guess is it wouldn't take much to turn this into a product for all *nix desktop operating systems.

Re:Bastille-Linux (1)

undeadly (941339) | more than 8 years ago | (#14651897)

Maybe more distros should come with an install routine for Bastille-Linux. The FTA never mentioned this product, although it's more geared toward servers, not desktops. My guess is it wouldn't take much to turn this into a product for all *nix desktop operating systems.

If you are willing to run Bastille-Linux (hardening script, really, and not only for Linux) why not install OpenBSD [openbsd.org] ? Hardening scripts not supplied by the Linu distro has a tendency to make administration harder and break your installed OS. With OpenBSD you get a hardened OS with ports tested to work with this hardening. If you need accellerated 3D, then OpenBSD does not yet offer this.

Wrong. (4, Insightful)

matt me (850665) | more than 8 years ago | (#14651639)

Even if you read the RTFA, which says that rather than computer exploding windows-style, nix hackage will just wreck your home, which is supposedly all that matters to a home user. Still wrong. Think multiple users for a start. But that's totally wrong when it amounts to time lost. If windows gets fucked as it often does i've seen many a user stick in their oem disk, reinstall completely, and then go through painfully reinstalling everything they had before. Say my /home was wrecked? All I'd need to do is fdisk the drive and create a new user? Besides, as in unix only exectuable files can be a source of infection, rather than screwed up images and office files, I can safely copy away anything I want. It's dumb. Sorry OSnews.

Re:Wrong. (0)

Anonymous Coward | more than 8 years ago | (#14651727)

Besides, as in unix only exectuable files can be a source of infection, rather than screwed up images and office files

This is nonsense. Anything that can cause a buffer overflow (e.g. a malformed image file) can be a source of infection.

Re:Wrong. (4, Insightful)

vidarlo (134906) | more than 8 years ago | (#14651743)

Besides, as in unix only exectuable files can be a source of infection, rather than screwed up images and office files, I can safely copy away anything I want.

So a libpng buffer overflow, allowing a png image rendered in mozilla to execute code can't be harmfull? Sorry pal, but this is not a problem with the OS, but the applications and libraries.

Re:Wrong. (0)

Anonymous Coward | more than 8 years ago | (#14651999)

And such a clearly false statement is modded +5 Insightful, go figure.

A bit of a stretch (0, Redundant)

Billosaur (927319) | more than 8 years ago | (#14651643)

But what is more important to a home user? His or her own personal files, or a bunch of system files? I can answer that question for you: the pictures of little Johnny's first day of school mean a whole lot more to a user than the system files that keep the system running. Of course, they should make backups-- but wasn't Linux supposed to be secure? So why should they backup? Isn't Linux immune to viruses and what not? Isn't that what the Linux world has been telling them?

It begs the question, why would you store things like personal pictures, music, and such in your home directory rather than on some other media? If you're expecting nothing bad to happen, no matter what operating system you choose to use, then you're being foolish.

Besides, I don't think the Linux community has been stating that Linux is "bulletproof" but more that it's better than Windows at security. As the number of Windows-related vulnerabilities increases, this will become more important to the home user, who isn't going to to worry just about the destruction of their personal files, but the taking of their personal data.

Security from the ground up? (1)

ArcSecond (534786) | more than 8 years ago | (#14651651)

Okay, I won't go on about stuff I am clueless about, *but* wasn't UNIX inspired by MULTICS, and wasn't MULTICS a pretty secure o/s, by design?

How hard would it be to start fresh, apply the Linux method to MULTICS or something like it, to have a an networking-oriented o/s with comprehensive security?

I know, I know: commitment of effort and resources is the main issue. I am just hoping someone is already doing it somewhere...

Re:Security from the ground up? (1)

rolfwind (528248) | more than 8 years ago | (#14651961)

Okay, I won't go on about stuff I am clueless about, *but* wasn't UNIX inspired by MULTICS, and wasn't MULTICS a pretty secure o/s, by design?


Yes Unix was inspired by Multics. I don't know about the security of Multics, Unix was written by Kernighan/Ritchie because they saw defiencies in Multics. I believe Multics didn't have a good scheduler, it slowed down with multiple users, and back then when computer time was alloted, that meant everything. I don't think security was a particular problem like it is today....

How hard would it be to start fresh, apply the Linux method to MULTICS or something like it, to have a an networking-oriented o/s with comprehensive security?


A secure, networking oriented OS?

I believe you are talking about Plan 9.

http://www.cs.bell-labs.com/wiki/plan9/plan_9_wiki / [bell-labs.com]

http://www.ecf.toronto.edu/plan9/plan9faq.html#pla n9design [toronto.edu]

There's also an OS based on/off of Plan9 called Inferno. Look into it.

Interesting (0)

squoozer (730327) | more than 8 years ago | (#14651654)

I'm not convinced that *nix systems are actually that much more secure than Windows systems. In fact I have a feeling that *nix system probably have more holes than Windows systems. The difference is that there are far fewer people looking at breaking *nix systems and there is a greater diversity of systems. I wouldn't be supprised if we saw a serious Linux worm sometime this year simply because Linux is starting to get a bit of an installed base.

While most of the people on /. are certainly very technically savvy there are quite a few people using Linux now that aren't as clued up. I think I have put together quite a secure box now but when I started using Linux a number of years ago I didn't have a clue where to start securing the box. There is no doubt in my mind that Linux is harder to make very secure than Windows but that a fresh install is more secure by default.

Measuring security is diffucult but I can't help thinking the Linux community is becoming a bit complacent about security.

less risk of any holes being exploited (2, Insightful)

martin (1336) | more than 8 years ago | (#14651661)

I think the phrase "less risk of any holes being exploited" is better than "more secure".

Unix can be hacked/cracked too, just there's less likelihood and there less risk associated with running a *nix based O/S.

His objections are utterly unfounded (also stupid) (4, Insightful)

karmaflux (148909) | more than 8 years ago | (#14651679)

This is the false sense of security I am talking about. UNIX might be more secure than Windows, but that only goes for the system itself. The actual content that matters to normal people is not a single bit safer on any UNIX-like system than it is on any Windows system.

This idiot is stating that because some users don't understand the UNIX security model, the UNIX security model is flawed. Apparently, as far as he's concerned, if ~ gets destroyed, the whole system may as well be destroyed. He's blathering about a "false sense of security," but I have never, anywhere, ever, heard anyone say that you don't have to back up your data if you run UNIX.

Sound and fury, understanding nothing. Typical of OSNews, but sad that Slashdot's carrying this crap.

Isn't that obvious? (5, Interesting)

Dlugar (124619) | more than 8 years ago | (#14651680)

I think the author of the editorial makes a rather trivial point. (They could have made the point a lot stronger, pointing out that malware, spyware, adware, trojans, etc., are all able to be run from within unprivileged user-space.)

But why would a home user care about Unix-type security? I'll give you a few reasons of my own.

(a) Smaller target. Yes, that's right, I'm saying that the largest increase in security that home users get is because they're using something that 90% of the home user market isn't. This isn't a feature inherent to Unix, obviously--but I still think it's a reason to switch. "But if everyone switches, won't that get rid of the security increase?" Perhaps a little, but the only way it would completely vanish is if everyone switches to the same flavor of Unix. If we have a Unixy, more secure home computing environment, but slightly different flavors, then viruses and malware will have a more difficult time propagating in such a non-homogenous environment.

(b) Remote exploits. This, I think, is a lesser issue, but not a trivial one--there are a considerable number of remote exploits in Microsoft software, and there have been a non-trivial number of viruses and malware that spread through this vector. Unix-based systems are historically less vulnerable to such attacks, and often the remote processes that are vulnerable run under a different user than the desktop user anyway.

Dlugar

Re:Isn't that obvious? (1)

llZENll (545605) | more than 8 years ago | (#14652019)

If any user honestly uses linux/unix only for increased security they should simply use a mac. Its a whole lot easier, has user friendly software, and fits your argument for case (a).

From a home user standpoint there is only one reason to use linux/unix when mac is available, if you want a free OS, but if you're coming from windows, you should be used to paying for your os.

(yes i know mac runs linux whatever underneath, but from a home user standpoint, this is irrelevant)

Come on guys (3, Insightful)

AutopsyReport (856852) | more than 8 years ago | (#14651686)

Don't waste your time. Read a more interesting article: How Do Computers Work? [factmonster.com] . At least this one has pictures.

Are the editors even paying attention here? How can a 500-word, Grade 6 public speech-quality editorial makes it to the frontpage? Where is the quality here, folks?

J2ME security (2, Interesting)

IamTheRealMike (537420) | more than 8 years ago | (#14651691)

When this story appeared on OSNews I had a discussion with a friend about it. One security model that provides an interesting contrast to the UNIX/Windows DAC security system is J2ME security [plan99.net] , which I wrote an article about.

Now, J2ME is a flawed platform in many ways, but in terms of security they're light-years ahead of where desktop computing is. There are many things we could learn from it.

Code is there for you to see, No back doors. (1)

fa_king (952336) | more than 8 years ago | (#14651692)

How much more secure can you get when you can actually view the source code. With proprietary code you are not certain that the system you are running is actually behaving the way it should.

Re:Code is there for you to see, No back doors. (1)

Ekarderif (941116) | more than 8 years ago | (#14651786)

Some people actually believe in security through obscurity. Hackers won't find flaws if the source code isn't readily available! Of course, they don't understand that opening up the source code helps fix flaws faster than people can break them.

Just the fact that... (1)

JustNiz (692889) | more than 8 years ago | (#14651693)

in *nix, user-level apps don't have write-access to system directories beats the hell out of the Microsoft model.

Don't even get me started on the stupidity of how installing an app in windows allows it to extend the whole OS.

Derr (1)

bahwi (43111) | more than 8 years ago | (#14651694)

Yeah, but who cares about the security of a home user? Get a NAT firewall and a good backup and if your computer crashes, burns, and blow up simultaneously, who cares?

Now, workstations, with actual valuables on it and that are needed for day to day operations of the company, need to have better security than just a NAT box and Norton.

And servers, where Unix really excels, let's just say Bank of America ATM's down because of a SQL Server Worm and leave it at that.

Home users? Who cares? I work from home and have enough friggin backups it wouldn't kill me to have my computer crash and burn. It'll put me out of comission for a few days sure, but still.

How is this even newsworthy? (1)

dtalton (666561) | more than 8 years ago | (#14651710)

This is just a small, random editorial piece that makes only one statement that would probably be just a millesecond thought process to most of us. I'd like to see real data on specific OS's pitted against each other, armed with switchblades and stuff, to the death.

Unix was a joke for years (2, Insightful)

Billly Gates (198444) | more than 8 years ago | (#14651721)

When NT 4.0 was coming out the arguments were that it was more secure than the joke that was Unix. I remember top security guys telling me to get my mcse for that reason. This was in 1996.

Its laughable today because it was before the holes in Windows2k were discovered but there is some truth. VMS and MVS were standard and rock solid with security. Unix like Windows was written in C with parts of c++ scattered here and there with userspace apps. Buffer overflows galore are everywhere.

  Even MacOS (not Macosx) was more secure for the reason that it did bounds checking on types. Add to that the fact that x86 can not tell the difference between cache stored for ram and cache stored for applications where you can just point to where a program is stored for execution and you have a nightmare on yoru hands.

Keep in mind I am no expert and I dont even have my 2 year degree yet. Perhaps someone more knowledgable can clarify how the compilers work?

Unix is surely better than Windows but VMS is about gone and who uses mainframes anymore besides a selected few users who need them?

Standards are good but there is no diversity left in platforms. Its too bad VMS just died and stayed closed. It would be nice to have something besides just unix and Windows

Re:Unix was a joke for years (3, Informative)

CockMonster (886033) | more than 8 years ago | (#14651801)

There's more to security than buffer overflows, and as for compilers, they can only do so much as buffers can be dynamically sized.

Re:Unix was a joke for years (1)

operagost (62405) | more than 8 years ago | (#14651974)

I'm not trying to turn this into OS advocacy, but on what basis do you say VMS is dead? They are still shipping lots of OpenVMS Alphas, started shipping Itanium last year (I'm installing one this month), and every major and most minor apps were ported to Itanium. Most apps can simply be recompiled. The only thing I'm worried about is the FUD being directed towards IA64. If I64 goes down the tubes, I'm not sure where OpenVMS and HP-UX will go.

Classic "Straw Man" argument (4, Insightful)

sarastro_us (745933) | more than 8 years ago | (#14651736)

Security equals security for *your* files, and Unix can't do that, so Unix must be just as insecure as Windows. Only when you define "security" in your own, narrow way, and then never implicitly say what that definition is in your 'article'.

Unix Security: don't believe the FUD (3, Interesting)

JTorres176 (842422) | more than 8 years ago | (#14651744)

I wonder why he didn't bring up that Dad has pictures of Little Johnny on his first day of school Mom has all of her and dad's wedding photos. Litte Suzy has all of her papers for school on the hard drive. Little Johnny likes to look up pr0n.

Windows situation, While trying to download hotmidgetdonkeypornheaven.exe, Little Johnny accidently picks up uber.worm. Uber.worm deletes Johnny's files, suzie's files, mom's files, dad's files, system files, makes the system useless, and you go from a windows computer to a nice paperweight until you reformat. *nix situation, While trying to download hotmidgedonkeypornheaven.sh, Little Johnny accidentally picks up the uber.deletion.script. Uber-del deletes johnny's entire home directory!

Of course, Mom, Dad, and Suzie are entirely unaffected because Johnny doesn't have permission to overwrite those files.

Wonder why the asshat, er, I mean, article writer didn't bring up that snippet?

Re:Unix Security: don't believe the FUD (1)

operagost (62405) | more than 8 years ago | (#14652004)

Because if Johnny is a limited user and not an administrator, he won't be able to hose the Windows system either.

Ok, who forgot to put the foot icon on this story? (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14651745)

The logic is absolutely laughable, so it must be a joke. All systems fail, so all systems must be backed up. But what has 'backup' have to do with security? Thats recovery, not how to keep malware out of the system in the first place. I suppose all home users would rather "recover" their systems every other day rather than to do what they really want to do, like write letters and organize their photos. This poor guy needs help if thats how he thinks things should work.

catch NullObjectBetweenEarsException { (1)

Valar (167606) | more than 8 years ago | (#14651753)

What is wrong with you? Security doesn't matter to home users? I've spent a tremendous amount of time doing 'volunteer tech support' for my friends, family, coworkers, etc fixing windows machines that got hosed by XYZ windows worm. None of them are, I would say, pleased to lose their data on a regular basis. I always tell them that next time they buy a computer, they should consider an apple, because it is the easiest system out there that also has an _acceptible for home use_ level of security i.e. they won't get hosed by the next worm that passes through their subnet. Everyone of them is incredibly pleased once they realize their system has worked, without being put in the shop, for longer than any other system they've owned.

Who Wrote this? (0, Flamebait)

slashbob22 (918040) | more than 8 years ago | (#14651764)

That sucks, but: UNIX rocks,

Since when is this an acceptable and objective way of writing an article? Frankly, you may as well, use pointed four-letter words you may get your point across better. This person needs to revisit a dictionary to improve their vocabulary. Or at very least write an article that doesn't sound like it was written by a 10 year old. I do like the credibility of 10 years of experience but:
Like um, I'll never visit your site again, Dude.

He's just a kid (4, Informative)

BlueQuark (104215) | more than 8 years ago | (#14651785)

Thomas Halwedra is a young'in with very little real world experience and any practical experience. They kid is in college and has a bunch of machines at home. I think he takes an extremely simplistic view of windows and unix security.

His 'OSNEWS' bio: http://www.osnews.com/editor.php?editors_id=11 [osnews.com]

I was doing systems programming on UNIX BSD 4.2 Tahoe when he was born. :-)

I am surprised that his article was even published/posted, I can't really even see his argument or what point is he trying to make. Oh that's right he's a 'managing editor' WTF?

Back to work.

Re:He's just a kid (1)

eronysis (928181) | more than 8 years ago | (#14651936)

You are absolutely correct. This guy is a greenhorn(putting it politely) If you read his Bio and compare to the articel he is clearly confused as well....

Diseases that kill their hosts don't spread well (1)

Dr. Manhattan (29720) | more than 8 years ago | (#14651794)

There's a reason most malware doesn't delete files and such. It keeps them from spreading. To spread you need infected hosts out there infecting others. If you clobber a users files you alert them to the problem and they take steps to clean out the problem even if the malware is still running after deleting everything.

See, for example, this thread [google.com] .

Successful malware tries to hide itself and keep the user from noticing anything's amiss. This is much much harder if you can't subvert the OS.

A real issue, but with an obscure solution (1)

Eli Gottlieb (917758) | more than 8 years ago | (#14651800)

The issue in this piece is that the Unix security model allows viruses and crackers who break into a user account access to that user's personal files, which the editorial presumes are what the user really cares about.

This is a very good point. Due to the cracker/virus having the same exact privileges as the user who was infected, it/they get access to that user's files via UID. Other than setting up a special account to browse the net with, there is no solution to this problem on a Unix system.

Or is there? Capability-based systems have never had this problem in the first place. On a capability-based system, you would run Thunderbird and Firefox under your own username, but only with the capabilities to a small whitelist of files and directories you want to allow access to and limited privileges to even those.

So let's open an email virus on Capability-Thunderbird...

Thunderbird caps: mail-spool file, read and write. User settings file, read and write.
Open a virus... Virus inherits its capabilities from Thunderbird.
Virus tries to open for writing: "Johnny's First Day of School.jpg"!
Dialog box: Do you want to allow Thunderbird to open "Johnny's First Day of School.jpg" for writing? If so enter your password and press Yes, otherwise click No.
User wonders why the heck Thunderbird is trying to open his innocuously named pr0n file...
User thought he was just opening an email from his mother.
User decides that he doesn't want his mother sending him a virus that will tell her about all his pr0n and clicks "No" in Dialog Box.
Virus is unable to open the file it wants. It crashes and burns due to impotency.

And so the user is able to run things with a bit less fear.

Is it really the OS or the people who use it. (1)

Coreigh (185150) | more than 8 years ago | (#14651808)

I'll grant that the default settings in almost any OS are more secure than a given Windows product. But after all the proper tweaks are made is there really a profound difference for the lowly end user?

Cookbook recipe for secure UNIX home system (1)

SpaghettiPattern (609814) | more than 8 years ago | (#14651810)

Cookbook recipe for secure UNIX home system.
  • Install any popular *NIX distribution.
  • Configure firewall to disallow almost anything.
  • Configure a mortal user ID for every user.
  • Don't login using root.
  • Sleep quiet at night.

Let's get off our uber-leet high horses (0)

Anonymous Coward | more than 8 years ago | (#14651811)

I see a few comments aready critising the article. I think these people have missed the point. This article is not about you... this article is about the average user.

To the average user school picture are much more important because they are irreplacable. If their computer is dead, the average user will either take it to BestBuy, call their nephew, or buy a new computer. Each one of these options bring the system back to a usable state sans their personal files.

This is why transparent backup systems are starting to take off. They are overpriced and generally stupid and not geared for an "enterprise" environment... but they are great if you want to keep secure your 500mbs of photos taken with your digital camera.

Yes, you should have physical backup. Yes, you shouldn't click on porn or warez links. Yes, you are an idiot if you run random executables. That doesn't change the fact that to the average user, their files are invaluable and the OS is just something that they have to deal with.

Please try to keep this in mind while making your, "TFA is teh suxors. Linux rox." comments.

p.s. to the guys making fun of the author about not distinguishing between unix and linux. I think you are missing the forest for the trees. The everyday computer user doesn't care about security. The average user doesn't care about best practices. They may say they do because of some vauage fear about hackers and virii but when it comes down to it... they care about:

1) Personal files
2) teh intraweb
3) playing games (solitare) ..oh and making christmas cards with their inkjet...

Not true at all (3, Insightful)

blakestah (91866) | more than 8 years ago | (#14651824)

There is nothing special about UNIX or linux that makes it immune from viruses.

However, in UNIX culture, there is something. The first rules of security.
First, the default installation should not act as a server operating system. The system should not respond to ANY outside requests for anything unless enabled to by the system admin.

Second, no action on the system should be performed with any more than the minimum set of privileges necessary. Everything should be done with user privileges, not system privileges, unless absolutely necessary.

The use of these basic security rules applied more or less throughout the UNIX world, and for MAC OS X as well. Windows INTENTIONALLY ignores these rules in order to "maximize the user experience", and in doing so spawned a multi-billion dollar anti-virus industry.

Two Words (0)

Anonymous Coward | more than 8 years ago | (#14651847)

Arse.
Wit.

Jesus (1)

Toreo asesino (951231) | more than 8 years ago | (#14651856)

This argument is as old as the hills. UNIX is good to nobody if they can't use it. - more secure or otherwise. Windows has the usability; UNIX has better security. Security in Windows isn't perfect, but not too bad either these days. Windows can talk to my digi-cam with a kernel recompile. Fedora core can't. Shame.

Hmmm (1)

trauma (62841) | more than 8 years ago | (#14651867)

I've been saying somehing similar for years about various desktop operating systems, but IMHO the author completely misinterpreted the significance. It has nothing to do with the particular OS used in the example; it has everything to do with the difference between machines used in a mission-critical environment and machines used by an individual on his or her desktop at home. For production machines, the integrity of the OS and the uptime that comes with that integrity is of paramount importance. Unfortunately for the average home user, the OS is exactly the most expendable and easily-replaced thing on a machine, and efforts to protect it at the expense of user files are laughably misguided. It's shameful that nobody sees this for the most part, and every new OS protects itself more and more fervently and leaves the users more and more on their own regards the data they care about.

Of course in the *nix world the blame all falls squarely on the users, since they are the poor misguided souls trying to use a server OS on the desktop... ;)

One GIANT Troll (0)

Anonymous Coward | more than 8 years ago | (#14651873)

Don't even bother reading it. The author is a *nix troll and editor at OSNews. From time to time they release a flame bait opinion piece to attract users and comments.

Nothing to see hear; move along.

content meme's gone wild! (1)

mr.dreadful (758768) | more than 8 years ago | (#14651935)

This is the latest of several editorials written lately about Mac users being complacent about security. Regardless of the merits of the argument, this is sort of the "me too" editorial that seems to on the rise these days. It was interesting the first time I heard the theory, but spare me the copycats who do nothing to expand on the basic premise.

So basically: (1)

Tweekster (949766) | more than 8 years ago | (#14651943)

he thinks Unix sucks because it cant completely protect the home directory, but can protect the system files... as opposed to windows where the attack would wipe out both... basically if you backed up those photos you will never look at, you lost nothing with the unix system and have to rebuild the windows system... I dont get it...not having to rebuild a system sounds better to me (while losing files) than losing the system and the files)

Huh? It's the applications, stupid. (1)

Corgha (60478) | more than 8 years ago | (#14651946)

"One of the biggest reasons for many people to switch to a UNIX desktop, away from Windows, is security."

Huh? Maybe that's the talk among the amateur kiddies on IRC and Slashdot.

However, of all the professionals (Software Engineers) and academics (Linguists, Sociologists, etc) I know that use UNIX desktops, not one of them has told me they use it for the security -- they use it for the applications. Security is an afterthought for most people. Instead, they use it because it offers an environment in which they can most easily do the things they need to do on a day-to-day basis.

They want their bash and their xterms and their emacs or vi. They want their compiler. They want their statistics package. They want to munge some data files with a quick perl script. They've built business logic around shared NFS directories to help in work review and sharing. In short, they want to get some work done.

Sure, the sales people still want their Windows and their Powerpoint and Outlook. And there are whole fields of programming that revolve around Windows. But there are a lot of people who just don't intersect that world, and for whom Windows is mainly a platform for games and photo sharing at home. Either way, the choice of platform is about what you want to do. Security is just something you do to make sure nothing interferes with what you want to do.

Separate Accounts (0)

Anonymous Coward | more than 8 years ago | (#14651970)

If I'm Johnny Home User, and it's my Linux computer, and I want to mess with sketchy content like pr0n, warez, etc. maybe I ought to create a separate non-privilged account for my dirty work. That way if I get bitten by a nasty thing, it only trashes my pr0n account.

(Oh my god! I lost all my pr0n.)

Security?! (2, Insightful)

Jezza (39441) | more than 8 years ago | (#14651982)

Err, this isn't security we're talking about here. Security isn't me not losing "my stuff" (a disk crash can do that), secuirty is YOU not stealing "my stuff".

For most home users THAT'S important (bank details, order details, hell even my address and phone number). You imagine how well a phishing attack would work on most users if they knew about open orders (from say Amazon) by reading your files. I think that's much more important to most users!

Of course we all backup our files! Jeesh this is /. we're not a bunch of egotictical morons ;-)

He misses a big benefit for a "Family Computer" (3, Insightful)

petard (117521) | more than 8 years ago | (#14651989)

But what is more important to a home user? His or her own personal files, or a bunch of system files? I can answer that question for you: the pictures of little Johnny's first day of school mean a whole lot more to a user than the system files that keep the system running.

Sure poor computing practice by the user that owns the files could result in their destruction. Nothing gained versus Windows there. But in a family computer scenario, more is gained than the author admits. On Windows systems, many programs are (mis-)designed to require administrator rights even just to run them. This is not generally the case on UNIX-derived systems. As a result, accounts for family members will often be in the local admin group. So on a family computer if you give Little Johnny an account to run his software and play games, and he goes and downloads the latest malware and runs it, it can nuke your data as well as his.

Under a typical scenario under a UNIX-like system he can only destroy his homework and saved games, not your pictures of his first day of school along with them.

That's got to be a non-negligible benefit to the family user that the author completely discards.

computer security is like house insurance (1)

petes_PoV (912422) | more than 8 years ago | (#14651991)

OK, so you don't feel you need a high level of security on your PC. That's fine, but remember that come the time you wish you'd had it, it's too late. In that resepect it's like taking out home/property insurance: you can only do it ahead of time. Once you've been robbed you can't take out a policy and get paid retrospectively.
For that reason, a lot of experienced people take a "better safe than sorry" attitiude and prefer an inherently secure O/S. Obviously, if you keep nothing of value (to you) on your computer then you are correct - you don't need to stop unauthorised access, just like you don't need insurance if you don't own anything.

Unfortunately it's easier to take an inherently secure design and relax the level of security than it is to start with a system that's full of holes and try to patch them. That's one of the reasons that people with a lot to lose prefer Unix based O/S's

Bravo (1)

Cytlid (95255) | more than 8 years ago | (#14652013)

Author, you took one facet of security and tore it apart. Good for you. Yes, Windows can be highly secure, let's say, given the correct group policies.

Ooooh but wait a minute. A typical home user wouldn't be concerned with group policy. Let's please compare apples to apples, or at least try.

I think we should replace the word "security" with "awareness". I am aware of certain things, so I run my Windows XP pro laptop a certain way. I choose Linux for my home workstation. A typical home user isn't aware of certain things, so of course it doesn't make sense for them to use Linux.

Here's an example. I'm not aware of how to drive a typical standard transmission automobile. So if my goal is to get to work on time, I won't pick that as my method of transportation. I stick to what I'm comfortable with, and what I'm aware of. When I become more educated with a standard transmission vehicle, I will be more aware of what's involved. Until then, feel free to call me Mr "stick-shift idiot". In fact, I have a rough time getting to work on time with an automatic transmission vehicle... perhaps I'm a getting-to-work-on-time idiot as well. But I can do some slick stuff with computers.

But a home user aware of a certain number of things, can be pretty secure. Even in Windows.

And to make my point clear, "awareness" isn't a strict number, in fact, it fluctuates daily. Noone can be 95% "aware". If you're "aware" of a flaw in my system, and I'm not "aware" of it, then I'm not really secure am I? No matter what OS I'm running.

Good article for 1982 (4, Interesting)

SuperKendall (25149) | more than 8 years ago | (#14652015)

Security issues have moved on a little since the 80's, where his point of view is from - very few security breaches today result in loss of data, because computers are really more valuable as zombies and so not many viruses really attempt to mess with much (even the most recent public example of a destructive virus on WIndows was pretty much a dud).

Another thing he does not account for is time. Time is a valuable commodity to all users, and anything that can prevent a virus or spyware from reaching further into the computer reduces the amount of time and knowledge needed to remove probelms from the system. That is at the core the value that UNIX brings to the security equation. Not absolute protection but like a teflon pan, easier cleanup when you do create a mess.

And last of all by not explicitly mentioning how much more inherantly secure UNIX systems are that start off with a base of no open ports are. Sure spyware and viruses can get in through the browser, but it's a much harder attack route than just scanning and finding a hole wide open that requires no effort on the part of the computer user to install.

In the end his rant boils down to noting that users should really back up files often - but even this message is dated, as a few years of sketchy consumer hard drives with short warranties has started to drive home this lesson in spades through failed hard drives. Forget hackers; little johhny's pictures today are in far greater peril from a simple lack of using the CD-burner.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...