Why switching OS platforms is not a security fix

Why switching OS platforms is not a security fix

The Mac platform now finds itself in the crosshairs of malware developers along with Windows, but that isn't a reason to switch to Linux.

Article comments

It has been a rallying cry against Microsoft Windows for years: to avoid malware and security issues, just stop using Windows. The mantra has traditionally been embraced by both Mac and Linux users, but as Mac OS X users deal with the fallout from the Flashback malware attack, some Linux supporters are turning the tired attack even against the Apple OS.

Admittedly, the Mac OS X platform is realizing some of the negative consequences that come with mainstream adoption. The rising prominence of the Mac OS has made it an inviting target for malware developers. Switching operating systems is not the answer, though.


Granted, Linux is much less likely to be attacked by malware. But, that reality is as much or more a function of the relative obscurity of Linux as it is a function of the Linux OS itself. Being less targeted is not the same thing as being more secure.

It's no secret that I'm not confident in Linux as a mainstream desktop OS. I like Linux, and I think it's a great operating system, but its strength is also a fatal flaw when it comes to broader adoption by consumers or businesses. The diversity of Linux distributions makes it virtually impossible to even define what a Linux desktop is, or get any consensus that hardware and software vendors can rally around.

But, this is not about Linux. This is not an indictment of, or commentary on Linux as an OS--or even the relative security of Linux. This is about the silliness of suggesting a platform switch as a security solution.

The strategy reminds me of the "you're holding it wrong" approach Apple took in responding to the iPhone "AntennaGate" issue, or tips to disable location services or turn off WiFi capabilities as a "fix" for poor battery endurance on a smartphone. Limiting functionality or using it differently isn't really a fix, and neither is switching operating systems.

Suggesting that users switch to Linux as a "fix" for the security issues faced by Windows or Mac OS X is a little like suggesting that users buy a Honda vehicle as a "fix" for Fords being stolen more frequently, or suggesting somebody switch banks because one bank has been robbed less than another. Linux, Windows, and Mac OS X are all operating systems, and they each have pros and cons--but they all have security weaknesses.

Is Linux inherently more secure? That is debatable--as evidenced by the frequent debates on the subject. There are certainly some things about the core operating system that may make it harder to exploit with some attacks or malware. But, the "most secure operating system" is the one the user is most familiar with so they know what security controls are available and how to use them.

Dave Marcus, director of advanced research and threat intelligence for McAfee, points out that the security model of the Linux OS won't necessarily protect it against common malware attacks. Phishing attacks, Trojans, and other malware exploits that target data can hit the jackpot just fine without having to escalate privileges or obtain root access.

Security is more a result of user awareness and behavior. Risky behavior is risky behavior regardless of the operating system.

The reality is that Linux is not more secure. It is simply less targeted. The fallacious belief that it is inherently secure is the same sort of faulty logic that's getting Mac users in trouble now. The Mac culture has been conditioned that security is not an issue, and now that the OS is being targeted by malware attacks the users are unprepared to recognize or respond to threats.

The OS itself is becoming increasingly less relevant anyway. The Flashback attack exploits a Java flaw. Many malware attacks go after Adobe Flash, and other fairly ubiquitous applications. Third-party software is often the weaker "low-hanging fruit", and cross-platform tools like Java and Flash offer a wider potential pool of victims.

Running away to a more obscure, less targeted platform is only a viable solution as long as the platform remains more obscure and less targeted. Consumers and businesses have to face malware threats, and find ways to secure and protect PCs regardless of what operating system they're running.

Share:

Comments

  • Yves Legault The reality is in the eye of the beholderWho knows the inner working of MAC OS-XIt is not accessible to users Sell your soul to the devil firstWho knows the inner working of WindowIt is forbiden for users to even try to learn how the damn thing works Read the EULAWho Knows the inner working of linux- Anyone that knows how to read and has an interest in it can find outThe perfect OS makes itself invisible The mere mention that one has to know the OS to figure out security is well handled is not even taking into account that almost no one really knows the first thing about security to start withHow can one state that linux stuff is obscure IT IS OPEN-SOURCE Everything is available for consultationtestupgrademodificationconfirmation that all is as needed For users that know what they want it is the only way they have Fortunately there are several flavors of linux that encompass many field of activities from house automation to multimedia center to integrated development systemLinux an offspring of UNIX has inherited the flaws and advantages of it - As a flaw I would state the propention of UNIXlinux gourous to make scripts and run them from a terminal window for most everything they need from their machine- As an advantage I would state that UNIX and most of his linux descendants are built with security in mind from the ground upIn the end I know of no MAC or Window machine that can run 2 or 3 years non stop upgrades includedAlmost every mission critical application run the world over do include a version or another of UNIXlinuxUntil it was retired the life support sistem aboard the space shuttles was running a hardened version of RedHat linux The american could not ask their astronauts to hold their breath for the 3 minutes it takes to reboot WindowCurrently almost 70 of all internet is running on linux Counting UNIX we exceed the 80Reality MAC and Window are there for the money And it shows a lotButSwitching OS is not a security fix It is trueKnowledge discipline and paying attention are the real answer
  • Daniel Ryslink First of all I dont really like calling Linux an obscure system It may be obscure to you because you feel that it consists of parts and subsystems that are unfamiliar to you But so do Windows and Mac but they hide them to you not to make you nervous so in fact they are much more obscure OS - so obscure that you dont even realize it Do you want a proof Just open your task manager look at the processes and try to tell what each of them does Or sift through registries and try to understand the meaning of the values stored there Compared to the mess in registry Linux offers a relatively well-commented comprehensible configuration files And consider the fact that Mac OS is in fact a BSD Unix based system so you will probably find a lot of similarities in configurations and directory layout - once again obscured from your troubled eyes by soothing simple windows and pastel colorsConcerning the security of the systems themselves you must first define what a secured system is and how it should be properly maintained Clearly a secure system is build on robust components those not prone to buffer overflows and various other exploits designed with security in mind and not as an afterthought Support is also extremely important - are vulnerabilities published are advisories issued in time how fast is the response of the maintainer to newly discovered vulnerabilities how easy is to install the relevant patches etc This all comes from those who design said systems and in some cases switching OS actually IS the right thing to do despite the correctly stated fact that user behavior and awareness is also an important component of the overall security of a given system
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *