Why is Ubuntu more secure than Windows or Mac OS X?

Please give some solid reasons.


Linked Question

  • How safe is Ubuntu?

  1. Windows has had a single-user ethos for a very long time. Even with the invention of NT and a role/privilege system, default installs would plonk users as king of the hill. Their account (and, more importantly, anything running as their account) could do anything to any file without a check.

    This is huge because any application, any exploit in an application could run as Administrator.

    It's only since Vista where that's trying to be reversed and tightened with things like UAC...

  2. Source access is a double-edged sword. Open source enthusiasts usually tout security but it does also let people right into the system. They don't have to report anything they find, they could just write exploits for the hole.

    Thankfully, most people do report any flaws they find. Even better is they sometimes include patches that can be immediately tested and distributed.

    The turnaround for patching security holes does seem shorter than closed source software.

  3. There are just fewer of us.

    Sounds bleak but there are fewer people using one particular open source application. It's hard to justify writing an exploit, trojan, worm, etc when you could write one for Windows in the same time and catch a lot more people.

But we can't be complacent. There's no reason why a trojan or worm can't work in Linux. A malicious app running as a limited user can still do a whole load of damage. And the real flaw in all of this is the users.

Users are idiots who can be convinced to do almost anything if you dress it up with enough pomp or make it look like they're going to get something worthwhile from the process.

Read: Linux isn't invulnerable. Don't say it is. (Disclaimer: my post, my blog)


IMHO:

  • Windows was designed, back in the day, as a single-user system. Linux, on the other hand, was built with a multi-user architecture.

  • In Linux, all your system files are owned by root. They're locked down and can not be edited by the casual user. Windows gives free range to the system files.

  • Windows UAC is the current implementation to restrict access to these system files and settings, it's a patch to try resolve a fundamental design flaw. Linux has this security built in from the ground up, making it more reliable and tightly integrated into the user experience.

  • It is Open Source, which means the code can be looked over by anyone (mostly developers). This is Linus' Law, which states that "given enough eyeballs, all bugs are shallow".

  • A default Linux install is locked down: only essential services start. Windows used to have many exploitable services running (but they've tightened up on that front a bit).

We can't judge just on OS alone, plenty of security flaws relate to bad user practices, social engineering and just plain ignorance. A chain is only as strong as it's weakest link.

Also, regardless of OS, no system is secure if you have physical access to it ;)


More secure than Windows:

  1. Privileges

  2. Social Engineering

  3. The Monoculture Effect

  4. Audience Size

  5. Number of "Eyeballs"

For more explanation about the above points please refer pcworld.com/why_linux_is_more_secure_than_windows