What's the difference if I use Windows 7 as a Standard User vs if I use ubuntu?

Ubuntu is secure for various reasons, one of them, a major one I believe, is that when you try to install a software/app via terminal/store an authentication box pops up asking you for your password.

I'm a long-term Windows user, unfortunately, and there are 3 types of user accounts in Windows; Administrator, Standard User and Guest.

If I use the Standard User account to do my tasks in Windows 7 then every time I need to install a software an authentication box will pop up asking me for my Administrator password, similar to ubuntu somehow and a security plus for Windows.

Since both ask for a password then what's the difference if I use Windows 7 as a Standard User vs if I use ubuntu?


… what's the difference in security …?

In terms of the authentication and filesystem permissions, honestly, not much. We can wax lyrical about policykit and sudoers but these are just technicalities. Windows has had equivalent mechanisms for well over a decade.

The core difference was in default settings. A normal, just-bought-a-computer Windows user would have full system write access. No prompts. No UAC. Even though XP could be locked down, its users were indoctrinated into just being able to do stuff, permissions be damned.

Microsoft has —despite constant resistance from veteran users— improved on this over time.

But the important thing is that users are still, statistically speaking, idiots. If they want something (a repo for a graphics driver, a batch of screensavers, or even dripping wet Warhammer figurines) they're probably going to click the closest thing to Okay! Just install it! until they have what they want.

A few years ago I wrote how Linux isn't invulnerable. Exactly the same applies to Windows, even today.

Don't get me wrong, Ubuntu still has a lot on its side:

  • Open source is the big one. You can view almost all the code running on your system (except binary blob drivers and firmwares).
  • Ubuntu also has its repositories which are maintained by trusted developers. These make a lot of software available in a safe environment without users needing to go fishing.
  • The same mechanism provides system-wide security updates. For non-core software, Windows relies on applications updating themselves.
  • Mechanisms like AppArmor and SELinux to sandbox applications, limiting what they can touch.
  • A smaller user-base has traditionally meant we're a less juicy target for malware creators.

These are all things that can be sidestepped... 0-Day exploits still affect us and a targeted attack on a user or demographic is just as likely to succeed if everything else is equal.


The most modern linux distribution use a very adjustable and highly configurable tool called sudo. You may have already heard of it. In Windows, when installing a program you have to provide the Adminsitrators password.

In Ubuntu the Administrator user (root) is defaultly deactivated. You even don't know his password, no one does, until you changed his password with sudo. A user may gain root priviledges for a short amount of time or for a single task (installing a program for example). This user must have the rights to use sudo (configured in /etc/sudoers). With sudo the program that is executed is executed as the root user.

Then in graphical sessions driven by gnome, there are other mechanisms to do administrative tasks. One of them is policyKit. There is a daemon running in the background with root priviledges. If, for example, a user wants to shutdown the machine (what only root can) the user talks to this daemon through a secure context (called D-Bus). If granted, the daemon executes the the system's shutdown command. Those rules are defined in /usr/share/polkit-1/actions/*.

Gnome often comes with a single-sign-on solution called Gnome Keyring. In this keyring your credetials can be stored. When you authenticate via a network share (in nautilus for example) you will be prompted for a password and there is a checkbox to remember you password. That will be stored in the keyring, a database protected with a password. This database will be unlocked during a graphical login process via PAM.

Then there is AppArmor that is based on SELinux. AppArmor defines profiles for different applications running on the system. Those profiles handle and restrict the access that a specific application needs.

All those mechanisms are also implemented into Windows operating systems. Just in a different, less transparent way.

I can really recommend some lecture of the above mentioned mechanisms, to understand how they work together.

References:

  • sudo
  • policyKit
  • Gnome Keyring
  • PAM - Pluggable Authentication Modules
  • AppArmor
  • SELinux

Please consider that Operating System security involves more than prompting for passwords. In fact, password are the weakest form of security because it is simply a shared secret.

In both Linux and Windows there are several controls that safeguard your protection from remote crackers, like system execution policies that monitor what programs are allowed to do and take action when they violate a policy (like DEP in Windows (sort of) and SELinux in Linux) preventing the cracker from executing malicious code. Additionally, firewalls help to fend off attackers; and both Windows and Ubuntu have firewalls preinstalled. Unfortunately, in Windows it is possible to simply turn off the admin controls by suppressing the UAC prompt and for all intents and purposes run as if you are the administrator on the system, like in earlier versions of Windows. These are just tools and ways to implement a system securely, and none of them address one core problem of all proprietary code: code quality from a security perspective and intentional back doors (as we have learned from certain former NSA contractors).

One reason Linux and other Open Source operating system are more secure is that all the code is peer reviewed. This means that many people can and do review popular code in the open source ecosystem, much like the scientific community review each other’s research. Under this transparency it would be virtually impossible for a government or subversive organization to implement a back door to your system. Nor could the distributor of a system collect unwarranted information about you without the community being aware of it. This openness has demonstrably resulted in a higher level of security for open source software. This applies to other attributes of the open source code as well; like performance, and stability, except where the community is operating under an imposed disadvantage where, for example, a corporate entity refuses so share the specifications of some hardware, making it difficult to build drivers effectively.

FYI: Windows Security Flaws Doubled in 2013, Windows 8 the Most Vulnerable OS | Softpedia News