The Linux community has an excellent reputation for providing fast support and fixes for security holes when they have occurred, primarily because there are a large number of well-informed people around the world who can provide input into any potential security problem and patches can be quickly released for the Linux community to test without having to deal with the cumbersome administration that the major Unix vendors have.
Recent experiences with bugs such as the 'ping of death' and teardrop TCP/IP attacks have shown that Linux had patches released within hours of the security hole being publicly announced (usually via bugtraq). Microsoft and the major Unix vendors took up to several weeks or months to release patches to their operating systems.
A recent write-up in Wired looked at the open development of Linux and FreeBSD and how that assisted the rapid release of fixes for the bonk hole.
The open nature of the Linux source code has meant that the Linux community has been able to audit and plug many potential security problems in advance.
The security advantages of Linux as a free operating system include:
Linux has excellent support for a variety of sources, including USENET, user groups like LUV, commercial resellers of Linux (eg. Caldera and Redhat) and consultants, and you can now obtain phone support for Linux from a number of sources.
Have you tried getting phone support from Microsoft recently?
sendmail - love it or hate it (probably hate it) - it is the most widely used MTA (mail transfer agent) in the world today, and has been for over a decade.
It is big, it is complex and highly configurable, meaning that a wealth of security holes have been discovered over the years, leading to a bad reputation in some circles.
It certainly seems to be secure these days - there has not been a major hole found in it for at least three weeks, but you may want to consider one of the alternatives, such as smail or qmail, which is gaining a reputation as an highly secure, free MTA (but lumbered with a restrictive distribution licence).
A program called bliss has demonstrated enough properties to be classified as a virus, and runs under Linux. It does require the root user in order to infect any system binaries.
While it is possible to have DOS viruses inside a DOSEMU window, Linux does not execute DOS or Windows programs, removing the risk of infecting your Linux system.
Possibly true :)
One of the strengths and also one of the weaknesses of Linux is the myriad of distributions that exist for it, with at least five major distributions at the moment (Debian, Redhat, Caldera, SuSe and Slackware). This means that different Linux distributions ship with varying levels of security and have different levels of committment to keeping their customers up to date with security information, patches and upgrades.
Both Redhat and Debian have demonstrated a very strong committment to both shipping a secure product and rapidly releasing security upgrades whenever appropriate (to the point where they shame every other major Unix vendor).
The committment of some other distributions has been somewhat less impressive.
Possibly true - what's your operating system?
If you want to compare security ratings, Linux does not have a C2 security rating. This means that there are more secure computer operating systems available than Linux. However, they are normally designed for high security environments (such as banking) and cost squillions.
Based on the number of Bugtraq reports over the last two years, Linux has matured into one of the most secure Unix flavours, and is certainly more secure than HP/UX or Irix.
Windows NT has a C2 security rating, but only when it is not networked. Very useful.
It has been argued that a non-networked Linux system could achieve a C2 rating if someone forked out the $$$ for the validation tests.
Prev | Home | Next