# Why Linux is better than Windows or macOS for security



## vejnovic (Feb 8, 2018)

https://www.computerworld.com/artic...etter-than-windows-or-macos-for-security.html


----------



## k.jacker (Feb 8, 2018)

No offense, but why not post such things on fb where they belong?
This is a FreeBSD forum after all.

This is not even a question just another starter for a useless thread.
It’s Off-Topic but still...

Sorry, but I had to say it. It’s nothing personal. It’s just getting to much.
Maybe the forum needs a function to ignore a whole topic 

I did not even klick the link, so if the article is good and worth reading I appologize in advance.


----------



## drhowarddrfine (Feb 8, 2018)

k.jacker Careful. For the first time in 14 years, I was banned for 30 days for saying such things here. I mean, I know it's in the forum rules that talking about other operating systems is off topic here but you can't say that, I guess.


----------



## k.jacker (Feb 8, 2018)

Thank drhowarddrfine. I have to admit I was aware of the risk but felt I just have to post.
Clearly it’s not my business to deal with this and inside of me I really feel everybody should post, write and act as he/she wants.
Those sharing wars however, just to start whatever discussion are really annoying on a forum like this one.
Many thanks man, I will better keep my mouth shut in the future.


----------



## SirDice (Feb 8, 2018)

Horrible site, can't even cut 'n paste quotes from it...

Anyway, the writer seems to confuse risk and security. There's a statement that the security of an operating system depends on the size of the install base. This would be incorrect, the security of a system doesn't change, the amount of risk does. Because you're a bigger target you are more likely to be attacked. But this doesn't change the inherent security of a single system. You just get attacked more.

Suppose 10% of attacks are successful, regardless of the OS. If you have 10 machines with OS Y (purposefully not using X here) and 100 machine with OS Z. Only one machine with Y is infected, compared to 10 on Z. Looking only at those numbers you would, incorrectly, deduce OS Z is less secure than OS Y because there are more infected machines with OS Z.


----------



## ronaldlees (Feb 8, 2018)

I suppose the OP sees the open source relationship as an implicit declaration of FreeBSD being in the same camp of security as Linux, and hence a legal forum thread.  But, probably not.

I agree with SirDice in that the article author confuses some terms.  The likelihood of a breach is higher on systems that get attacked more.  If you lived in a Gaelic castle, and every day the Huns amassed outside of the moat, and quite a few of them managed to swim past the alligators,  you'd start putting sharp sticks in the moat, in addition to the alligators.  Since Windows is the massively attacked system, and the rest of us live in the forest, and only have to deal with a Hun or two, I have no doubt MS has put sticks in the moat.  Probably, the base, core security of Windows is pretty good, cuz it's them that's getting attacked.  But - alas - other problems with Windows let some Huns in sometime.

I feel better living under the trees down the road from the castle tho   

_PC Note: use of term Hun is not meant as slight to modern, Northern Europeans_


----------



## CraigHB (Feb 8, 2018)

It do agree it's kind of off topic for this forum.  Linux and FreeBSD only have a Unix like, open source environment in common.  Though FreeBSD is pretty much "pure Unix" being a direct descendant of the original AT&T Unix.  Linux is only "Unix like" rather loosely following those standards FreeBSD adheres to more strictly.

In any case that's a good point about risk involved.  A system like Windows could be as secure as humanly possible, but the fact it's ubiquitous and the one out there on the front line its faults are much more evident.  I do like the lower risk factor of FreeBSD.  Being small has its advantages.


----------



## Deleted member 30996 (Feb 9, 2018)

When I saw the title I thought my buddy Ninja_Root must have authored this thread.

But he's become a productive member now.


----------



## scottro (Feb 9, 2018)

I feel I should point out to ronaldlees that alligators probably wouldn't be able to survive in an outdoor moat in a Gaelic country.   
Seriously, these forums don't get overloaded with extraneous posts, and relevance might be best judged by how many members are finding it interesting.   As we've had two page threads on systemd, and other Linux-bashing threads, there is probably enough interest, if only because it gives members a chance to criticize Linux.  

Trollishly yours, (but I stand by my statement about the alligators)

Scott


----------



## CraigHB (Feb 10, 2018)

I actually find the Linux bashing threads interesting.  I read ~all~ of the systemd stuff on this forum.  I was a pretty loyal Debian user for a long time.  I'm mad about what they did to it.  It's like I lost a good friend because he turned into an a-hole.  When I read people bashing the Linux based systems I don't feel so bad about losing it.


----------



## scottro (Feb 10, 2018)

Well, judging by the length of such threads, you're not alone.


----------



## xchris (Feb 12, 2018)

heh:

It's 2018 and You Can Still p0wn Your Linux Box by Plugging in a USB Stick


----------



## ShelLuser (Feb 12, 2018)

Ah, the well known "_this OS is better than the other, but they're actually all the same too_" kind of article. Every time I read about "Linux" and "security" I can't help immediately think back about this article:

https://www.theregister.co.uk/2017/11/20/security_people_are_morons_says_linus_torvalds/

I thought it was funny because a few weeks later Torvalds apparently apologized for his choice of words. I can only assume Google wasn't too happy 

Oh well, I'll just leave this here:



> Torvalds post explained his attitude to security, namely that “security problems are just bugs” rather than opportunities to change the way the kernel behaves.
> 
> “The important part about 'just bugs' is that you need to understand that the patches you then introduce for things like hardening are primarly [sic] for DEBUGGING.”


I guess no one ever told Torvalds that bugs or not: the time between discovery and patching is the time when a system is vulnerable, and if you have a safety fallback (even one which would crash parts of the system) then it's still a lot better then having your system overrun.

Not sure if this comparison is correct but I always compare it to FreeBSD's kern.securelevel setting. When I set that to 2 then I can be sure that X will completely break down. Unacceptable according to Torvals (if I understood him correctly, it's sometimes hard for me to follow if I have to go through shouting, ranting and name calling which I'd associate with a 10 year old), but unacceptable or not: it would still keep my system safe(r) from intrusion attempts.

Are we sure Linux is really safer? 

I sure have some doubts to be honest.


----------

