Why Linux is more secure

By John Locke on January 13, 2006

Windows flaws keep causing trouble for most Internet users. Earlier this week I was at a meeting of a group of tech professionals in the Seattle area, all of whom work with small businesses. The interesting thing was, most of the Windows people spoke about the latest anti-spyware programs or the merits or problems with specific anti-virus software. Meanwhile, the Mac person and I were talking about ways our systems could actually help a business.

A couple months ago, I had a dialog with another computer consultant, debating the security of Linux versus Windows. While he's a competent Linux administrator, he still argued the often-cited point that Linux would be attacked more if there was more of it.

I think substantial architectural factors and default settings go a long ways towards mitigating these risks. While no computer on the Internet can be considered completely secure, having sane default policies and a heterogenous environment makes it much harder for viruses and automated tools to create vast bot-nets and the like.

Here's a nice article describing why Linux is more secure: InformationWeek | Linux Security | Linux Security: A Good Thing Keeps Getting Better | January 4, 2006

Topic

Preventing Attacks

Add new comment

Your name

The content of this field is kept private and will not be shown publicly.

Homepage

Notify me when new comments are posted

All comments

Replies to my comment

Comment

About text formats

Filtered HTML

Web page addresses and email addresses turn into links automatically.
Allowed HTML tags: <a href hreflang> <em> <strong> <blockquote cite> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h1> <h2 id> <h3 id> <h4 id> <h5 id> <p> <br> <img src alt height width>
Lines and paragraphs break automatically.

Drupal Canvas — Block HTML (locked)

Allowed HTML tags: <strong> <em> <u> <a href> <p> <br> <ul> <ol> <li>

Drupal Canvas — Inline HTML (locked)

Allowed HTML tags: <strong> <em> <u> <a href>

About the Author

John Locke is the lead developer and founder of Freelock, LLC. In addition to being a proficient web developer, he is an experienced technical writer, network administrator, and all around problem solver. He has worked with computers since 1984, and currently advises small businesses on open source software.

More Like This

Futuristic data center with people at computers connected to a central cube.

🕑Apr 12, 2025 🖋John Locke 💬1

Ask Freelock: Do I need a Web Application Firewall?

Craig asks,

Ask Freelock

🕑Jun 03, 2019 🖋John Locke 💬0

Is your host a single point of failure?

Just ran across a sad story where Digital Ocean is accused of killing a startup:

Sustainable/Open Business

🕑May 08, 2019 🖋John Locke 💬1

Assessment of May 8 Drupal Security update SA-CORE-2019-007

New versions of Drupal core dropped today, to fix a file handling issue.

After assessing the patches, statements, and risks associated with this update, we have decided this is an important update to apply, but not urgent for most of the sites we manage.

Ask Freelock

🕑Mar 29, 2018 🖋John Locke 💬3

Drupalgeddon2: Should I worry about critical security updates?

No, you should not. You should let us worry about them, and go back to your business.

Seriously, we're getting questions from all kinds of people about whether this matters. I'm a bit surprised that there is any question about that. Would you be concerned if your top salesperson was selling for somebody else? If your cashiers were jotting down credit card numbers when they charged a card? If your office became a well-known spot for illicit drug or gun dealers? If your office had a bunch of scammers squatting and running a pyramid scheme? If your confidential client information could be revealed as easily as using a bic pen on an old Kryptonite lock?

Bic Pen vs Kryptonite Lock

We've seen some variation of every single one of those scenarios. And all of them are possible with a remote code execution flaw in a web application, like yesterday's Drupal security vulnerability.

And yet people still

Ask Freelock

🕑Jan 15, 2018 🖋John Locke 💬0

Meltdown notes

The Meltdown vulnerability leaked out into public news a full week before patches were available for many distributions. When patches did become available, sometimes the patch caused further trouble.

Dev Corner

🕑Jan 11, 2018 🖋John Locke 💬1

The Spectre of a Meltdown

The news was supposed to come out Tuesday, but it leaked early. Last week we learned about three variations of a new class of attacks on modern computing, before many vendors could release a patch -- and we come to find out that the root cause may be entirely unpatchable, and can only be fixed by buying new computers.

Today Microsoft released a patch -- which they had to quickly pull when they discovered that it crashed computers with AMD chips.

Essentially Spectre and Meltdown demonstrate a new way of attacking your smartphone, your laptop, your company's web server, your desktop, maybe even your tv and refrigerator.

Meltdown - Animated — Meltdown in Action

This all sounds dreadfully scary. And it is... but don't panic! Instead, read on to learn how this might affect you, your website, and what you can do to prevent bad things from getting worse.

Sustainable/Open Business

🕑Dec 20, 2017 🖋John Locke 💬0

Another Wednesday, another round of security updates

Drupal security updates generally come out on Wednesdays, to try to streamline everybody's time. WordPress security notices come out... well, whenever whichever feed you subscribe to bothers to announce something.

Sustainable/Open Business