1.2 Why Linux is More Secure than Windows

 Quote

b1.2.01

“Comparing the security of Linux with that of Microsoft Windows is not very instructive. Microsoft has done such a terrible job with security that it is not really a fair comparison.”


Bruce Schneier Open Source and Security 1999


The primary reason Linux is more secure than Windows is that Linux does not have an open back door so nobody other than you can modify your computer.

Open Source is a more secure developmental model

A second reason open source is more secure than Microsoft is that it is a bottom up, community driven development model rather than a top down corporate driven development model. Throughout history, very little innovation has come from the top down. The top mainly want to protect the status quo. They are set up to actively discourage change and innovation. Meanwhile, open source is bottom up in that programmers are coming up with solutions for their own problems. They then share these solutions with others and the whole community benefits and moves forward in a rapid cycle of innovation – all due to a developmental model which encourages multiple points of view. In a 2007 presentation, Linus Torvalds, the originator of Linux, used the following diagram to illustrate the difference between open source and closed source program development:
http://www.youtube.com/watch?v=4XpnKHJAok8

1.2.01

Linus explained that open source program development creates more branches to the tree which leads to more checks and balances, better decisions, more efficient merging of new ideas and a stronger, faster and more secure program. You build a better community by empowering everyone in the community.

1.2.02

Open source programs like Linux do not have to worry about bloating their programs with complex code intended solely to maintain a monopoly. They are free to write simple codes that are easier to make compatible with other software and run faster in your computer. The result is that Linux uses eight different “security modules' which protect your computer from hacker attacks.

 

 

How the Linux Security System Works

The Linux operating system consists of a “core” which is surrounded by up to 8 security modules.

1.2.03

Even if a hacker is able to break through one of the security walls, they simply run into another security wall. Because different “families” of Linux operating systems uses different combinations of walls, the diversity of Linux operating systems makes it difficult for hackers to break into a Linux computer.

Doesn’t Linux use a security system developed by the NSA?

In 2001, the NSA developed a security module which was eventually incorporated as one of 8 security modules available in the Linux core. This has been misreported in the press as indicating that the NSA somehow controls Linux. However, this module is simply a “permissions” system which itself has three levels of permissions to gain access to the Linux core. Moreover, it is only one of eight different security modules which protects the Linux core. It is nothing at all like the NSA Key which allows the NSA to directly access the Microsoft Windows operating system and change programs inside of your computer.

Security Competitions... Linux 2, Apple 0, Microsoft 0

There has only been a couple of “level playing field” competitions comparing the security of Linux with Microsoft and Apple. The first was held at a Hackers conference called CanSecWest in 2008. The competition, called offered free computers and a cash prize to anyone who could hack into an Apple, Microsoft or Linux computer placed in public view at the conference. On the second day of the three-day competition, one of the 400 attendees was able to crack the Mac security system – winning $20,000 and an Apple computer. On the third day, another hacker was able to crack the Microsoft computer – winning $10,000 and the Windows computer. No one was able to crack the Linux computer.

1.2.04

This competition was repeated in March 2013 – but this time with over $3 million in prizes available. Both the Apple and Microsoft computers were hacked. But even with millions of dollars in prizes at stake, no one was successful in taking down the Linux-based Chrome OS. Linux remains the best choice for security-conscious desktop users. What is impressive about this result is that two different versions of Linux operating systems were able to withstand three days of highly motivated attacks by of some of the world’s best hackers. http://www.zdnet.com/linux-triumphant-chrome-os-resists-cracking-attempts-7000012331/

Why is Linux so much more secure than Microsoft?

There are many problems with the Microsoft business model. One of them is that Microsoft wants (needs) access to your computer to make sure you are not using a pirated version of their software. They therefore allow programs on your computer to be changed or disabled without your permission.

By sharp contrast, changing any program on your Linux computer is not possible without you first entering your password – giving your permission for the program to be changed, installed or deleted. This difference is crucial in terms of security. One of the first steps to install a Linux operating system on your computer is creating a unique password that only you know. This is called the “root” access password. Without this password, there is no way to add or change any of the programs. However, Windows programs can be installed or uninstalled without the consent of the administrator (that is you) and without any root password. This seems to be related to the Microsoft policy of keeping an open back door to your computer via the Windows browser – a problem we will cover in more detail in Section 1.3.

Community Security is Stronger than Top Down Security

Security development is much more robust in an open development model than in a closed secret model. Linux is safer because it is open source. On September 15, 1999, one of nation’s leading security experts, Bruce Schneier wrote an important article, called Open Source and Security, which explains why open source programming will always result in a more secure system than closed source programming. Bruce uses the term “algorithm.” You can think of this as being the passwords by which programmers protect programs from hackers. “Cryptographic” refers to processes for securing data such as encryption.

1.2.05

What Bruce points out is that open source development provides more feedback to close the weaknesses in a security system. Bruce has written many books and articles on the subject of computer. To read more about his views on computer security, visit his website: http://www.schneier.com/

The problem with the Microsoft model is that it is done in secrecy. There is very little feedback and no checks and balances. It therefore results in programs which are easily hacked. Windows also leaves identity and security information exposed to hackers. Linux Mint doesn’t. You are therefore less likely to suffer from identity theft or being attacked by viruses if you switch to Linux Mint. The reason Windows computers are so easily attacked is because they are designed to be attacked.

1.2.06

Why Windows is much more likely to get Viruses than Linux

What are the consequences of Microsoft’s decision to leave an open back door on all Windows computers so that they can reduce pirating? Because this back door is always open, hackers have learned how to go in the same back door that Microsoft uses to access your computer for updates. This is why Windows computers are so vulnerable to viruses, ad ware, and spy ware. It has been estimated that the average Windows computer is infected within 40 minutes of going online. This is also why you need antiviral programs if you are using Windows. Thanks to the “open back door” in the Windows operating system, any person or any business with a Windows computer is now faced with the ever present danger of super viruses and cyber warfare.

Linux does not leave the backdoor open because they do not care where you got your copy of Linux from. Linux does not care about you making a copy of the operating system. In fact, they encourage it. There are other features that make Linux more dependable than Windows. For example, Linux uses folder, file and program authorization management. There are thus several levels of security in Linux. In Windows, you can alter critical parts of the system without even entering a password. You can go inside the system folder and delete whatever you want. Windows won't complain even if you delete critical files. Linux doesn't allow that. Every time you request to do something that has to do with the system, an administrator password is required. Many important files are hidden from view and you have to turn off file hiding even to see them. This means that viruses can't delete or modify what they want in the Linux system as easily as they can in the Windows system.

Why Windows 10 is even worse than Windows 8

The reason Windows 10 is even worse than Windows 8 is that it continues all the problems of Windows 8 in terms of having two control panels and two web browsers inside of the operating system(s) and putting a remote control kill switch inside of the startup program. But in addition, Windows 10 actually increased the file size of the operating system by nearly 20 percent – to about 30 GB! This makes Windows 10 even slower and buggier than Windows 8. One has to wonder what is in this 30 Gigabytes of Windows coding given that the Linux Mint is only 6 Gigabytes. Whatever it is, there have already been thousands of complaints posted on the Internet by folks who have “upgraded” voluntarily or otherwise to Windows 10.

Here are just a few of the thousands of complaints about Windows 10.

Windows 10 is another nightmare. Microsoft learned nothing from the Windows 8 disaster. My Windows 10 machine randomly shuts itself off, with no warning. Also, since installing Windows 10, Wi-Fi is cutting out on a regular basis.”

A woman traveling around New Zealand came home to find a bill from her wireless service provider totaling $400 for the month of August, but she hadn’t used her service while traveling. The culprit was Windows 10. Microsoft has released a flurry of updates and the Windows 10 operating system is downloads those updates automatically. The problem is that these updates continue to download when users are tethered to wireless data – costing millions of users hundreds of dollars every month in increased cell phone bills! Also, because Microsoft has opted not to tell us what's in the various Cumulative Updates for Windows 10, we don't even know what's in the fixes and updates we are getting.”

The verdict is thumbs-down. I looked in the terms and conditions, and it says the following: “We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to.”. In essence, this is saying: “We can gather ANY information from WHOEVER at ANY time”. Do you really want to give away all of your medical information to some random person working at Microsoft? How about legal papers? Do you want some worker at MS to know EVERYTHING about you?”

I just had a client who unwittingly allowed W10 to “upgrade” her W7 system. She asked me to roll W10 back to W7 because W10 was so fundamentally broken and slow it was unusable. First, the W10 All Settings menu was broken right from the get go after the W10 “upgrade”, so until I fixed that, it was impossible to access Update and Security to perform the rollback. And then the nightmare began. Rolling back did not undo W10, so no matter what I did, I could not keep W10 from redownloading and reattempting to reinstall. Searching the web, I found no solution, but did find MANY people nearly in tears with the same problem. Looking at how all this works, W10 is going to attempt to reinstall forever. Bottom line, Windows 10 is an absolute and total travesty, and rolling it back is a complete nightmare. Windows 10 is BY FAR the worst OS ever made by Microsoft, much worse than even W8.”

Getting entirely fed up with this shit, I'm very highly pissed at Microsoft! This is just completely ridiculous! Windows 10 crashed at every opportunity it got. Reboot=crash, open task manager=crash, change level on TF2=crash, open >3 chrome tabs=crash. Every crash was strangely because explorer.exe stopped responding, but it never realized it, so never stopped and restarted the process, meaning a hard reset every time! To top this, all the crashes got my system stuck in an auto-repair loop every boot. There was no way to fix this. I couldn't use the keyboard to navigate and no cursor appeared on-screen!”

I turned off error reporting at the start of win10 and it still sends like 15 error reports at the start of my PC when I have to do a hard reset because of the black screen issues. Absolutely infuriating, wake up is not working. Also when I shut down, the laptop doesn't actually shut down, the screen goes dead, the hard drive stops spinning but the light on the power button stays on.”

Windows 10 is a load of spyware, viruses, adware, and jail locks. I am not taking it anymore. I will not change to Windows 10. I am sick of MICROSOFT. Windows 10 is so bad. I took it off after one day. I had a horrible time trying to remove it from my computer. And now I have memory problems. Other people are reporting hard drive problems after removing this Windows 10, from their computer. I will never install this garbage on my computer again.”

Forced Upgrade to Windows 10

In September 2015, Microsoft downloaded Windows 10 installation files for any Windows 7 or Windows 8 user who had automatic updates enabled. That meant an additional 6GB worth of data was hiding on millions of computers without their knowledge. In mid-October, Microsoft began sending out Windows 10 update notices which lacked an option to dismiss them. Then in May 2016 Microsoft went to even greater lengths to force Windows 10 installs by violating how users expect Windows to work. After months of users getting used to avoiding a Windows 10 upgrade by clicking the “x” in the upper right corner, Microsoft switched that button’s behavior. Suddenly, clicking on the X was changed from Cancel to Consent to switch to Windows 10! Your computer would now automatically upgrade to Windows 10 with zero consent on your part. Once downloaded, Windows 10 began an automatic install without asking permission.
https://www.pcworld.com/article/3073457/windows/how-microsofts-nasty-new-windows-10-pop-up-tricks-you-into-upgrading.html

May 2017 Windows Users Hit with Wanna Cry Ransomware Virus

The Windows Open Back Door has led to serious viruses infecting Windows computers. In May 2017, the WannaCry Ransomeware virus spread like wildfire through Windows computers with Internet connections using an NSA developed attack virus called EternalBlue. This virus was used by the NSA specifically to attack and control Windows computers.

1.2.07

EternalBlue was released into the wild by a group called Shadow Brokers on April 14, 2017, along with several other NSA Windows hacks. Here is the WannaCry Ransom screen that appears on hacked computers. The cost to recover your files was $300 but rose to $600 after three days.

1.2.08

While the WannaCry virus affected mainly Windows XP and Windows 8 computers, it also affected Windows 7 and Windows 10 computers. Cybercriminals have been using ransomware like WannaCry to extort money from people all over the world. The virus encrypts all the files on your computer – important documents, photos, videos, emails – holding them hostage until you pay a ransom. Ransomware has already extorted millions of dollars from people desperate to recover their most important documents. Microsoft issued a patch the day after these attacks occurred. But a better solution is to not turn on Windows Automatic Updates because Windows updates themselves have many times crashed computers – especially older computers. Since Windows still has numerous open back doors, the only real way to protect your documents – including your book documents - is to switch to Linux.

What’s Next?

Hopefully, you now better understand why Microsoft’s days for dominating the world’s computer operating systems are numbered. In the next section, we will look at little deeper at the fatal flaws in the Microsoft Windows Monopoly.