Is a Windows 7 x64 box running as LUA as safe/secure as a Linux machine?

Have any third-party studies been done on this question?

 

I don't know if there are studies on this. I'd say Linux is always a step ahead because it's far less a target than Windows, and then 3rd party applications used on Windows also seem to contain, collectively, more vulnerabilities than common Linux applications (someone please correct me if I'm wrong). Having said this, Windows can be made very secure using lua and some other minimal means of a security approach, common sense playing a large part in it.

 

This question, though not your fault, will just turn into one huge fanboy and "I know better than you" fest, I might as well warn you now. I don't know how many, if any 3rd party studies have been done comparing that specific setup to Linux, but I do have an opinion, backed, I believe, by pretty good experience. I believe one is just as safe as the other. I also believe running as an Admin is safe. Why? Simple, it all boils down to what YOU choose to run, what YOU choose to click on, what YOU choose to read. Linux is "safer" because of the always mentioned software repository. However, Linux can't protect you from socially engineered attacks, and neither can LUA.

Nothing out there protects you from that because those attacks rely solely on you not reading, not thinking. They don't need to worry about browser holes, OS mis-configurations, any of that. They attack and succeed because you let them. And, they are becoming the number one method of attack, if they aren't already. So, yes, you are just as safe with either one, until you decide not to be safe. At that point, no OS, no setup, no patch can save you.

 

Thank you both for stating what I thought to be true.

 

You're welcome

 

The "less of a target" point, while it was very good, is outdated now, IMHO. With the masses moving to Facebook and its ilk along with the tried and true "click here for a free *insert expensive and popular product here*" and all of the other user-based attacks, it just no longer matters what OS you use, and, to some extent, what programs you use (obviously downloading from untrusted sources is still a big, fat, stupid no-no).

 

It's as I always have been saying: Move those 100% of Windows users who always get their systems infected towards Linux. Then, let's see what happens.

The problem is that these 100% of users, by themselves, have no idea about Windows security, and that includes what the Operating System itself has to offer. And, worse, they have no idea about the dangers... until they're hit.

Would you agree with me when I say that, I don't know, say 10% of Windows users who are aware and do know their way to secure Windows, would be as protected as those Linux users?

Now, do the opposite question? Would those same Linux users be as secure, if their system was the most targeted one?

I've always heard people telling me that when they were Windows users, it always got infected. As Linux users no more. This tells me they understand nothing about securing an Operating System, and the reason their Linux systems aren't infected is obvious, I believe.

 

Maybe, but even if one uses the Facebook example and clicks on a dodgy link or application, or whatever, isn't it more than likely the exploit will be geared toward exploiting a Windows vulnerability than a Linux one?

 

If it's targeting an actual vulnerability, yes, that still stands. However, it won't stand when you open yourself up via postings on Facebook, entering your data on forged websites and so on. If you willingly, tricked into it or not, hand over data about you, including user names and passwords (on a forged website, which, admittedly there is a little protection from), then you're done, game over.

 

Linux is generally more secure "out of the box",but windows can be made as secure. People are the biggest risk to security and that can cause issues regardless of os.

In terms of viruses and a like, there are only a handful in Linux compared to masses in Windows, and yes much of that is because Windows is more main stream.