Which desktop operating system is most secure?

Discussion in 'polls' started by Hungry Man, Mar 13, 2013.

?

Which OS is most secure?

  1. Windows XP

    3.3%
  2. Windows Vista/7

    18.7%
  3. Windows 8

    18.7%
  4. Windows (Other, post which)

    0 vote(s)
    0.0%
  5. Ubuntu/Fedora Derivative Distros

    11.0%
  6. Linux (Other, post which)

    33.0%
  7. OSX

    6.6%
  8. Other

    8.8%
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Wondering which OS you guys think is most secure, specially those designed for desktops ie: not Android/iOS/etc.

    I've put options that I can think of, separating Windows versions and separating out the two most popular Linux versions/ derivatives.

    Please explain your choice/ if you use "Other" let us know which.
     
  2. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    LOL. Out of so many members here, I would least expect such a poll to come from you HM. I wonder what's up though? Project, research or just for fun?

    I would most likely refrain from voting but I guess it would be a fight between Windows 8 and Linux (can't estimate which specific distro).
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Mostly just curious. I know I've seen at least a few members give very surprising answers, and I'm wondering what others think. A lot of users have very different ideas about what makes an OS secure.
     
  4. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I don't really know what to vote on to be truthful. I can almost guarantee the Linux votes will shoot way up there due to the widespread belief that it's more secure than Windows "out of the box", which it isn't. Mac is no longer secure by default, so, really, my answer would be none of the above. If the question were which OS can be made more secure, I believe a lot more discussion could take place. Windows 8 could, for right now, be a decent enough answer. But we were already seeing bypasses before it was officially released, and now that it is out it will only get attacked more. Such is the way of hacking.

    As to why I believe none of the above is the right answer, well, one reason is simply that plugins are what are really attacked, not so much operating systems. Hackers get to the OS of course, but they take the easiest path which is for now plugins. Unfortunately, that means the OS doesn't matter as much.
     
    Last edited: Mar 13, 2013
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    What about operating system tools that secure plugins, though? Or models that secure plugins? The things that make browsers so secure aren't inventions of the browsers, they're simply tools of the OS leveraged in new ways.

    I'd say the OS has a fairly major effect on security, even if the entry isn't through OS services.

    I am looking for answers similar to that, or at least as well explained, even if I disagree. I just want to know what people think about this stuff.
     
  6. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Well, of course there is always EMET. But as you've mentioned many times, it doesn't see much usage by the "masses" (that I'm aware of still at least). You're right that built-in OS security can make a big difference. But, and this is a mighty big but, as long as we continue down the road of having a myriad of services running by default, ports opened by default (of which Linux is guilty of these days as well) and the emergence of social built into the OS, cloud services built in and all this "modernizing", I fear that these built in security measures won't make a lot of difference. I hope I'm making some sense. I'm worried about this idea of sticking every toy and "service" like media stores, cloud storage and such on an OS. Many people, in fact most probably, see bells and whistles. People like me, if I'm not alone in this, just see extra opportunities for bad things to happen.


    Edit: To give a better answer to you about tools, they're only as effective as the amount of people willing to use, put up with, and configure them properly. Even with the massive amount of exposure computer security is getting these days, finding enough of those kinds of people is still a tall order. AppGuard, EMET, HIPS, they all can do wonderful work..if they're used.
     
  7. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    The amount of malware there is for windows that grows daily,that windows is the least secure IMO. Unix based is the most secure right now only do to market share. However with some of the security software that there is for windows that windows can be equally secure if not more secure. Lets not forget the driver some are better then others and have less accidents,like me.:D The more flowers in the garden the more attracted the bees are.
     
    Last edited: Mar 13, 2013
  8. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I personally believe Ubuntu is a bad thing for Linux, but that I guess is for another discussion. More on topic, security by obscurity just plain sucks. I agree that Windows can be made really secure.
     
  9. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    I voted Windows 7, assuming that I can put on the following set up:

    - Deep Freeze
    - EMET 3.0
    - Outpost FW on paranoid with all browser restrictions on
    - FF with NS and Request Policy and ABP
    - Appguard on paranoid lockdown
    - NVT Anti Executable Radar Pro on lockdown
    - Sandboxie
    - BitDefender AV

    I wonder if anything could ever get past this.

    Now the question should probably be which OS is most secure out of the box. Then I would probably vote Linux. Just because there is fewest viruses/malware on it.
     
  10. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Exactly the software listed above that can be installed on windows that becomes,The United States Bullion Depository, often known as Fort Knox.
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Sure. I'm not restricting the poll to default settings or anything.
     
  12. jo3blac1

    jo3blac1 Registered Member

    Joined:
    Sep 15, 2012
    Posts:
    739
    Location:
    U.S.
    Then windows by all means. I don't think there is any other operating system with even close to half as much security software as windows. I also voted windows 7 because a lot of apps are not compatible with windows 8 yet, although it's changing fast.
     
  13. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    So now it's sure to become just another "What's your security setup" thread.
     
  14. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    In that case Windows with Sandboxie.
     
  15. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Windows (version doesn't matter, even XP can be more secured than linux)
    Linux doesn't even have application firewall, only stateful.
    Poll doesn't make any sense btw.
    If you had to do it then 3 choices would be enough, Win, Linux, OSX
    But still, Windows is way ahead, simply because there are so many applications which would make it more secure than the other two, and I'm not talking about AVs.
     
  16. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Nailed it.
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Nope, not really. What I've gotten on the last few posts is that people think that 3rd party security is what's most important.
     
  18. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I wouldn't go as far as saying XP can be made more secured than Linux. But I will say that the plethora of applications is Windows greatest benefit and its Achilles Heel.
     
  19. *Holds tongue re above comment*

    Default settings: either Windows 8 or Fedora, probably Windows 8.

    Not-quite-default settings: Windows 8 with EMET.

    Not-default-at-all settings: latest stable Slackware, running some standalone window manager through XDM (not xinit), a minimal GrSec or SELinux kernel with a full MAC policy in place, an iptables firewall with logging, and maybe OSSEC or such for good measure. Oh, and Noscript.

    IMO Windows security is (currently) better from an end-user standpoint. OTOH Linux has better security mechanisms available. If you have the knowledge and the inclination, you can make a Linux desktop more secure than a Windows desktop.

    Note though that I'm talking about security in more absolute terms; i.e. if some very skilled person with a grudge decided to attack you, how much time and effort would it take them to thoroughly compromise your user account? Which I don't think comes into play very often in reality.

    Edit: one thing that does occur to me is that a Windows HIPS might, in theory, provide real-time notification of a compromised account. In terms of real-time notification I think Linux is weak. But it can be a lot stronger IMO in terms of containing a break-in in the first place.
     
    Last edited by a moderator: Mar 13, 2013
  20. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    Windows 8.
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Any reason in particular? If not, that's fine.

    People have pretty wildly different opinions on security in general, I'm just curious about what they are, and this seems like a simple way to gauge where people are.
     
  22. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    Explanation:

    On a really very hardened Windows or Linux, for any "new" publicly released app/update to properly work, the owner has to give his permission by setting up things.

    But before this approval happens, the owner needs to know if this "new" publicly released app/update is malicious or not.

    This is where Windows is better: there is a whole extremely big industry actively analyzing every publicly released app/update that works on Windows.
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Not sure what you mean. Do you mean that Windows patches go under further review or something?
     
  24. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    I'm not talking about Windows patches specifically.

    I'm talking about any piece of software ("any publicly released app/update") made to work on Windows (for good or bad intentions).

    There is a whole industry supposed to be hunting and actively analyzing ALL OF THEM.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Which industry is that?
     
Loading...