Which desktop operating system is most secure?

Discussion in 'polls' started by Hungry Man, Mar 13, 2013.

?

Which OS is most secure?

  1. Windows XP

    3.3%
  2. Windows Vista/7

    18.7%
  3. Windows 8

    18.7%
  4. Windows (Other, post which)

    0 vote(s)
    0.0%
  5. Ubuntu/Fedora Derivative Distros

    11.0%
  6. Linux (Other, post which)

    33.0%
  7. OSX

    6.6%
  8. Other

    8.8%
  1. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    The security software industry, where AV companies play the biggest role.
     
  2. Wild Hunter - that is a good point, trust is an issue. Also just in terms of including software that may increase the attack surface. From that standpoint, bigger and more conservative Linux distributions are probably better.

    BTW, it seems to me that there's a bit of a disconnect between two crowds here. One is maybe best described as "Security as resistance to malware" (i.e. desktop school of thought); the other as something like, "Security as resistance to hostile tampering by a malicious person" (server school). Obviously there's a lot of overlap... Though I feel that the second school of thought is the one that matters in the long term, even if the first is more obvious to desktop users.

    Edit:

    There is a huge body of people doing penetration testing on Linux too. That is more for servers though, I'm not sure how much desktop-centric pentesting gets done on Linux (or how much pentesting is applicable to both desktops and servers).

    Edit 2: Wow. I fell behind in this thread fast.
     
    Last edited by a moderator: Mar 13, 2013
  3. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    For example - if I come across some new piece of software that I want to install, but I'm not sure it is safe to install, I can submit it for analysis by specialists from multiple AV vendors:

    http://www.techsupportalert.com/con...dors.htm#Easily_Submit_Malware_To_All_Vendors

    AFAIK, all this industry testing happens with Windows in mind - they watch with their own tools the behavior of the software on/in Windows (or with "Windows in mind") before reporting it as malicious or safe or whatever.

    I'm not even sure which AV vendors accept submission of software for analysis with Linux in mind.
     
    Last edited: Mar 13, 2013
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i voted for Linux just because i had to pick something.

    but with phishing and social engineering, i feel the user is the weakest link and in the end the OS used doesn't really matter.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Ah. I think I get what you're saying.
     
  6. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    For me the most secured os is one that I use. Whether it's xp,win 7 or win8, only the user can make it most secured.
     
  7. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Spot on Amit,A careless user can bork any OS there is to date.Improper use of the tools the have or dont have or think the tools they have will protect from everything.There is no holy grail of an OS it's the user that can make it as close as possible with out twenty security programs going on.
     
    Last edited: Mar 13, 2013
  8. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    Exactly Dave.:thumb:
     
  9. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Exactly what i thought.
    In my case it would be Windows since its the OS that i understand the most but i would say that in professional/expert hands then Linux would be safer.
    So my answer is:
    Safest OS for me: Windows
    Safest OS in the proper hands: Linux
     
  10. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I can't help thinking that there's no secure OS and it's all about what a user can do to protect their computer. I used to think Linux and Ubuntu in particular was very safe but looking on their security forums it becomes apparent that isn't true as I found out on this thread http://ubuntuforums.org/showthread.php?t=2079842

    I use Windows 7 (and variants of Linux in VirtualBox) and I use Sandboxie, Shadow Defender, Avast, Comodo FW (custom) with Defense+ (paranoid mode), Hitman Pro and Malwarebytes both on demand and I've also tried other apps. Yet when you look on this forum you will read that scanners aren't a good way of providing security, that the protection in Sandboxie 64 bit isn't perfect, there are problems with Shadow Defender and AppGuard. Also with HIPS unless you know what you're doing, you could end up inadvertently letting in rogue program. It seems to me no matter what you do an argument can be made against any OS or security program.

    Saying this I was at a friends house the other day helping him with a computer problem (Windows Vista OS) and I found he had quite a bit of malware yet he had been doing online banking and not had his account compromised. So despite having pretty much no security and an infected system, he didn't lose all his money etc. I also find many people I know don't care about having up to date programs and have insane online habits, downloading anything and going to any website and their computers run fine.

    I do often wonder the more security programs and features I add, the less secure I actually feel. Before I became interested in security, I used McAfee, Sandboxie and Firefox with a few add-ons and while I might not have been as secure my experience was a lot less complicated and to my knowledge, I never had a problem.
     
  11. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    I didn't vote as I really don't know which OS is the most secure. If OP needs opinions, then mine is that I heard that Linux and its derivatives can be infected if only the user installs the infected app or something like this. So they maybe called the most safe. Though I use only Win and AFAIK never got suffered from a malware (or maybe I just didn't notice this). o_O

    So my answer is that the most secure OS is on the switched off PC. :argh:
     
  12. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,669
    Location:
    Philippines
    I use all of the operating systems in listed in the poll and then some.

    There are so many factors and "secure" is really in the eye of the beholder. Every operating system has it weaknesses. It is my belief (based on 40+ years experience) that the biggest weakness in any operating system is the person in the chair. The is no such thing as a desktop operating system that is most secure.
     
    Last edited: Mar 14, 2013
  13. UnknownK

    UnknownK Registered Member

    Joined:
    Nov 3, 2012
    Posts:
    160
    Location:
    Unknown
    Ubuntu and Fedora shouldn't have been grouped together. While Fedora is one of the most secure OS out of the box, Ubuntu is the exact opposite.This was the reason I voted for linux. From my days of using fedora (Using opensuse tumbleweed these days, but for a whole 4 month fedora was my lone OS) I can say its very secure. Selinux won't allow anything to run without setting proper policies for it. For example Openvpn still doesn't have rules for Selinux. So It didn't work for me without turning Selinux off ( I could connect to VPNS through LPTP and PPTP which have proper SElinux rules).
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Which OS is most secure?
    There's no simple answer to that question. There's too many variables that the question doesn't account for, starting with defining who or what it's secure against. Out of the box, Windows security stinks. Any version of Windows can be made more secure than their newest would be if used as installed.

    Secure against what? In the wild malware? Theoretical attacks? A skilled individual? The NSA? With or without internet access? USB access? What security policy? What's the administrators/users skill level?

    IMO, the most secure OS is the one with:
    no unnecessary services or components installed or running
    no unnecessary open ports
    minimal attack surface, hardened, components isolated from each other and the rest of the system
    tight control over all internet traffic, including localhost connections
    default-deny security policy based on file hashes
    strictly defined parent-child permissions with tight control over interprocess activity
    control over internet content (java, flash, javascript)
     
  15. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I chose Ubuntu/Fedora Derivative Distros but that's just my guess as most secure O/S with default settings.

    Otherwise I feel the mainstream Windows and Linux O/S' can be run amply secure by properly utilizing either 3rd party, built-in or a combination of both security measures.
     
  16. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    No vote, as already mentioned by many others there are so may factors to consider.
    Desktop vs server usage, average Joe vs Wilders Security-afficionado setups/OOTB experience vs fully tweaked, etc.

    OOTB, I'd say Windows 8 for the average user, especially when considering sandboxing, AppContainer, integrity levels etc.
    When considering all Windows desktop users, from XP to Win8, large Linux distros might be safer, simply because of the lower malware prevalence, forced 'LUA'/Sudo environment and the software repositories.
    Then again, a popular distro like Mint ships with the firewall disabled by default...

    HM, what do you consider the most secure desktop OS?
    An OS based on a with grsecurity-all-bells-and-whistles compiled kernel?
    What's your take on QubesOS? And what are the factors/parameters you consider most important when answering the poll?
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Right now every desktop OS is basically built on a broken security model. We separate programs by users/groups and not by applications, which is why I removed Mobile from the poll, because I think Mobile has the best security model.

    I think, right now, Android with PaX/Grsecurity is likely the most secure OS, or at the very least it has the potential to be if you put in a significant amount of work.

    I think that a default install of Fedora is more secure than a default install of Windows 8, and it's easily configured to be considerably more secure. By default they're fairly close though, I only give it to Fedora because it's easier to manage installed programs/ patches centrally. Plus, SELinux is pretty good, though I find their approach somewhat misguided.

    In terms of what I consider secure, it's a matter of the skill it takes to attack a system. That's the number one thing I consider. Others disagree, many will state that it's the user, or whatever else, and I've heard that from plenty of smart people.

    As for Qubes I think that it's misguided. Virtual machines are nto security, and hypervisors have a long way to go before hardware-based security can be mainstreamed. I like what they're doing, I just don't see the massive amount of work as being worthwhile. I'd much rather see an Android security model placed on Linux OS, enforced by Apparmor/SELinux, with a hardened kernel.
     
  18. Now I'm curious. How does Android's security model work exactly? One user account per internet-facing graphical application, or such?

    (I've actually experimented with such setups. They can work, but are somewhat painful to administer on a multiuser desktop, and IMO not worth it from a security standpoint.)
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Android basically takes the Linux user model and turns it into a per-application model. It's less than ideal, but it's way better than typical.

    Each program has a certificate, which binds it to a user ID. So every program gets its own user.

    It gets more complicated, because permissions for Android are largely managed on the Java layer, and then you have 'intents', which is like IPC for Android.

    But the point is that you go from all programs have accessing each other to no programs accessing each other.
     
  20. That sounds reasonable for a (simple, GUI based, personal) phone or tablet. For a desktop - used for complex stuff, possibly multiuser, probably following the UNIX philosophy of using lots of small tools in concert - it doesn't sound feasible at all.

    (I will acknowledge that the UNIX toolbox philosophy is probably broken as far as end user security is concerned, let alone friendliness to most end users; but I happen to be very partial to it.)

    I guess it would be possible to implement something like the Android method for a mulituser desktop, but it would require grotesque (and probably insecure) abuse of sudo. And linking each (real) user account with a bunch of sandbox accounts for different applications would be possible to automate, no doubt, but it would be a terrible kludge.

    BTW, isn't Android a bit of a malware-fest at the moment? Or is most of that based on social engineering?
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Android has multiple user options, you can have two+ users.

    It's definitely where models will be going in the future, it's much more secure. To implement it on Windows would take a significant amount of work, though.

    Largely hyped, and all social engineering.

    Android itself isn't perfect though - they just have a way better model, with a ton of potential.

    The kernel needs to be hardened further, and user restrictions need to be furthered.
     
  22. How are multiple users managed exactly? Presumably one user can't access another's browser cookies, etc.? And how is transferring files between different applications managed - via the IPC framework somehow?

    Also what about command line applications? I guess core system stuff just uses the standard user account?

    Scarcely easier on Linux I would think, not if you wanted to make it transparent. Convenient for power users would be a long shot, convenient for novices even harder... For instance, the way FDO menus and .desktop files work seems to be predicated on single users having single accounts.

    It seems to me that it would be more productive on a desktop to use the UNIX DAC layer as is typical on Linux, and focus on MAC instead. Ideally, a standard MAC system would allow the upstream developers to create a sensible profile that would work on all distributions. The main problem there IMO is that nobody wants to pick a standard MAC system and stick with it. This is Linux; people can't agree on stuff, and reinventing the wheel is too fun.

    (It also occurs to me that letting upstream devs handle the MAC profile might be stupid. OTOH, if they can't write a sane profile for AppArmor or such, I probably don't want to be using their code.)
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    I think a new user gets all new apps, or they get the same apps but with separate data. I'll probably check that out on my phone.

    If one program wants to access another it needs the permission on the Java layer, and it's handled through intents.

    Anything like 'ls' or 'cd' would run in the terminal, on the Linux layer, with its own separate permissions.

    I've spent a considerable amount of time basically considering the issues with leveraging the Windows model to work like Androids. It's possible, just annoying, and you have to leverage multiple techniques otherwise you're gonna have a ton of compatibility issues.

    The reason it's easier on Linux is that, on Linux, you just jump straight into the kernel. On Windows you're stuck using what they give you - you can only get so deep, and they're really against programs implementing their own security models.

    Well, there's a few issues.

    1) MAC only matters if you have a strong kernel. Linux should focus on bringing grsec features upstream before they try to standardize MAC. Upstream security is so pathetically broken right now - they have other **** to worry about.

    2) Apparmor v SELinux isn't straight forward. People swear by both for different reasons. And some people like RBAC, which can be done through multiple LSMs.

    3) A profile for a program that's invisible to *all* users under *all* use cases isn't secure right now, with these MACs, because they're pretty much either usable or secure, not both. If you want a 'silent' Chrome profile, you need to basically allow arbitrary execution of files from the downloads folder, for example. There's currently no 'logic' for profiles to secure that type of interaction.
     
  24. I see. The whole thing uses some kind of copy-on-write sandboxing presumably? (Except for the Linux layer stuff?)

    Ah, okay, this is kernel hacking then. (i.e. way over my head ATM.)

    Would that be "pathetically broken compared to GrSec" or "pathetically broken compared to other mainstream desktop and/or server OSes"?

    If we're talking about their attitude towards security, though, I agree wholeheartedly. Passing off known arbitrary code execution exploits as "possible DoS" is stupid and unethical.

    AppArmor is arguably much less secure, but for desktops I think it makes a lot more sense. Especially as half the fight with security is implementing it, which is much more difficult with SELinux.

    Hmm. This was the issue I ran into with AppArmor myself.

    My take is that in this case it makes sense to sacrifice some convenience for security. For instance, internet-facing programs could be allowed common read/write access only to a "Shared" directory. Want to upload something, you have to put it in "Shared" first; that's not too hard to grasp.

    (If you wanted to go for something more convenient, you could allow read access to the whole home directory, and just limit writes and prohibit execution. This would be more of a malware-specific strategy, but it would probably still work most of the time.)

    Edit:

    I feel compelled to point out, though, that any sort of per-application sandboxing is kind of self-limiting. Realistically, the biggest weak point is the browser, because it's vulnerable and you do lots of stuff with it. If some script kiddie gains remote access to your browser session, it doesn't matter how much sandboxing you've heaped on that browser; chances are you're still going to get something stolen.
     
    Last edited by a moderator: Mar 14, 2013
  25. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It depends what you mean by "secure" :)

    Security against identification is far more important for me than security against malware and hacking. I don't normally take risks with software or places, and I use throwaway VMs (on dedicated hardware, if appropriate) when I do.

    For me, the fatal flaw in Windows and OS X is the money trail from buying them. Also, given that I use many VMs, licensing would be prohibitively expensive. While using cracked copies would address those issues, I'd never trust them.

    So I answered Ubuntu/Fedora. Actually, these days I like Xubuntu best.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.