Do You Think Linux is Secure?
Linux has taken a couple of blows recently in the security department raising the question is Linux really secure? Pundits weighed in and opinions were about as diverse as the individuals. Much was rehash written every time this issue arises ranging from Linux permissions makes Linux more secure to Linux is only as secure as its administrator. But what do regular users think? That's what TuxRadar is asking this week in its Open Ballot.
One of the more interesting observations came from Kim Andersen who said that the diversity of Linux distributions is one reason why Linux is safer than Windows. For example, a malicious .deb will only work on Debian, Ubuntu, Mint, Mepis, or other Debian system. RPM, YUM, Portage, Entropy, Pacman, slackpkg, etc. systems are immune. Tarballs are another subject.
However, another safeguard built into Linux is the large repositories of our most popular distributions. These resources help keep users safer because they won't need to use a search engine and download from untrusted sources, says Shimi.
Then there were several that echoed the sentiment that as Linux popularity grows, so will attacks and attempted attacks. This has been a reoccurring notion for quite a while now, but some think that's something Linux will probably never have to worry about. I'm starting to think Linux may never reach that level of market share either. If there was ever a chance it was with the release of Vista coinciding with the Ubuntu rise. Linux gained some ground, but most of that bump trickled back away with Windows 7 and all those handy gadgets.
Shimi later made another interesting point, even if a bit off-topic. But (s)he wondered, "Didn't Microsoft just got all of a sudden involved in the linux kernel? Interesting timing, Perhaps that way it wasn't suspicious that they were poking around kernel.org." I don't Microsoft is all that worried about Linux anymore. I think we were even recently removed from its enemies list (see above).
Stunonymous Penguin asserts that Linux users are just more security conscious and have lots of intrusion and vulnerability testing software. But he goes on further to state that risk is increasing due to the growing popularity of personal package archives and one-click installers that allow users to install anything without any thought of security or damage to their systems.
And of course, no security discussion would be complete without the root, user, sudo arguments. There were opinions to represent all the angles, but for me, I do feel safer knowing most of my vital system files are protected by root permissions.
The old adage that says systems being only as secure as the users' ability to secure it probably sums my feelings of safety in Linux. While Linux is inherently more secure by design users need to be diligent in keeping their systems safe. Unfortunately, I also think if those Chinese and lulz hackers can get into NASA, Halliburton, and The Nuclear Regulatory Commission then me and my little ole Iptables script probably ain't gonna keep 'em out.