Operating Systems Security

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
(Linux Security Features)
Line 48: Line 48:
*Stack Smash Protection, Buffer Overflow Detection, Exec-Shield
*Stack Smash Protection, Buffer Overflow Detection, Exec-Shield
All of these are systems to prevent exploits.  Exec-Shield provides address space randomization, while the others are specific features designed to detect specific exploits.
All of these are systems to prevent exploits.  Exec-Shield provides address space randomization, while the others are specific features designed to detect specific exploits.
 +
 +
==Most Secure==
 +
===Overall Comparison===
 +
A study was done that compared the number of security problems found in each operating system within 6 months of release.  Windows Vista had by far the lowest number of bugs, while Linux distributions had the highest.  This data cannot be taken at face value, however, due to the open source nature of Linux.  Clearly many more bugs will be found in an operating system where everyone can view the code.  This may actually be better for security, even though according to the chart it would seem not to be. 
 +
<p>Comparing Windows Vista and Mac OS X, however, is relevant.  Since Mac OS X is mostly closed source, this study indicates that Windows Vista is more secure than Mac OS X seeing as it had the least number of security problems.  However, since Windows has a history of always having the highest market share, it is most likely that hackers will continue to focus their attacks on Windows.  Even though the current market share of Vista is about 8%, based on previous trends that will most likely rise in the future. 
 +
===The Most Secure===
 +
Linux is the most secure operating system.  Firstly, it has a low personal computer market share, meaning less hackers will attempt to attack Linux.  It is also open source which means far fewer bugs are left unchecked.  Lastly, developers clearly have a focus on security, as it has comparable features to the other operating systems. 
 +
<p>Linux is a more advanced operating system, however, and does take some computer knowledge to use it properly.  For a casual or beginner computer user, Mac OS X is the better choice.  It is still quite secure, but having a relatively low market share means that there will be fewer attacks. 
 +
<p>This does not mean that Windows Vista is by far the most insecure operating system.  The data indicates that this is not the case.  But the Windows market share trends must be taken into account.

Revision as of 06:29, 3 December 2007

The security of operating systems has always been a concern for users, and especially so with the invention of the Internet. Operating system developers are constantly creating new ways to protect computers from hackers. The three most common operating systems are Linux, Mac OS and Windows. They each have a different set of security features. So the question is, which is the most secure?

Contents

Hacking

Hacking is the act of manipulating computers to get them to do exactly what you want. A hacker is the person who does the hacking. A hacker is generally defined as someone who is very good with computers and programming. However, in popular culture, a hacker is considered someone who attempts to break into computer systems. For the purposes of this article, the latter definition will be used. Hacking is done for many reasons, including anything from theft and denial of service to someone hacking because they have a psychological need to do it. It is therefore vital for an operating system to be as secure as possible to protect against them.

Techniques

There are many ways a hacker can attack a system. Some of these include exploits, which take advantage of faulty operating systems coding, or Trojan horses, which are programs that seem to provide one function but actually do something completely different. To get a better understanding of hacking, visit the hacking wiki at Wikipedia.

Common Operating Systems

Windows

Example of Windows GUI

There are two releases currently in use today. Windows XP, released in 2001, is currently on 79.07% of all personal computers in the world. Windows Vista, released in 2006-2007, has a market share of 7.97%. Windows provides a fairly straightforward system that is useful to a beginner and a more advanced user. It is a closed source operating system, so only the developers have access to the source code of Windows.

Mac OS

Example of Mac OS X GUI

The most recent release is the Mac OS X. It is very different from the original Mac OS, having an improved GUI and many more features. Its market share is estimated to be from 6% to 13% in the personal computing market. It is also meant to be easy to use and also have advanced features. It is a mainly closed source operating system but some major components are open source.

Linux

Example of Linux GUI

Linux, in general, is a more advanced operating system. Although it often has a point-and-click interface, some things must be done via a command line, making it slightly harder to use. For this and several other reasons, this operating system is better suited for someone more knowledgeable in computers. It is a completely open-source operating system, meaning anyone can view the source code. It also has many different distributions. Each distribution focuses on different features such as speed, ease-of-use or security. The Linux market share is approximately 1%.

Windows Security Features

Vista, will be the focus here since it is the newest. Some of the more major security features include the following:

  • User Account Control
An example of User Account Control‎

Each time the something occurs that may affect the systems security, a prompt will appear that asks whether or not it should be allowed.

  • Address Space Randomization

Many hacker exploits involve overflows into other portions of system memory in order to manipulate certain pieces of code. Vista has randomized memory in order to prevent this. By having memory more scattered, overflows often will not modify the correct address in memory, thereby preventing an exploit.

  • Integrity-Level Access

Everything that is running in Vista is given a certain trust level. For example, something with lower trust cannot modify something with a higher trust level, but something with higher trust may be able to modify something with a lower trust level.

  • Improved Firewall and Address Stack

Some updates and improvements from the XP firewall and network security.

Mac OS X Security Features

Mac OS X Leopard is the most recent release of Mac OS X. Some of its major features are:

  • Open Source

Since a portion of the operating system is open source, faults in the code can be found by anyone. This means patches can be found much faster than if the developers were the only ones allowed to view the source code.

  • Sandboxing

Gives programs as few resources as possible so as to prevent the program from gaining access to vital areas of the system.

  • File Tagging and Signed Applications

If a program has not been run before, it is tagged. The first time it is opened, the user is asked if the file is OK to be run. Signed applications are ones that have a digital signature. These help identify the integrity and trustworthiness of the program.

  • Library Randomization

Same idea as the Windows address space randomization, this helps protect against exploits.

Linux Security Features

The number of Linux security features differs with each distribution. Some of the most notable general features are:

  • SELinux

Provides mandatory access control and integrity checking of programs and processes.

  • Open Source

Being open source gives Linux a major advantage security-wise. Instead of just developers fixing bugs, all users are capable of this. Studies have shown that many more bugs are found and fixed in open source software than in closed source software.

  • Stack Smash Protection, Buffer Overflow Detection, Exec-Shield

All of these are systems to prevent exploits. Exec-Shield provides address space randomization, while the others are specific features designed to detect specific exploits.

Most Secure

Overall Comparison

A study was done that compared the number of security problems found in each operating system within 6 months of release. Windows Vista had by far the lowest number of bugs, while Linux distributions had the highest. This data cannot be taken at face value, however, due to the open source nature of Linux. Clearly many more bugs will be found in an operating system where everyone can view the code. This may actually be better for security, even though according to the chart it would seem not to be.

Comparing Windows Vista and Mac OS X, however, is relevant. Since Mac OS X is mostly closed source, this study indicates that Windows Vista is more secure than Mac OS X seeing as it had the least number of security problems. However, since Windows has a history of always having the highest market share, it is most likely that hackers will continue to focus their attacks on Windows. Even though the current market share of Vista is about 8%, based on previous trends that will most likely rise in the future.

The Most Secure

Linux is the most secure operating system. Firstly, it has a low personal computer market share, meaning less hackers will attempt to attack Linux. It is also open source which means far fewer bugs are left unchecked. Lastly, developers clearly have a focus on security, as it has comparable features to the other operating systems. <p>Linux is a more advanced operating system, however, and does take some computer knowledge to use it properly. For a casual or beginner computer user, Mac OS X is the better choice. It is still quite secure, but having a relatively low market share means that there will be fewer attacks.

<p>This does not mean that Windows Vista is by far the most insecure operating system. The data indicates that this is not the case. But the Windows market share trends must be taken into account.

Personal tools