Operating Systems Security
From Computing and Software Wiki
Line 56: | Line 56: | ||
===Open Source vs. Closed Source=== | ===Open Source vs. Closed Source=== | ||
- | There are two schools of thought with security. | + | There are two schools of thought with security [[http://www.linux-watch.com/news/NS7350372195.html 13]]. Some believe that open source is more secure because holes can be found by anyone and a patch can be made by anyone. Others believe in 'security by obscurity' in that, by being closed source, it makes it harder for hackers to exploit. Supporters of closed source state that exploits are made easier because the source code can be seen. Supporters of open source state that closed source software is patched less frequently, the patches do not always fix the problem and can actually cause further problems. Since the patch code cannot be seen, it is never guaranteed to work. Clearly one is not definitely more secure than the other. |
===The Most Secure=== | ===The Most Secure=== |
Revision as of 06:21, 5 December 2007
The security of operating systems has always been a concern for users, and especially so with the invention of the Internet. Operating system developers are constantly creating new ways to protect computers from hackers. The three most common operating systems are Linux, Mac OS and Windows. They each have a different set of security features. So the question is, which is the most secure?
Contents |
Hacking
Hacking is the act of manipulating computers to get them to do exactly what you want. A hacker is the person who does the hacking. A hacker is generally defined as someone who is very good with computers and programming. However, in popular culture, a hacker is considered someone who attempts to break into computer systems (Scambray et al 2001). Hacking is done for many reasons, including anything from theft and denial of service to someone hacking because they have a psychological need to do it (Scambray et al 2001). It is therefore vital for an operating system to be as secure as possible to protect against them.
Techniques
There are many ways a hacker can attack a system. Some of these include exploits, which take advantage of faulty operating systems coding, or Trojan horses, which are programs that seem to provide one function but actually do something completely different. To get a better understanding of hacking, visit the hacking wiki at Wikipedia.
Common Operating Systems
Windows
There are two releases currently in use today. Windows XP, released in 2001, is currently on 79.07% of all personal computers in the world 1. Windows Vista, released in 2006-2007, has a market share of 7.97%. Windows provides a fairly straightforward system that is useful to a beginner and a more advanced user. It is a closed source operating system, so only the developers have access to the source code of Windows.
Mac OS
The most recent release is the Mac OS X. It is very different from the original Mac OS, having an improved GUI and many more features. Its market share is estimated to be from 6% to 13% in the personal computing market[2]. It is also meant to be easy to use and also have advanced features. It is a mainly closed source operating system but some major components are open source.
Linux
Linux, in general, is a more advanced operating system. Although it often has a point-and-click interface, some things must be done via a command line, making it slightly harder to use. For this and several other reasons, this operating system is better suited for someone more knowledgeable in computers. It is a completely open-source operating system, meaning anyone can view the source code[3]. It also has many different distributions. Each distribution focuses on different features such as speed, ease-of-use or security. The Linux market share is approximately 1% [2].
Windows Security Features
Vista, will be the focus here since it is the newest. Some of the more major security features include the following:
- User Account Control[4]
Each time the something occurs that may affect the systems security, a prompt will appear that asks whether or not it should be allowed.
- Address Space Randomization[5]
Many hacker exploits involve overflows into other portions of system memory in order to manipulate certain pieces of code. Vista has randomized memory in order to prevent this. By having memory more scattered, overflows often will not modify the correct address in memory, thereby preventing an exploit.
- Integrity-Level Access[6]
Everything that is running in Vista is given a certain trust level. For example, something with lower trust cannot modify something with a higher trust level, but something with higher trust may be able to modify something with a lower trust level.
- Improved Firewall and Address Stack [7]
Some updates and improvements from the XP firewall and network security.
Mac OS X Security Features
Mac OS X Leopard is the most recent release of Mac OS X. Some of its major features are:
- Open Source[8]
Since a portion of the operating system is open source, faults in the code can be found by anyone. This means patches can be found much faster than if the developers were the only ones allowed to view the source code.
- Sandboxing[8]
Gives programs as few resources as possible so as to prevent the program from gaining access to vital areas of the system.
- File Tagging and Signed Applications [8]
If a program has not been run before, it is tagged. The first time it is opened, the user is asked if the file is OK to be run. Signed applications are ones that have a digital signature. These help identify the integrity and trustworthiness of the program.
- Library Randomization [8]
Same idea as the Windows address space randomization, this helps protect against exploits.
Linux Security Features
The number of Linux security features differs with each distribution. Some of the most notable general features are:
- SELinux[9]
Provides mandatory access control and integrity checking of programs and processes.
- Open Source[[1]]
Being open source gives Linux a major advantage security-wise. Instead of just developers fixing bugs, all users are capable of this. Studies have shown that many more bugs are found and fixed in open source software than in closed source software.
- Stack Smash Protection, Buffer Overflow Detection, Exec-Shield [11]
All of these are systems to prevent exploits. Exec-Shield provides address space randomization, while the others are specific features designed to detect specific exploits.
Most Secure
Overall Comparison
A study was done that compared the number of security problems found in each operating system within 3 months of release[12]. Windows Vista had by far the lowest number of bugs, while Linux distributions had the highest. This data cannot be taken at face value, however, due to the open source nature of Linux. Clearly many more bugs will be found in an operating system where everyone can view the code. This may actually be better for security, even though according to the chart it would seem not to be.
Comparing Windows Vista and Mac OS X, however, is relevant. Since Mac OS X is mostly closed source, this study indicates that Windows Vista is more secure than Mac OS X seeing as it had the least number of security problems. However, since Windows has a history of always having the highest market share, it is most likely that hackers will continue to focus their attacks on Windows. Even though the current market share of Vista is about 8%, based on previous trends that will most likely rise in the future.
Open Source vs. Closed Source
There are two schools of thought with security [13]. Some believe that open source is more secure because holes can be found by anyone and a patch can be made by anyone. Others believe in 'security by obscurity' in that, by being closed source, it makes it harder for hackers to exploit. Supporters of closed source state that exploits are made easier because the source code can be seen. Supporters of open source state that closed source software is patched less frequently, the patches do not always fix the problem and can actually cause further problems. Since the patch code cannot be seen, it is never guaranteed to work. Clearly one is not definitely more secure than the other.
The Most Secure
Each operating system has a comparable set of features. Therefore, the 'most secure' can be defined here as the one that is safest from hacker attacks. Since a hacker will tend to focus on the most common or popular operating system, this may be the best measurement of security. Linux is therefore most secure operating system. Apart from having the lowest market share, developers clearly have a focus on security, as it has comparable features to the other operating systems.
Linux is a more advanced operating system, however, and does take some computer knowledge to use it properly. For a casual or beginner computer user, <ref>Mac OS X </ref>is the better choice, as it is easier to use. It is still quite secure, and having a relatively low market share means that there will be fewer attacks.
This does not mean that Windows Vista is the most insecure operating system. The data indicates that, in fact, it is technically better than Mac OS X. But the Windows market share trends must be taken into account. Since Windows Vista will most likely be the most commonly used operating system in the future, it will be the focus of attacks. It is therefore more sensible to pick the Mac OS X instead.
References
Market Share
SELinux
Open and Closed Source Discussion
Hacker Definition
Security Report
Mac OS X Security Features
Linux Security