Re: [orca-list] Fwd: Re: [Support] autoinstall of talking arch

[Josh K <joshknnd1982 gmail com>]

so even the more popular ubuntu and ubuntu gnome and ubuntu mate is far 
far far more secure than windows? Also that must mean android is more 
secure than windows also since it runs the linux kernel?

follow me on twitter @joshknnd1982

On 2/16/2015 5:56 PM, Kyle wrote:
> According to Josh K:
> # but if everybody ran linux all of a sudden wouldn't the virus makers
> # then target linux just like they target windows now?
>
> Possibly yes, but the security model of Linux just doesn't make it as
> easy. See below.
>
> # and if they put an all out viral assault on linux wouldn't linux cave
> like windows does often?
>
> No. One of the main reasons why Windows caves to viruses so often is
> that there is only one company that is able to review the code. The
> Linux kernel, and to an even greater extent, GNU/Linux as a whole, has
> far more people looking at and contributing to an already more solid
> codebase, which produces better security just in the number of eyes on
> the code, not to mention the fact that the Unix security model is far
> better than the Windows security model, where anyone can gain
> administrator access to the system by modifying or even deleting the
> system registry, which can be done remotely or by tricking the system
> into running the repair program. Furthermore, Microsoft has to responde
> reactively to security threats as they get bad enough, as they do have
> fewer eyes on the code. They just don't have enough people to look at
> and fix security problems that arise to proactively fix things. If they
> did that, there would probably not be a new version of Windows for like
> a hundred years, as they would be too busy plugging holes from the
> initial porous design of the system back in the days of DOS, where
> networking was a rather novel concept on a PC. Sadly, those few who have
> managed to be able to look at Windows source code have seen old DOS
> 16-bit code in the c:\windows\system32 directory as recently as Vista,
> which doesn't really bode well for later versions of Windows either.
> Strangely, even old DOS games run better on Linux than they do on
> Windows, even in spite of this.
>
> Another problem is that Windows relies very heavily on separate mostly
> 3rd-party antivirus software in an attempt to keep malware off the
> system. It also throws up a lot of scary prompts many times when someone
> downloads legitimate software from its official website. Unfortunately,
> these things are the meat of the Microsoft Windows security model, and
> cause more problems than they solve, as more and more legitimate
> software, and even businesses, require users to disable their antivirus
> software in order to make the software they want run properly, or even
> in order to do their jobs, and eventually all the wolf crying that
> Windows itself does whenever someone attempts to download and install
> legitimate software will eventually go unheeded once the wolf really
> comes to destroy the files or fry the operating system. I will agree
> that part of using Linux is knowledge of best practices when it comes to
> downloading software and executing commands as root, but such competence
> should be a requirement for anyone sitting down in front of any
> computer, no matter what is running on it. Furthermore, any antivirus
> and security measures that are taken must be community-oriented and
> reviewed as closely as the OS-level code itself. At this point, should
> viruses ever show up on Linux, Clamav is probably in the best possible
> position to handle them, as it's free open source software that can be
> reviewed and modified by the community at large, which is a clear
> advantage that none of the major Windows antivirus vendors have. Better,
> Linux didn't copy the primarily centralized software repository from
> Apple or Microsoft. Rather, Apple and Microsoft clearly copied the idea
> from Linux distributions such as Debian, which pretty much invented the
> concept of getting one's software from trusted sources, complete with
> package signatures and other checksums to prevent tampering. This is yet
> another thing that makes Linux security far superior, as there is no
> need for the OS to cry "WOLF!" every time a user tries to install
> something on the system. No, the AUR is probably not the best place for
> people to get their software unless they truly understand the risks of
> installing an unchecked package, but if you stick to the official
> repositories, your chosen distro will do its best to keep you safe.
> Sent from my coffee maker