A very long standing debate, both from experts, hobbyists, and general consumers. Which computer Operating System is the best? This question always ends up being synonymous with, which OS is more secure? The problem here is these two questions are completely and entirely independent of each other. Let’s look at both in more detail.
Security:
This is a multilayer question. Hack attempts, malware, spyware, virus’s etc. generally have one common goal; to steal information and acquire access. Computer attacks mostly fit into 2 categories – Attacks for profit, or attacks to harm a large company, usually as a political statement.
Let’s start from the bottom and most basic. Physical access. Criminals with the intent to gain access to your computer by means of directly and physically accessing it usually do this in public areas, coffee shops, airports, stores, parks etc. They will either lift the entire machine, or quickly access it while if left unattended. Obviously this is not the most common, but does happen. I have worked for a company where several laptops storing sensitive information when missing or were stolen in public places.
In this scenario the thief has more tools at his disposal, but usually just wants to make a profit selling the machine. In cases that the machine has windows or linux, they will usually sell the machine as is, or reinstall the OS. However, if the thief does want access to the machine each is vulnerable, but I’d have to go with linux as the safest. Mac’s have a quick access account reset method that could be done in minutes. Holding Apple key + S while the system is rebooting will drop the user at a “root” prompt (root being system level access that is otherwise disabled on macs). After that it’s a few steps away from resetting the password or creating a new admin account. Windows has a similar vulnerability, ERD commander, which is used by many professionals to reset passwords or attempt to repair non-working windows machines.
OS and Web attacks:
This is really 2 parts, however they culminate into online based attacks. all 3 major OS’s have their flaws and security measures. Microsoft has by far added the most advanced and secure options as well as multiple ways to manage them. They now also offer free anti-virus software, which is as decent as any free and most paid subscription based anti-virus programs. The ads depicting Windows Vista with annoying Pop-ups asking for permission to run programs is NOT new to Mac or Linux users. Each ask for elevated privileges usually by asking for an Admin username and Password to run or install certain programs. Windows Vista did take it a bit farther by occasionally adding one extra security dialogue box, but nothing more intrusive then mac and linux already implement. Point being, when a virus or malware gains access to the system, it must also gain access to an admin account, making it a bit more difficult to infect. We can equate this to security measure to the protection you may have in your house. If the thief gets in your house without being detected, it’s up to your in-home security to block them, which most people don’t have. Anti-virus programs and these annoying security measures are a last resort step to prevent infection, and generally are not too effective on any platform. If the virus is new, or altered enough, your anti-virus program likely has not published a definition detection for it.
These leaves us with the entry point. The most important step in preventing attacks. there are 3 major points of entry with all 3 OS’s. Instant Messengers, E-Mail client (both web and module software), and the biggest being the web browser itself. Since there has been a major focus on security with all platforms it’s becoming more difficult for attackers to gain access to a computer, so the attackers must also adapt. Most attacks now use a form of social engineering in one way or another.
Instant Message attacks usually pop up in the form of a link. Bots are setup to spam as many contacts as possible usually with a saying similar to “Hey check this out”, or “Is this a picture of you?”. If the end user clicks the link they are directed to a site that instantly downloads Malware/Trojans, then infects the users IM account and sends the same link and quote out to everyone on their contact list. This results in getting what seems to be a legit IM from a friend saying they found a picture of them and to go check it out.
Email, or “Spam”, is a very common practice to infect PC’s. This can range anywhere from free or cheap medication, real estate properties, to something more convincing like spam appearing to be from fedex saying they were unable to deliver a package, or delta saying that a flight plan had changes. The latter usually containing a zip file with supposed information about the problem. Once the zip file is opened, or the link is clicked the computer is infected and begins spamming out messages from the users mail client as well as opening holes for attackers to use their computer in a “botnet”. Anti-virus programs are usually useless against these attacks, relying heavily on spam filters to block both executable files and harmful links, but they still can and will get through with enough effort.
Onto the browser attacks. Browser attacks are the absolute most common and devious attacks, spawning arguments, debates, and development cycles commonly known as the “browser wars”. The vast majority of attacks on a computer come from browsers and always implement a certain level of social engineering. A website may clone a legitimate website, appearing to the user to be exactly where they wanted to go. Upon entry, or clicking on a link, will start downloading and infecting the users machine. Other attempts will advertise a video, game, download, or other such material enticing the user to visit based on the user assumption that they would truly like to view or use the advertised product. There is almost no end to the number of infected sites falling in this range and often requires great care and scrutiny from the user to avoid these traps. This type of attack usually exploits a security hole in the web browser or 3rd party plug-in to gain access, especially when the site includes Flash or Java content. All browsers developers work extremely hard to prevent security holes and patch their software, but they do require the user to constantly update their software.
In the end, attacks come down to very basic elements. if a user is not allowing automatic updates, or downloading updates that require manual updates, they are more prone to attacks. Every OS, browser, mail client, and IM client require regular updates to remain safe and must be attended to. In a more fundamental aspect, since these attacks on the general public are aimed at money and pure numbers. The most common OS/browser/IM client used are quite obviously going to be the most common attacked which sheds a very real light on what advertisers would rather you not know. It’s not a matter of what OS is more secure, it comes down to what OS holds the largest user base that will be most frequently attacked. If windows was the minority in the OS wars, it was suffer far less attacks then a Mac.
In an article from Cnet, Jeremiah Grossman from WhiteHat Security put it best, “from a consumer's perspective you probably should be using the word 'safe' rather than 'secure'; two completely different things. 'Secure' is a supermax prison. 'Safe' is a playground in suburbia. Follow?”
In the end, consumers should not be looking at their choice from a security perceptive. The choice should be summed up by what you need from your computer, and what options each has to meet your needs. State of security will be a combined effort between software updates and extreme caution. Until Software developers are able to remove the human element and social engineering aspect of security vulnerabilities, nothing will ever be secure on the net.
No comments:
Post a Comment