Why Linux is Secure
Category Linux Security
- There have been lots of back-and-forth jousts over the trophy
for most-secure operating system. The losers pick over the criteria
and the winners down their toasts with a brandished “I told
you so” salute.
- The contests never really made sense to me, because security has to be measured as a cohesive system. I don't understand the concept of secure, “generic” configurations. No such thing. I can imagine evaluating “most secure Java application server with an RDBMS back-end,” or “most secure messaging client desktop configuration.”
- So, taking the example of a messaging client, I consider Linux to offer the most secure base for building the Most Secure Messaging Client. Technically, I believe it possible that a fully loaded Vista or Mac OSX setup could be measurably better in overall security (by whatever criteria is selected). But, if I can implement a comprehensive security installation for a fraction of the competitive offerings, then it's more likely to happen.
- For Linux, the two most used security frameworks are SELinux and AppArmor which work on servers and workstations. SELinux has a reputation for requiring lots of tuning to be effective, and AppArmor has been criticized for not being granular enough. Linux workstations can use either system, along with a firewall to achieve a high degree of security.
- Of course, Linux adherents like to talk about their “sudo” partitioning of rights, which separates the user level from full administration privileges. It's a big improvement over the general use of most Windows systems, whereby anyone can install anything. The next release of Ubuntu will include PolicyKit, in development by RedHat, which offers more nuanced rights distribution than just user and root access through sudo.
- But for those of us that are concerned about security, we know that real security is about encryption. It's taken years, but the standard has slowly been raised. I can't secure my notebook, if I don't encrypt the data. Period. Otherwise, my client station is hard and crunchy on the outside, and soft and chewy on the inside.
- So why is Linux a better security-mousetrap? Because there are continued open-source efforts, by a variety of vendors, to fill in every possible security concern. Regarding encryption, there is a portfolio of device encryption schemes available for Linux. For instance, Phoronix reviewed dm-crypt on Ubuntu to check the overall resource load for the client: the worst case example was 7% overhead. That value is small enough that it's not even going to be noticeable by the average user (and I'd gladly trade disk encryption for the periodic virus sweep that is run against my client).
- Here's another example: Opus Palladianum, a secure browser, is being developed at the University of Illinois, using a unique security model that relies on SELinux for its underpinnings. It's only available on Linux.
- Seriously. The reason Linux is secure, is because it can.
- 
Comments
I have tried at various times to get users to Linux desktops, and have great uptake on the applications side. Navigating the filesystem always causes panic, though. As soon as they open their file browser and don't see drive letters they freak. There are probably ways around that, I'm not a strong enough Linux admin to figure it out.
Posted by Charles Robinson At 12:00:31 AM On 03/28/2008 | - Website - |