Windows vs. Linux: Security

Linux is architected for security. Windows is, apparently, not.

Linux isn't perfectly secure, but Microsoft Windows is architected for security failure, as IT Wire points out. Good design decisions in Linux may well account for the glaring difference between security in Linux and insecurity in Windows:

The reality is Windows is naturally insecure for a variety of reasons, not least being Windows' users were always conditioned to login and run programs as the administrator user. Windows Vista has made an attempt, too late, to stifle this behaviour but the far number of complaints about the intrusive UAC box is testament to how many ordinary, daily, Windows tasks require administrative privileges - not necessarily due to legitimate need, but often just bad programming.

By contrast, Linux users are well accustomed to the notion of having an "ordinary" login, separate from root, with no special enhanced system rights or access. A good deal of the credit for Linux' security and general virus-resilience is due to this natural, ingrained self-constrained behaviour.

Assuming this is true, why didn't Microsoft think of this? The company surely has enough money to hire the best and the brightest. Yet it makes fundamental design errors.

Well, in the past, but isn't Vista better? Microsoft has made security a hallmark of Vista, and the reports I've read suggest that it has succeeded (mostly), the only problem being user aggravation at UAC (see above). So has Microsoft learned its lesson?

Tech Culture
About the author

    Matt Asay is chief operating officer at Canonical, the company behind the Ubuntu Linux operating system. Prior to Canonical, Matt was general manager of the Americas division and vice president of business development at Alfresco, an open-source applications company. Matt brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. He is a member of the CNET Blog Network and is not an employee of CNET. You can follow Matt on Twitter @mjasay.


    Discuss Windows vs. Linux: Security

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Articles from CNET
    Galaxy S6 fails to bring back Samsung's mojo