Linux desktop security: It's a matter of process and architecture
Linux is better than Windows at security, but the reasons are not rocket science.
Is Linux inherently more secure than Windows? Apparently so, according to this article, but the reasons have less to do with "thousands of eyeballs" and more to do with "intelligent design."
There are numerous reasons why a Linux PC is more secure from malicious software than a Windows PC. The most obvious is the way a user interacts with his operating system....
A Linux virus is doomed from early conception and there's a rough jungle awaiting. For an ELF binary file to get infected by a virus, the malicious program has to first get write access to other binaries. Prior to that, it must somehow disguise itself. Binary-only applications are so rare in the Linux world that any software not designed by a major developing firm is subject to inquiry. After a day in the wild, someone will figure out the binary file hides something else and the element of surprise will be gone. We're used to having the source code at our disposal. Try hiding a malicious code in plain text....
Windows users are accustomed to constantly running applications with administrative rights. The first account you create on a Windows XP machine is in most cases the only one you'll ever use, and that one has administrator privileges. It's fairly easy for a virus or worm to spread with all those doors open....
Surely Microsoft developers are at least this smart, too? This is a basic design decision that really doesn't have as much to do with Linux developers being security gods so much as Windows developers being security clowns, at least with respect to administrator rights. To its credit, Microsoft changed this in Vista, but what of the other design decisions the article calls out?
Any security experts want to weigh in? I'm certainly not one....