Linux vs. Windows security (page 1 of 2)

Microsoft and Linux both provide support for authentication, access control, audit trail/logging, Controlled Access Protection Profile, and cryptography. However, Linux is superior due to Linux Security Modules, SELinux, and winbind. The user of a Linux system can decide to add additional security mechanisms to a Linux distribution without having to patch the kernel.

Various access control mechanisms have been built on top of LSM; for example, building compartments that keep applications separate from each other and from the base operating system, which limits the impact of a security problem with an application. Linux base security is further enhanced by solutions, such as Tripwire, that enable System Integrity Check functionality to periodically verify the integrity of key system files and warn those responsible for system security whether a file's contents or properties have been changed.

A limitation of Windows base security is MSCAPI, which trusts multiple keys for code signing. Microsoft's model focuses on providing one build of a product that can enable weak or strong encryption simultaneously. Although modules are not all signed by one key, since MSCAPI trusts a large number of root certifying authorities, and trusts multiple keys for code signing, it only takes one key to be compromised to make the entire system vulnerable to attack.

This can happen either by having an authorized code signer accidentally disclosing their private key, or by having a certifying authority issue a certificate in error. This has already happened once, when Verisign mistakenly signed two certificates in Microsoft's name and released control of these certificates to unauthorized individuals.

Network security and protocols

Linux and Windows support for network security and protocols are comparable. Both enable support for IPSec, an open standard for cryptography-based protection at the IP layer. IPSec verifies the identity of a host or end point and ascertains that no modifications were made to the data during transit across the network and encrypts data. OpenSSH, OpenSSL, and OpenLDAP are available on Linux and corresponding closed source implementations -- SSH, SSL, LDAP -- are available on Microsoft systems.

Linux is somewhat superior due to continuing security issues with Microsoft IIS and Exchange/Outlook. Apache and Postfix are cross-platform applications and tend to be more secure than corresponding Microsoft products. Application security for Linux is also enhanced with firewalling built into the kernel. And Snort is an excellent intrusion detection system.

One notable recent addition the Linux kernel for x86-based systems is Ingo Molnar's exec-shield, which provides protection against attacks from buffer or function pointer overflows and against other types of exploits that rely on overwriting data structures and/or putting code into those structures. The exec-shield patch also makes it more difficult to conduct a shell-code exploit. Since exec-shield operates transparently applications do not need to be recompiled.

Microsoft is taking strides to redesign the security of its products and provides patches for its installed base. Still, security issues in legacy Windows products persist and complicate this task. This leaves many Microsoft users exposed to security threats since patches must be well documented prior to deployment.

Also, the tendency for Microsoft to mix data and program code in its applications, e.g., Active X, can allow untrusted data from outside the system and can cause the activation of arbitrary code with untrusted data.