-1

According to wikipedia, Linux's security compared to Windows is generally due to "the malware's lack of root access."

Why doesn't Windows just fix this?

atolnay
  • 7
  • 2
  • 4
    Malware does not need to have root access to cause harm - neither on Windows nor Linux. Encryption of user files within ransomware is easily possible w/o such privileged access. – Steffen Ullrich Jun 04 '22 at 04:55
  • 3
    Does this answer your question? [Why is Linux considered more secure than Windows?](/questions/121504/), [Linux or Windows- the security issue](/questions/16564/) – Steffen Ullrich Jun 04 '22 at 04:56
  • 2
    Did you read the source the Wikipedia article used for the claim? Yeargin, Ray (July 2005). "[The short life and hard times of a linux virus](https://web.archive.org/web/20080501223406/http://librenix.com/?inode=21)" The article does the reasoning, although it is 17 years old and covering only viruses infecting another binaries. That is just a small portion of all the malware there is. – Esa Jokinen Jun 04 '22 at 05:59
  • 1
    Also, Microsoft sort of addressed this particular problem in 2006 by introducing UAC with Windows Vista. – Esa Jokinen Jun 04 '22 at 06:02
  • Even prior to Vista, you could absolutely run Windows as a limited user. It was even explicitly recommended by the OS. Almost nobody did, of course - too much software assumed it was running as Admin, and too many users were used to admin privileges, plus the old "RunAs" command was much less convenient than UAC for when you needed elevated privileges - but you could run as a non-root user on every version of NT clear back to the original release (3.1). (The DOS-based and 9x versions of Windows didn't have user privilege separations, but NT always did from its inception.) – CBHacking Jun 04 '22 at 07:24
  • `What prevents Windows from being as secure as Linux?` Windows has more users (most are not developers or computer professional), so more virus target it – raspiduino Jun 04 '22 at 09:17
  • https://xkcd.com/1200/ – John Gordon Jun 04 '22 at 14:56
  • Modern Windows does not get nearly enough credit when it comes to security as it should. Microsoft has been releasing some great mitigations which focus on both sandboxing and anti-exploitation. Additionally, Windows Defender has come a long way. But that doesn't answer your question, just some food for thought. – J-- Jun 06 '22 at 10:32

3 Answers3

2

Windows did fix this.

That claim on Wikipedia is based on an article written in 2005 (i.e, the days of Windows XP). Back then, it was pretty normal for users to run with full local admin rights (including almost all home users, and a significant number of corporate users). This was mostly down to badly written software that tried to write to folders inside C:\Program Files or bits of the registry that are only accessible to admins.

When Microsoft released Windows Vista in 2007, they introduced User Account Control (UAC), and took various other steps to try and encourage users to use with non-administrative accounts, and to only elevate their privileges (with UAC) when required. This is a large part of the reason that so much software didn't work properly on Windows Vista: it assumed that users would be running with admin rights, and that was no longer the case.

Gh0stFish
  • 4,664
  • 14
  • 15
1

The point is not so much that Microsoft did not solve this. The point is that Windows users are/where used to being administrator all the time on their PC. If, on a Linux distribution, you would always login as root (like Puppy Linux did) and do all your work as root, you do not have this security advantage.

Windows users still do not seem to be used to using normal accounts in stead of administrator. There are still a lot of questions like "Why am I not ADMINISTRATOR of my own system?" or articles like "Why You Should NOT Be Running a Windows “Admin” Account".

Ljm Dullaart
  • 1,897
  • 4
  • 11
  • The best practice is to have a separated account for administration despite UAC has come to help. In corporate AD environments normal domain users should not have the admin permissions. However, there has been huge regress in the cloud era, since Azure AD defaults to normal users having local admin privileges... but that is not so far from Linux users commonly being on the `sudoers` group. – Esa Jokinen Jun 04 '22 at 13:32
1

For many years, Microsoft had a very poor security model for their operating systems. They didn't design for security, but kind of tacked it on after the fact. Windows 95 (and prior) did not have any privilege separation or memory protection between programs. Windows XP had privilege separation and memory protection, but came with all directories world writable, although there were guides and kits that explained how to lock it down and add permissions to fix this. Windows XP (except for bugs) could have been as secure as linux, but they chose to distribute it to install as not secure. The Microsoft code writing style of itself also had security model problems that caused a lot of security bugs in windows. It didn't help at all that software authors coming from DOS and Windows 95 expected the system to be wide open and any attempt at securing Windows NT/XP, etc. would break that software.

More recently, Microsoft has done a good job of trying to fix this. They now have a sane security model. The operating system comes with everything locked down. Coding style has gotten much better and a lot of the operating system has been rewritten to fix security problems, but there is likely still a lot of unexamined legacy code that hasn't been looked at in 30 years. Windows 10 is probably very close to contemporary linux in terms of security. However, even today with Windows 10 and Windows 11, there is third party software that breaks when users don't have admin access.

Having said that, Linux has had its fair share of security holes. The pace of new CVEs for linux has been very high in the last 2-3 years. This is likely do to the growing popularity of linux and the huge malware and ransomware industry that is attacking both linux and windows. In the last 5 years, linux has had its fair share of devastating security holes found in 10-20 year old unexamined code, along with serious bugs in new code. The "many eyeballs" theory of open source finding bugs faster is probably well balanced against the ease of bad actors getting access to code to find bugs themselves as well as (successful and unsuccessful) attempts to inject bad code with back doors into the open source community.

So, 10 years ago, I would say Linux was more secure just because Microsoft had a poor internal security model. Today, I think Windows and Linux are probably pretty even in security level.

user10489
  • 1,217
  • 1
  • 3
  • 13