• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

is linux secure ?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

minoukat

Member
Joined
Jul 6, 2001
Location
Ottawa, Ontario
I just checked some site, and they said linux had a lot of security holes and vulnerabilities. Is it true ? Can they be fixed by everyone ?
 

Ryan0rZ

Member
Joined
Oct 6, 2002
Location
Michigan
Linux is only as secure as you make it. Some of the biggest security incidents (Windows Source Code leak, Half Life 2 Source Code leak) were on Linux servers. However, it wasn't Linux's fault. It was the server administrator's. Out of the box, Linux has much less holes and exploits than Windows. Infact, the NSA uses Linux inhouse. (They have also released their kernal tweaks, you can find it here --> http://www.nsa.gov/selinux/index.cfm)

In order to have a reliable, stable, secure system, You need to put the time and effort into fortifying it. Windows is the same way, but you'll never have the level of control with it. To truely know you're safe, you can't rely on closed source software.
 

DarkArctic

Member
Joined
Jul 14, 2001
Location
Ontario, Canada
An operating system is only as secure as you want it to be.

Everything needs patches for bugs or security vulnerabilities. Windows, Mac OS and even Linux. The difference is how the system of identifying and patching these problems happens.

Windows is closed source, meaning that source is kept secret from everyone except the developers who work on the code itself. Some believe this can help security because crackers can't see the code. Also a single organization handles the release of patches.

Linux on the other hand uses a different approach entirely. Since all the code is open anyone can read it, so it is open for peer review. This forces the programmers to be much more considerate on how the write the code, both for readability and security purposes. Anyone can submit a patch to fix a problem for open source projects. The idea is that if more eyes are looking at the code then there is more of a chance to see a problem.

The open souce model I tend to think is better and faster at patching vulnerabilities (keep in mind I may be biased). I've seen vulnerabilities get patched in a matter of hours.

It also depends on the distribution you have as well. A distro with a good update tool like RedHat, Debian and Gentoo are easy to keep up to date.

In the end it's really the user that has to keep an updated system and lock off all unessential services. The same goes for any Windows server. :)

-DarkArctic