The expression is intended to suggest that proprietary software is more secure due to its closed nature. If hackers do not see the code, then it is more difficult for them to create exploits for it – or they think so.
Unfortunately for Windows users, this is simply not true, as evidenced by the endless parade of patches coming out of Redmond. In fact, one of the many advantages of Linux over Windows is that it is more secure – much more. For small businesses and other organizations without a dedicated staff of security experts, this advantage can be especially important.
Five key factors underpin Linux’s superior security:
Linux systems are by no means error-free, but one of their key advantages is how account privileges are assigned. On Windows, users are usually given default administrator access, which means that they pretty much have access to everything on the system, even its most important parts. So viruses. This is similar to providing high-level government posts to terrorists.
On Linux, on the other hand, users usually do not have these “root” privileges; Rather, they usually get lower-level accounts. This means that even if the Linux system is compromised, the virus will not have root access, it would have to harm the entire system; most likely, only local files and user programs will be affected. It can make the difference between a minor annoyance and a major disaster in any business setting.
Viruses and worms often spread, urging computer users to do something they should not do, such as opening attachments containing viruses and worms. This is called social engineering, and it’s too easy on Windows systems. Just send an e-mail with a malicious application and a storyline like, “Check out these adorable puppies!” – or the porn equivalent – and a fraction of users are tied to clicking without thinking. Result? An open door for an attached malware with potentially catastrophic consequences for the entire organization.
Due to the fact that most Linux users do not have root access, it is much more difficult to do real damage to the Linux system by forcing them to do something stupid. Before any real damage can occur, the Linux user must read the email, save the attachment, give it permission to execute, and then run the executable. In other words, not very likely.
The effect of monoculture
Despite the fact that you want to state the exact numbers, there is no doubt that Microsoft Windows still dominates most of the computer world. In the field of e-mail, as well as Outlook and Outlook Express. And this is the problem: in fact, it is a monoculture, which is no better in technology than in the natural world.
Fortunately, a variety of environments is another advantage that Linux offers. There is Ubuntu, there is Debian, there is Gentoo, and there are many other distributions. There are also many shells, many packaging systems, and many email clients; Linux even runs on many architectures other than Intel. Thus, while the virus can be directly aimed at Windows users, since they all use almost the same technology, it is much more difficult to reach more than a small part of Linux users. Who would not want to give their company this extra level of guarantee?
Along with this monocultural effect, it should be noted that most viruses target Windows, and the desktops in your organization are no exception. Millions of people using the same software are becoming an attractive target for malicious attacks.
How many eyeballs
The Linus Law, named after Linus Torvalds, the creator of Linux, states that “with enough eyeballs, all errors are small.” This means that the larger the group of developers and testers working on the set of code, the greater the likelihood that any shortcomings will be quickly detected and corrected. In other words, this is, in fact, the polar opposite of the argument “security through the unknown.”