Is Opensuse 13.2 inherently more secure than Windows 8.1


Recommended Posts

TPreston

Your only solution to security is to restrict the user by locking down the system. This isn't necessary if the primary software source is a curated store or peer reviewed repository.

Yeah... So do the above and use the repository or the repository and your trusted signed applications...

Microsoft is already moving towards that model but it's nowhere near as dominant as on iOS, Playstore, or GNU/Linux. If you eliminate software acquisition as a vector, security is greatly enhanced by definition.

The attack surface is reduced just like it is in my example. Without opening up a gaping hole elsewhere.
Link to post
Share on other sites
gohpep

Linux has a superior privileges system than Windows. Most executables are not executable by default.

 

On windows, you just press yes to everything and it has full access to your system. With linux, programs have a harder time getting full control.

 

Sure, you can harden Windows all you want, but by default, Linux is more secure.

 

We can also say that we have less vulnerabilities, because we have more eyes to see the code.

 

 

Anyway, if you really want protection, use rkhunter and chkrootkit. ClamAV is recommended if you share with a Windows computer or use Wine, although many Windows threats are not compatible with Wine.

  • Like 2
Link to post
Share on other sites
spy beef

I use openSUSE at home, and planning to switch all my Windows 7 computers at work to openSUSE when support ends in 2020. It's definitely more secure and stable than Windows.

  • Like 2
Link to post
Share on other sites
Lazy8s

Folks, thanks so much for all the input. I've decided I'm going to make the switch, and am about 80% certain it will be with Opensuse. I have some reading up to do on firewall configurations (and have to drop the coin on a laptop lol) but due to input here, negative 3rd party anti malware experiences in windows, and a fair amount of reading (not fully understanding everything sometimes) :blush:  it seems the practical move to make.

 

Time to get my stale old brain back into learning mode. I don't suppose there's an easy command line argument for that? :D

Link to post
Share on other sites
simplezz

and have to drop the coin on a laptop lol

Why? Didn't you say you had a Surface Pro 3?

Naturally, the first few comments we saw when Microsoft announced their latest incredibly powerful and fantastically thin tablet PC was some variant of

  • Like 1
Link to post
Share on other sites
Lazy8s

LoL love it :)

 

I've seen that write up on Ubuntu,there are several threads on OpenSuse as well....but experiences don't seem to be consistent across the board yet. Usually typecover issues. I'd rather not have to rely on another keyboard to make it work.

 

Patched kernels are flying all over the place though. It won't be long :)

Link to post
Share on other sites
  • 3 months later...
DevTech

I understand through various articles that I do not need to run an AV/malware suite with Linux. The reasoning I'm seeing is that nothing can access or alter system files without root access, which requires my password. I'm very cautious with browsing/email habits on the SP3, but in the event I ever did activate (click on or whatever) a Linux compatible bit of malware, does the above statement stand?

Just a note to the OP since nobody actually bothered to answer your question (which seems to be fairly common on Neowin as discussions proceed and nobody seems to go back and read the OP which to me seems to defeat the point of having questions...)

If you are on a Linux machine and click on real (non-script-kiddie) malware that uses a non-patched root exploit then you will 100% get infected.

This cannot be avoided by browsing safe sites since those safe sites are often infected for exactly that purpose. Google actually issues public documentation on the percentage of its servers that have been compromised.

This is also 100% true of a Mac or Windows machine.

So you are playing a game of poker. Your question asked about Linux malware which statistically is far less likely to be hanging out on a Google server than a Windows or Mac package although malware has been identified that can detect Windows or Mac and deliver the correct payload so it's only a matter of time perhaps until these muti-malware become more common.

So the objective of these malwares is to sneak onto your computer and remain undected forever. Not like the fun old days when they would wipe your hard drive and display a mocking message on your screen...

So the poker game is comparing the much smaller chance of encountering a Linux payload which will remain undetected because Linux desktop users don't do virus scans, versus the much larger chance of getting Windows malware but eventually being notified of it during the next schedule virus scan.

The easy logical solution is to run anti-virus on Linux but that goes against the entire mythos of the Linux community.

Mac users get to play the same poker game with a much higher risk factor due to a much larger malware percentage compared to Linux combined with more available exploits in OSX combined with "Macs don't get virus" attitude from Apple.

If replying to a post in June annoys anyone, please forgive me but I am very curious to know how Lazy8s's experience with Linux on his Surface Pro 3 turned out and if he achieved the peace of mind re his banking info etc that he had hoped to by using OpenSuse.

 

  • Like 1
Link to post
Share on other sites
Gabe84

Linux has a lot of security stuff in place, but of course, you can ruin it all with root access.

 

SELinux helps against executed viruses doing severe damage, though I am not sure if Open SUSE has it.

 

If you want the most secure browser, wget and lynx. Of course, that is not optimal. Firefox is pretty secure, if you have the right addons.

I use Firefox 41.0 on Lubuntu 14.04, addons: AdBlock Plus, EPUBReader, Ghostery, HTTPS-Everywhere, LastPass, NoScript, Ubuntu Modifications, and X-Notifier.
The last one, X-Notifier, is not approved by Firefox, I may have to find another webmail notifier but that would not be a problem, any other addon you would suggest?

Link to post
Share on other sites
HawkMan

Windows malware/adware/viruses do not work on Linux. The reason behind this is as you said, root access.

No, no no NO!

 

  • Like 1
Link to post
Share on other sites
TPreston

ITT people with no idea about the concept of computer security... Talk about computer security.

Link to post
Share on other sites
HawkMan

 

 

It takes alot of resources to protect windows.  We have so many endpoint protection applications running compared to what would be required on linux. 

If it takes a lot of resources to protect windows, you have a terrible IT department who don't know what they're doing and don't understand the tools available to them with windows management AD and policies. You set it up once, and it takes care of itself. 

Link to post
Share on other sites
HawkMan

That's another good point. I'm looking at lower specced laptops due to cost, and hopefully battery life, so resource usage will be pretty relevant for me.

 

 

edit: I wish 'nix was fully useable on the Surface Pros, but not quite yet lol. I'd just keep using that.

You don't need high specced computers for windows. The school I work at now, only buys second hand computers from a company specializing in buying computers of from large compnies who constantly changes to the latest and greatest, they clean them up, make sure they work. drop in refurbished power supplies. and voila the school can buy a whole lot of really nice Lenovo T410's with i5's for next to nothing. also have older ones with first gen i3's and Core Duos from much earlier buys. they all run excellently with the set up used here. 

Link to post
Share on other sites
HawkMan

Reductio ad absurdum? Hardly a useful system for most people. Why don't you cut your internet lines while you're at it

:p

So first you go on about how windows is "un-secure" because you can just click a button for admin rights, and how Linux is much better because you have to type a password. And when someone points out you can easily set windows to be just as secure(and more so) than that requiring the same thing. then it's absurd and you might as well not use the internet... 

Meanwhile in normal usage after MS started enforcing no admins since Vista, Windows today can be run perfectly fine and you can install most any software and run it without an admin user and without accss to admin rights. whereas Linux asks for admin rights all the time...

  • Like 1
Link to post
Share on other sites
HawkMan
 

Long boring story with boring details lol, I'm just tired of dealing with 3rd party suites. I did consider going the Win firewall + Defender route, but I've seen too many reports like the one simplezz posted above. I want to try something that has fewer doors to close and fewer worries about whether I'm forgetting something or missing something, that's all.

Just make a new user with basic rights and no access to admin rights and with UAC set to strictest mode. 

Link to post
Share on other sites
HawkMan

Linux has a superior privileges system than Windows. Most executables are not executable by default.

 

On windows, you just press yes to everything and it has full access to your system. With linux, programs have a harder time getting full control.

 

Sure, you can harden Windows all you want, but by default, Linux is more secure.

 

We can also say that we have less vulnerabilities, because we have more eyes to see the code.

 

 

Anyway, if you really want protection, use rkhunter and chkrootkit. ClamAV is recommended if you share with a Windows computer or use Wine, although many Windows threats are not compatible with Wine.

By default is not what "inherrently" means. and no it's not "inherrently" more secure.

And no, having more eyes does not make it have less vulnerabilities or more secure, as has been proven time and again. with the biggest securiy threats on the internet in the last few years being linux network code related. 

 

The biggest security dangers are the ones that live outside the OS that you can't defend against on your own computer and you may not even be aware you're being "attaked" or "lured" with. 

  • Like 1
Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.