Why Linux servers are more secure than Windows

The Linux/Windows debate is an oldie but a goodie, and there have been many long threads on most computer related forums discussing their relative merits. Linux is free, open-source and community based. Windows is expensive, professionally developed and has effectively held a monopoly over the software industry for the past couple of decades. Whatever other reasons there may be to choose one of these Operating Systems over the other, I wanted to find out which one was more secure and why.

Linux Severs

Image credit: Flickr

After a little bit of Googling, it became apparent that Linux is generally considered more secure than Windows, not because of any inbuilt security feature but because of the structure of the OS as a whole. Linux was always designed to be a multi-user O.S where only the root user had administrative privileges, and where all administrative actions are password protected.

The kernel of the Linux OS is better protected than Windows', fewer users and programmes have permission to access it and each other. In technical terms, this means that Linux has higher modularity and that damaging one module need not necessarily harm the rest of the system.

(N.B Since both Linux and Mac are based on Unix architecture, a lot of this will apply equally to Mac's Server OS known as Rhapsody.)

Another advantage of Linux is that fewer worms/virii target it than Windows. It is secure partly because it is less popular amongst home PC users. This does not, however, mean that Linux will be prone to a greater number of attacks as it gains in popularity. This myth has been debunked time and time again and in fact, Linux already accounts for around 10% of all personal computers. This goes to show that Linux is genuinely a more secure OS, out of the box, regardless of how popular it is.

More important than the type of OS you choose, is the way you secure it. Restricting access, managing the level of application security and creating a regular back-up/restore procedure are all more important than choosing the right OS. Overall, the general consensus in the computer security community is that whilst no OS is perfect, Linux is innately more secure than Windows and will remain so for quite some time. In the words of Linux enthusiast Robert Pogson (of pogson.6k.ca) “Freedom from malware for a few more years is worth many times the cost of migration to GNU/Linux.”. 

What’s Hot on Infosecurity Magazine?