back to article Gone

Promo article gone

COMMENTS

This topic is closed for new posts.
  1. Thomas 4
    Coat

    Designing a perfectly safe computer

    The most secure computer is one that doesn't power up and lacks a keyboard, mouse and touchscreen. The hard drive is housed in a cpu tower made of heavily padlocked concrete and it has absolutely no ports anywhere on it. No, not even that one.

    1. Anonymous Coward
      Anonymous Coward

      Re: Designing a perfectly safe computer

      Sounds like a failed government IT procurement project.

      1. Flywheel

        Re: Designing a perfectly safe computer

        I believe the US Army have given these to their tropps to stop them reading the Guardian online

        1. Mr. Moose
          Black Helicopters

          Re: Designing a perfectly safe computer

          Nah, they use this:

          http://spi.dod.mil/lipose.htm

          Don't worry though, the NSA keeps watch over it to make sure no bad guys can get you! Promise. ...

    2. The Man Who Fell To Earth Silver badge
      FAIL

      Re: Designing a perfectly safe computer

      One first needs to define what is meant by "safe". Is a computer that is not connected to any network but has no security software except that native to the OS "safer" than a computer with all sorts of "security" software running but is directly connected to the internet? It all depends on the definition of "safe", as well as what functions the computer needs to perform.

      So let's first define what functions the computer needs to be capable of performing, and then define what is meant by "safe". Only then is there any chance of a meaningful discussion.

      1. Magister

        Re: Designing a perfectly safe computer

        "Safe" is probably the wrong word. However, you make exactly the right point.

        You have to define the risks before proposing the appropriate measures to secure something. Once you have declared what those are, you then have to decide how likely those issues are and if it is worth protecting against the specific threats.

        I would say that the biggest single threat over the next few years would be the stability of the electrical supply. It doesn't matter what OS you have, no electric means no computer.

        Power cut reduces

        Your expensive computer

        To a simple stone

    3. This post has been deleted by its author

    4. smartypants

      Re: Designing a perfectly safe computer

      Wouldn't that cause severe injury if you dropped it on your foot?

      Surely the only secure computer is the one that hasn't been made yet.

    5. itzman
      Devil

      Re: Designing a perfectly safe computer

      Needless obfuscation. The only safe computer is one that has no power.

  2. Tchou
    Coat

    Secure OS

    I once run a perfectly secure OS.... on an Atari... It was in ROM.

    1. Phil W

      Re: Secure OS

      Doesn't really make it secure, it could still be affected by malware injected into the portion that runs in RAM. Some of it has to after all, you can't run an interactive OS purely from ROM.

      1. Anonymous Coward
        Anonymous Coward

        Re: Secure OS

        Indeed. And having the OS in ROM means that if there is a security problem it can't be patched.

        1. Tchou
          WTF?

          Re: Secure OS

          On Atari machines, the OS don't stay in memory when an application is launched.

          That's why "quitting" an app on an Atari means reboot, not going back to the desktop. It have to be reloaded entirely.

          So if something bad happen - because of a program, like a virus or else - the OS is not at fault.

          But hey, it's El Reg, you're not supposed to actually know what you post about.

          Cheers.

    2. nematoad

      Re: Secure OS

      "I once run (sic) a perfectly secure OS.... on an Atari... It was in ROM.

      Yes, I did too , but I got the Ghost virus off an infected disc from a magazine and it was an awful job to get rid of.

      Most secure O/S. One that's not switched on, I reckon.

      Other than that FreeBSD has a good track record.

    3. Tom_

      Re: Secure OS

      Oh yeah? I remember my first encounter with a computer virus was on the Atari ST. The virus was called ghost and it would invert the vertical coordinate of the mouse pointer. It stayed resident in memory through reboots (you could power down for around a minute without guaranteeing RAM was cleared) and spread across loads of my disks. It wasn't catastrophic, as no data was lost, but it got quite annoying until I trained myself to use an inverted mouse almost as comfortably as one that worked normally.

      I later went on to get a job at a game development studio, where I found out my boss was the twerp that had created said virus.

    4. BillG
      Happy

      Re: Secure OS

      Most secure OS I ever ran was Windows 2000 with Outpost firewall.

    5. This Side Up

      Re: Secure OS

      Apart from "there's no such thing", the safest OS is one that

      a) is scarce enough that it isn't worth while anyone bothering to attack it;

      b) is owned by someone who isn't important/rich enough to attack regardless;

      c) lets you know exactly what it's running;

      d) has an email client that displays messages in plain text and shows links clearly;

      e) has a web browser that displays link URLs clearly and doesn't run any active code;

      f) doesn't allow automatic remote installation or updating of software;

      and probably a few other things I haven't thought of.

  3. dogged
    Meh

    The one built by a competent admin

    Perhaps stupidly, the easiest OS to secure is probably Windows 8 because it has built in on-by-default AV and firewall.

    That doesn't mean its the most secure. I could build you debian server than would give anyone pause - in fact, that's probably the most secure OS build that I personally could produce. However, just because it runs on debian or a fork thereof doesn't mean it's secure - Exhibit A being Eadon's blog.

    1. Yet Another Anonymous coward Silver badge

      Re: The one built by a competent admin

      >Windows 8 because it has built in on-by-default AV and firewall.

      And it has free automatic cloud backup of all your emails/website visits and IMs

      1. fishman

        Re: The one built by a competent admin

        <<<And it has free automatic cloud backup of all your emails/website visits and IMs>>>

        So does the NSA.

        1. dogged

          Re: The one built by a competent admin

          They do regardless of your choice of OS, sadly.

      2. Anonymous Coward
        Anonymous Coward

        Re: The one built by a competent admin

        >Windows 8 because it has built in on-by-default AV and firewall.

        Server 2012 because it has no GUI and a smaller attack surface.

        Or Hyper-V server 2012 - which has an even smaller attack surface...

        1. dogged

          Re: The one built by a competent admin

          Or Hyper-V server 2012 - which has an even smaller attack surface..

          True but as it's quite hard to use Hyper-V server as a desktop OS, it's out of score (per original question).

    2. jmk89
      Pint

      Re: The one built by a competent admin

      What happened to that Eadon dude? I notice all of his posts have been deleted by the admin!

      1. S4qFBxkFFg
        Meh

        Re: The one built by a competent admin

        That's a shame, he was a bit of an over the top, one viewpoint, one-topic poster, but surely there's space for people like that? (It's also comforting to have some small certainties.)

        There are a few users on this site I find a lot more offensive than Eadon but I wouldn't want them banned for just that.

  4. AbelSoul

    Number of users is a factor

    I still use AmigaOS (and variant MorphOS) online from time to time and have done for about 20 years. To my knowledge, none of the various machines have ever been infected with anything malicious. This has nothing to do with the inherent security of the system; as far as I can tell, these systems are almost entirely devoid of security. Rather, the tiny community of users just isn't substantial enough to attract the nasty buggers.

    Same goes for my now-defunct PPC Linux install.

    I also use Macs as my main machines, have done for about a decade. In that time I'm only aware of one bit of malware that infected an iBook about five years back. It was simple browser redirect and easily removed.

    My Windows machines, which have always been the least used of the lot, have been struck down with numerous ailments over the years, despite these being the only ones I ever bothered to attempt to protect.

    Does this mean Windows is inherently less secure than the others? Does it bollox. It simply has a far greater user base and is therefore more enticing to malware authors.

  5. AndrueC Silver badge
    Joke

    CP/M. Very few viruses, rarely targeted by botnets. Currently has no Flash or Java clients available :)

    1. Ole Juul

      That's no joke

      CP/M. Very few viruses, rarely targeted by botnets. Currently has no Flash or Java clients available.

      In addition to my desktop OS, I currently run a pure DOS machine for certain tasks. Despite it having network clients, I'm not expecting that machine to be compromised any time soon.

  6. deadlockvictim

    Definitions

    It all really depends on what your definition of security is.

    I define it as the state where only those authorised in and out may do so.

    A well-configured UNIX box is not very secure if those not authorised have physical access to it.

    A well-configured UNIX box might be very secure, but if its users spend their time spewing their private lives across the internet (as many of us do), then one might wonder what the point of security is? Loss of privacy just without the hassle?

    A box running Windows 98 with one user and no internet (or other network access) is pretty much very secure although it seems to be the very antithesis.

    In the end, I think that it makes little difference which system is the most secure as long as one doesn't feel threatened. Few of us have enough knowledge to properly secure our systems and most people seem to actively not want to know about it. Why else would Facebook, Google et al. be so popular if people were concerned about security?

  7. MJI Silver badge

    Secure I have used

    Vic 20, Concurrent CPM, Netware 3.x 4.x 5.x

    Surprised but it caught one.

    Real 32, managed to get a virus on it, but a reboot killed it, we could tell it was infected as the screen went funny, whereas on MSDOS it did not.

    Spread on a floppy.

  8. Adam Christie-Grant

    Well...

    If its connected to a network its not secure... AT ALL...

    1. Ole Juul

      Re: Well...

      If its connected to a network its not secure... AT ALL...

      As it stands, that statement is incorrect, unless you're talking about specific situations. Perhaps you're confusing server and client software. I can run a single user OS, connect to the net, and not have any possibility of outside control of the machine - you could too.

  9. Luke McCarthy

    VMS?

    I heard that one is hard to crack.

    1. dogged

      Re: VMS?

      Not especially. I once got hired to firefight a VAX where the admin had changed all the passwords and then had a nervous breakdown and run off to Laos.

      It wasn't that much tougher than cracking NT. Irritating more than hard.

      1. Anonymous Coward
        Anonymous Coward

        Re: VMS?

        If you have physical access to a VMS system, then getting privileged access is easy (and documented in the vendor's manuals), much as it is easy on many other systems where you have physical access.

        If you don't have physical access to the system and just have access to a non-privileged (aka non-root) login, then best of luck to you. In some cases it may be occasionally possible to do unauthorised stuff depending on OS version and patch level. In most cases, VMS security is close to unbreakable. Certainly much closer than its alleged successor, WNT (and derivatives thereof).

        1. dogged

          Re: VMS?

          Digital were sadly unforthcoming in supplying replacement manuals, even to the state owned electricity company of a (at the time) booming EU nation.

          Without those, privileges were seriously annoying to achieve.

          1. An ominous cow heard

            Re: VMS?

            You're trolling.

            Any competent VMS sysadmin knows how to do a "conversational boot" to break into a system, given physical access, and they don't need a docset (on paper or on CD or on the web) to do so.

            It's *very* disruptive ("boot" is a hint).

            "privileges were seriously annoying to achieve."

            Exactly. It's secure. Not perfectly secure, but better than its alleged successors.

      2. Chris King
        Holmes

        Re: VMS?

        If you have physical access to the system console, all bets are off. Same goes for any system, really.

        And you can still turn VMS into a security Swiss cheese if the system manager is incompetent or malicious. My last employer hired in security consultants from DEC to audit a VMS machine, after the previous system manager had let his mates play "Admin Wars" in SYSTEM. That box was such a mess, they ended up retiring it a year early and they transferred all the users to a new Alpha, auditing every utility and command procedure before installing it on the new system.

        If that wasn't enough to contend with, some bright spark had the idea of letting IT students have root access to a Red Hat machine with internet access. You can probably guess how badly THAT went.

    2. h3

      Re: VMS?

      It has CDE and Firefox so it should probably be enough.

    3. Steve Graham
      Devil

      Re: VMS?

      My VMS hack was something like this: the VMS equivalent of the "wall" command (i.e. "write all terminals", I forget its name - it was a long time ago) was available to all users, and did not filter escape sequences. Everyone had a VT-100 or similar.

      My broadcast contained a sequence that caused the terminal to send a line as if the user had typed it, to copy a modified executable of my own in place of a system one. Then the line on screen was erased and the cursor put back where it had been. It was fast enough not to be noticed in most cases.

      The command failed (silently) for every session except that of the actual system manager, of course.

      On 1st April, I was able to impersonate a system manager and announce an emergency shutdown, causing panic among those who didn't save work frequently. I got a talking-to in the boss's office for that.

      1. Anonymous Coward
        Anonymous Coward

        Re: VMS?

        Well done Steve.

        You knew about the autoanswerback fun. Good start.

        You used the operator broadcast mechanism (which needs OPER privilege, which by the sound of things somebody shouldn't have given you?) to send the VT100 (or any other terminal with programmable answerback) the escape sequence to program the answerback, and put something destructive in the answerback.

        You then used the same mechanism to send all the lines the command string which causes the terminal to send its autoanswerback (was it Control-E, I forget?).

        If a hardware-vulnerable terminal is not logged in, nothing much happens.

        If a hardware-vulnerable terminal is in an application, the application sees some unexpected input.

        If a hardware-vulnerable terminal is at the VMS command prompt logged in to a non-privileged account, the "shell" sees your command string and says "can't do that, you don't have the necessary privilege" (as you already described).

        If a hardware-vulnerable terminal is at the VMS command prompt logged in to a privileged account, you may see something interesting happen, again as per your description.

        Lots of luck in that, apparently including having an incompetent manager, and definitely no guarantees of success.

        The same scenario potentially also applies to a UNIX/Linux session on a serial terminal (or emulator). It was a known area of concern at least as far back as 1999 e.g. ftp://ftp.cs.utk.edu/pub/shuford/terminal/answerback_news.txt says "If the terminal [emulation] allows the host to program the Answerback string, it can become a security hole."

        This is really a vulnerability in the terminal not the OS, and iirc from DEC's VT200 series on (other terminals and emulators are available), autoanswerback was disabled by default.

        Now compare with the popular desktop OS and its vulnerabilities: frequently no luck needed, excellent chance of success (if you pick the right security hole).

  10. DrXym

    Probably the least used

    Windows has fairly reasonable access controls and privilege elevation is required for certain tasks, but it's as vulnerable as the person using it. If it's *their* desktop and *they* have admin rights then no amount of security will protect them from even a crude attack. With so many people using Windows, it's like shooting at a barn door. If Windows only had 1% of the market then simply by virtue of this most of the trojans wouldn't exist.

    So while I think OS X and Linux have a far better security model (based off sudo) for privilege escalation, and Windows has historically had awful security I also believe that if OS X or Linux were as popular as Windows that they'd be the main target of attacks.

    1. Anonymous Coward
      Anonymous Coward

      Re: Probably the least used

      "With so many people using Windows, it's like shooting at a barn door. If Windows only had 1% of the market then simply by virtue of this most of the trojans wouldn't exist."

      Widely repeated, not really true.

      Windows itself wouldn't be any more secure if it had only 1% of the market.

      In fact if the other 99% were more secure than Windows, then Windows would still be the popular attack target, because it'd be more vulnerable than the others. A Window box would be the "low hanging fruit".

      1. Anonymous Coward
        Anonymous Coward

        Re: Probably the least used

        It's right that a little-used OS is no more secure if its only present in low numbers. But it probably would be less vulnerable to attack.

        Its no good targeting low hanging fruit, if there's only two apples you can pick.

        How many computers can you take over if

        1) you have a 95% chance on 5 computers

        2) you have a 20% chance on 500 computers

        3) you have a 5% chance on 50,000 computers

        also obscure OSs are probably not used for something that can readily be turned into profit for the hacker. or have unusual software used for facebook, email, online banking.

      2. DrXym

        Re: Probably the least used

        It's quite obviously true. The bigger the target, the more likely you are to score a hit. If 90+% of people were using Ubuntu then doubtless we'd see spams from "Ubuntu Security Centre" urging people to download a security "patch" etc.

        1. Anonymous Coward
          Anonymous Coward

          Re: Probably the least used

          DrXym, you're mixing up spam and security.

          General comment: If Windows were to magically go overnight from market dominance to market insignificance, the OS itself would be no more (or no less) secure. It might (or might not) be less attractive as a target - so what?

          Ditto if by some miracle desktop Linux would go from insignificant to significant.

          In both cases, the same OS vulnerabilities as existed yesterday would still exist tomorrow. The OS would be as secure as it was the day before. How could it not be?

          1. DrXym

            Re: Probably the least used

            "In both cases, the same OS vulnerabilities as existed yesterday would still exist tomorrow. The OS would be as secure as it was the day before. How could it not be?"

            It's not all a case of what vulns exist but the threat of exploitation.

            Think how most desktop (as opposed to workstation / server) PCs are compromised - drive by sites, phishing attacks, trojans, malware. They social engineer a user to visit a site or click through some dialogs to the point that software is installed. Then it doesn't matter a damn what security the OS had because it's been bypassed. Every desktop OS allows users to do this and most desktop users are going to be their own admins so there is nothing to stop them doing it.

            But these attackers are going after the biggest user base, so just using a more obscure OS lowers the threat. Not necessarily because the OS has less vulns (though that's not a bad reason to choose an OS) but because it's less likely to be the target in the first place. For example I expect that AROS users suffer zero pwnage not because AROS is a secure OS but because the threat is virtually non existent.

            1. Anonymous Coward
              Anonymous Coward

              Re: Probably the least used

              OK, let's try DrXym with a different one.

              Let's assume no one significant uses DOS any more (how safe an assumption is that)?

              Let's follow the "logic". Doesn't DrXym's logic mean that because there's no worthwhile userbase, DOS is magically now a "secure OS"?

              Of course DOS isn't magically a secure OS simply because it's lost its userbase.

              We can safely say that if almost nobody uses an OS, it's almost certainly not an attractive target for malware authors.

              But if someone were to start using DOS again for some reason, it would be just as (in)secure and vulnerable as it always used to be. Not very secure at all, and very vulnerable.

              Any clearer now?

              1. LaeMing
                Boffin

                Re: Probably the least used

                The main problem with all these 'superior market = more attacks' arguments is they assume that the Desktop market is predictive of all IT sectors. In markets where (for example) Linux boxes out number Windows boxes 3:1, Windows is still by far the leading target for attacks on that sector.

                1. graeme leggett Silver badge

                  Re: Probably the least used

                  @LaeMIng

                  Is it the local sector size that determines the attractiveness of Windows as a target or the global size?

                  A malcreant with a botnet cares not whether his (or her?) target resides in the depths of the oceans or on a mountain peak. Unlike a biological virus distance is no protection against infection. So they target the largest installed base globally, and by that route the lone windows desktop in a sea of Mac laptops and Linux boxes also catches a nasty cold.

                2. DrXym

                  Re: Probably the least used

                  "The main problem with all these 'superior market = more attacks' arguments is they assume that the Desktop market is predictive of all IT sectors. "

                  I was very specific and qualified my remarks to refer to desktop users. On the desktop attacks are most likely to be random - phishing, warez and so on.

                  Enterprise workstations and server are going to have different threat models where PCs are sharing a local network, where there is a mix of workstations and servers, where there are administrators, where there may be spear phishing, or other trojans deliberately designed to spread around through the network. Where the threats might internal as well as external.

      3. monkeyfish

        Re: Probably the least used

        Case in point: My dad clicks 'OK' to everything. EVERYTHING. He asked me to look at his laptop to see why it was running so slowly, and I found 3 competing AV products, countless toolbars, and God knows what else. And this was with vista! Yes even Vista with it's over-bearing UAC couldn't stop a man who clicks 'OK' without reading the dialogue. UAC couldn't save him, and neither would any version of any OS on the planet. He won't listen either, so I officially gave up looking at any computer he owns (and gave up using them either..)

        1. t.est
          Coffee/keyboard

          Re: Probably the least used

          Wheter u like it or not, give him a mac.

          Escape for escaping the trouble, mostly at least.

      4. John Savard

        Re: Probably the least used

        You're forgetting the script kiddies. That's why OS/2 is "secure" in a practical sense, regardless of its intrinsic security virtues.

    2. Uffe Seerup
      FAIL

      sudo is not a security model

      sudo is a kludge, developed because of a lacking underlying model where privileges cannot be properly delegated. It is not part of a "model" - indeed the sudoers exists in parallel with and competing with the real (but inadequate) file system permissions.

      sudo breaks one of the most important security principles: the principle of least privilege. sudo is a SUID root utility and will run *as root* with *unlimited* access.

      Some Linux distros now use Linux Capabilities (although these have not been standardized). Had capabilities existed when Unix was created, we never would have had the abomination that is sudo.

      Many vulnerabilities in utilities that must be started with sudo have lead to system compromises *because* of the violation of least privilege. Sendmail allows you to send a mail. But it requires you to run it as root. So you run it with sudo, allowing users to sudo sendmail. But a simple integer underflow (like this one: http://www.securiteam.com/exploits/6F00R006AQ.html) can now lead to total system compromise!

      The security problems with sudo and other SUID root utilities are well-known so please do not try to pass it off as a superior "model". It was always and remains a kludge that is used to drill holes in a too simplistic, file-system oriented security model of the 1970ies.

      How is a security auditor supposed to audit the capabilities of users? Once a user is allowed to execute binaries with root privileges through sudo or other SUID root's the security auditor have no way of knowing what can be done through those utilities, short of overseeing the process by which they were compiled and distributed. The operating system cannot guarantee that the file system privileges are restricting the users as they can be bypassed by sudo/SUIDs. Compare that to operating systems with security models where the permissions are actually guaranteed to restrict the account.

      SELinux has a security model. Sudo is not a security model, it a drill that destroys security models.

    3. Anonymous Coward
      FAIL

      Re: Probably the least used

      "I also believe that if OS X or Linux were as popular as Windows that they'd be the main target of attacks."

      A popular myth held onto by Windows apologists.

      IF that were true and infection were proportional to market share then of the 2 million or so viruses and Trojans released each year one would expect to see anywhere from 200,000 to 500,000 malware for Linux, but such is not the case.

      Even though Microsoft still has the PC OEMs by the shorthairs because of the low profit margins in that commodity industry, and most laptops are shipped with Windows, a significant portion of them, like mine, are dual booted with or replaced by a Linux distro. Windows keeps the retail market channel tally, but Linux gets the machine. It makes Windows installation appear to be more than what they really are. And, with Win8, Microsoft kicked gamers to the curb and told ARM tablet makers to get lost. They "thought" that their "Secure Boot" and UEFI locks would prevent users from installing Linux, but it hasn't. It has driven former Windows users to Linux, and encouraged game makers to offer Linux versions.

      As far as viruses and Trojans on Linux are concerned, I have been using Linux since RH 5.0 in May of 1998, and I have yet to see a Linux virus or Trojan. Lots of claims by AV software houses trying to salt the mine, but no "in the wild" occurrences. In fact, I used to play with Windows viruses by installing WINE and playing with them to see what their payload was and how it was deployed. Then I'd uninstall and reinstall WINE and try the next Windows malware. It got boring because there are only about eight attack vectors and the bad guys could create a "new" virus by editing the source file, moving things around or renaming global variables, and recompiling. The result would fool AV tools until a new signature was created and added to the dat file, which sometimes took quite a while.

      1. Tabor

        Re: Probably the least used

        @GreyGeek77: I don't really see how you got from Windows being the most interesting target (due to the install base) to "proportional to market share". Nobody ever stated that is was proportional. I do agree that Linux might be inherently more secure than your average Windows box, but a lot of that is due to the fact that Linux users are in general more knowledgeable than the average joe. And Joe just luuurves clicking "OK", "Yes", "Continue" to get what he wants.

        And, though it saddens me, many people just don't want Linux. Case in point : after cleaning out our IT storage at the place where I work, we uncovered about 30 working machines (desktops and laptops). Old, but in good working order. We could have just have had them "processed" through proper channels (i.e. wiped and recycled), but me and the lads decided to do the wipe ourselves and install a clean (though insecure, because no disk encryption, autologin and weak password) Mint on them, and donate them to schools and charities. 25 of these are still looking for new owners.

        Off-topic : I assume the 77 in your nickname refers to your age, not to your birth year ? If not, I should be greyer than you. Then again, if you did RH 5 in 1998... that might explain things :-)

      2. TheVogon
        Mushroom

        Re: Probably the least used

        "IF that were true and infection were proportional to market share then of the 2 million or so viruses and Trojans released each year one would expect to see anywhere from 200,000 to 500,000 malware for Linux, but such is not the case."

        Because hardly anyone uses Linux as a desktop OS so the benefits of Linux malware are not worth the effort to the writers.

        However, Linux is popular as a webserver, and in that role because of it's order of magnitude more vulnerabilities than current Windows versions, it is hacked to shreds. Even allowing for market share, you are several times more likely to be hacked running an internet facing box on Linux than Windows: http://www.zone-h.org/news/id/4737

        1. Anonymous Coward
          Anonymous Coward

          Re: Probably the least used

          The most important bit I saw at zone-h was this one: "code devel­oper teams and web­server admins are still liv­ing in two dis­tinct worlds. And if some­thing is not work­ing prop­erly, their answer is that this is most likely the other side’s fault. While this “fight” con­tin­ues, the deface­ment count still grows up."

          Before that comment, the zone-h page quotes website defacement figures from 2010, and attributes a good many of them to things like issues with content management systems.

          Is the OS to blame if a different supplier's CMS has a problem?

          Microsoft is to blame if Windows has a problem or an MS webserver has a problem.

          Netcraft say that back in 2010, MS had very very roughly 20% of the webserver market, and Apache (on Linux?) 60%. Call it very roughly 3 to 1, Linux vs Windows.

          Zone-h say that in 2010, they noted (roughly) 1.1M defacements on Linux webservers and 200k on MS webservers.

          "you are several times more likely to be hacked running an internet facing box on Linux than Windows"

          Normalise the defacement numbers so the populations are the same for the two OSes and according to my slide rule it's roughly twice as many defacements on Linux as on MS. Arguably not "several", but certainly the odds in 2010 looked significantly worse on Linux than on MS. That'll surprise some folk.

          Now, that's a statistic.

          Maybe it's a security statistic.

          Is it a relevant and important statistic this year?

    4. TheVogon
      Mushroom

      Re: Probably the least used

      "So while I think OS X and Linux have a far better security model (based off sudo) for privilege escalation, and Windows has historically had awful security"

      Windows has a much stronger model then SUDO, with proper constrained delegation, and advanced features not even available on OS-X and Linux like Dynamic Access Control. Windows also has proper ACLs and auditing built in from the ground up - you don't need to run experimental NFS filesystems, or install kludges like SEL to get proper security....

  11. Evil Auditor Silver badge

    Qubes OS

    Someone here's got any experience with Qubes OS?

    1. Eugene Crosser
      Thumb Up

      Re: Qubes OS

      Did not try it myself, but the concept looks about as good as you could get if you need to keep your system usable.

      For curious, this is the place

      1. Anonymous Coward
        Anonymous Coward

        Re: Qubes OS

        Thanks for the link. Qubes is very interesting.

  12. Anonymous Coward
    Anonymous Coward

    Shhhh

    This reminds me of the big bang episode where the girls go to the comic book store and ask which is the best hero. After being entertained for some time on the comment section as users insult other OS's and take offence at their OS being insulted you guys at the reg just couldnt help it could you. And I thank you in advance for the entertainment to follow.

    The secure OS has a simple and only instruction to print Hello World on boot. Beyond that we are in the trade off world of freedom vs security and fool proof vs usable.

  13. Shagbag

    Stupid Question

    Security is a process not an event.

    The only 'secure' computer is the one that is not switched on.

    1. Pete 2 Silver badge

      Re: Stupid Question

      > The only 'secure' computer is the one that is not switched on.

      Can still get stolen though.

      For real security it needs to be encased in a room full of concrete inside a Faraday shield - but then: what's the point?

      In real life all that "security" does is either slow down attackers who are intent on targeting one particular computer (or bank, or person) or deter the attackers from wasting their time on the secure machine and instead targeting some easier pickings elsewhere.

  14. Anonymous Coward
    Anonymous Coward

    Most secure ever...Frozen in time?

    Discovered a PC once that was quite secure, impossible to install software on and so, permanently frozen in time!

    Think what happened was:

    Install Windows XP professional, SP3, on a standalone PC.

    Create new account name and add to the Administrators Group.

    Rename the Administrator account, then DISABLE it.

    Use Management Console to add security configurations and apply policies, IPsec etc.

    Amazing how secure it is. Cannot access services, install software, change registry settings. Brilliant and yet utterly USELESS.

    1. Danny 14
      Stop

      Re: Most secure ever...Frozen in time?

      but since there will be zero day vulns in IE (for example) these vulns bypass the "normal" way of installing malware etc. Same with rootkits using known issues, they dont rely on someone being able to install a piece of software correctly.

      the same thing you state above can be done on domains with GPOs. In fact they ARE being done with GPOs (on my network at least). Noone can install anything, change anything, update anything etc. That wont stop the network being owned by vulns but it stops casual people installing smilie packs and associated hijackers.

  15. Danny 14

    AS/400 is pretty secure.

    1. dogged

      It is.

      It also absolutely follows the maxim that security is a trade-off against accessibility. AS/400 is a nasty bitch.

    2. Tabor

      Wow. Check title of article please. Unless, of course, you use an AS/400 (or iSeries, or System i, or whatever it's called nowadays) as a Desktop OS. In which case : my hat off to you, sir.

      They're not as secure as you might think by the way. It all depends on how they are set up. I've been in close proximity to the buggers for the last 15 years, in that time I've seen a couple that were quite happily functioning as open SMTP relays. Not many, but then again there's not that many of them around compared to the others....

      Inherently secure ? No. But hard to beat on reliability (and price, but not in a good way)

      1. Danny 14

        as/400 runs many "desktops" (im extremely rusty as I moved on from as/400 at a big mill in chorley to admin a brand new mac network for Leyland DAF - mac plus and SE10s). The desktops are secure. Thin clients are still desktops - they do need a backhaul server of course.

        It could be said that chromeOS is a thin client really as they have limited functionality offline.

        As for secure when setup correctly, well duh. Linux can be insecure if you decide to let root have SSH access with a password of 1234. that being said when setup correctly I believe AS/400 to be night impossible to infect due to the way the system works.

        I have seen "roll back on boot" windows systems that basically load from a fresh image on boot - quicker than you would expect too. I suppose they are "secure" from the point of view that the desktops cannot be permanently killed, that being said it will still become a mass mailer until rebooted...

  16. Madboater

    V-Tec

    Can I claim the OS inside my daughters "my first laptop" gizmo from V-Tec? I have never had to;

    Configure an AV or Firewall

    Reinstall the OS after she downloaded some malware.

    Clear any private data before lending it to her friends.

    I am thinking of advising my boss this is the future!

    1. Antony King

      Re: V-Tec

      My son had one of those. He managed to crash it :-)

    2. jmk89
      Thumb Up

      Re: V-Tec

      VTEC's are safe enough until you go over 5200RPM

      1. lunatik96
        Coat

        Re: V-Tec

        u mean 6700 rpm

  17. Rich 2 Silver badge

    OpenBSD

    OpenBSD. No question.

    Secure out-of-the-box, and very easy to add as many layers of security on top as you want - packet filter, anti-dos, email filtering & black/greylisting, etc etc.

    Add to that some very clever internals like random memory space allocation, non-executable memory, strong privilege division in many of the core components, and you have a very string OS.

    It's not just for servers :-)

    1. MacroRodent

      Re: OpenBSD

      More importantly, it seems to have a developer community that is passionate about security. It also helps it is even rarer on desktop than Linux distributions, so very unlikely to be targeted by criminals that are after a quick buck.

      On the other hand, I am not sure how much its strong underpinnings help when you add the necessary desktop software like Firefox and LibreOffice. A desktop using only what the default OpenBSD installation operation installs (which is the only one with security guarantees) is probably useful only for editing text files with vi...

    2. Gert Leboski
      Thumb Up

      Re: OpenBSD

      I concur. Secure by default and surprisingly easy to administer. In fact, a lot of its security stems from its simplicity. Mainly use it for servers, but makes a great desktop for serious work.

    3. Eugene Crosser
      Boffin

      Re: OpenBSD

      Having a secure OS is not enough. These days, many exploits are very high level: XSS and suchlike. They never leave the browser, so the OS has no chance do deploy its defences.

      Qubes mentioned in this thread tries to address this problem by sanboxing multiple instances of the browser in separate VMs.

  18. Anonymous Coward
    Anonymous Coward

    Pro Tip to the Reg - whenever you're asking people to do a survey - ie, give you information for free, make sure that it isn't 800 questions long otherwise no-one will do it. I stopped it about 10 questions in when I realised how much shite there was.

    1. Anonymous Coward
      Anonymous Coward

      Pro Tip to El Reg

      You did well to get as far as 10! Smacks of ulterior motive...

  19. mark l 2 Silver badge

    I guess running a live linux boot CD/DVD-ROM on a PC with no hard drive is pretty secure as even if you do get compromised any root kits, trojans etc have nowhere to write too other than RAM which can be cleared with a simple power off but no possibility to install any extra programs

    1. Anonymous Coward
      Anonymous Coward

      Security isn't all about Trojans and viruses - If you've got an OS on read only media, you can't change the passwords, that's a pretty massive security flaw, even if you made the image yourself and don't have the standard password offered by the distro manufacturer.

      1. Tomato42
        Stop

        what LiveCD doesn't allow you to disable sshd or change passwords?!

    2. Anonymous Coward
      Anonymous Coward

      You're still mixing work with play. If you login to important accounts they can still be compromised. Isolated VMs are the only way to go, with or without live CD booting in some of them.

  20. Mad Chaz

    Most secure OS is one where the most vulnerable element, located generally around 18 inches from the screen, as had proper training in the basic skill of reading.

    Unfortunately, those are surprisingly rare.

    1. Anonymous Coward
      Anonymous Coward

      as had proper training in the basic skill of reading.

      Porper training in tryping is good too.

  21. cheveron

    Probably TAILS (https://tails.boum.org). However, the weak link isn't the OS, it's the user.

  22. Robert Helpmann??

    OS vs Implementation

    To take the troll bait, the issue here is not what would make a completely bulletproof brick of a machine. Rather, it is which desktop OS best allows the implementation of security features. I suppose "implementation" in this case would also include "just doesn't need it," but that may be a harder argument to sell.

    Perhaps we should also stipulate there is a difference between environments. What works at home is not necessarily the best solution for work. There may also be a difference between who is on the machine and what they are doing. For example, I keep a live CD handy for when the kids have one of their friends over who "just needs to check Facebook" (achieving security by providing a disincentive for using my machine and also not allowing writes to the HD).

    There is no "one best solution."

    1. Anonymous Coward
      Anonymous Coward

      Re: OS vs Implementation

      What you say is true, but as pointed to above and an OS I've just started to read about Qubes is interesting.

  23. Velv

    Depends what you want to do with it

    What might be considered a "safe" OS for one purpose might not be "safe" for another.

    It comes down to risk and impact. What is the impact if a breach occurs, and what is the risk of that breach? What do you stand to lose?

  24. Wardy01

    WTF ...

    Why do people have to take this stuff to the extreme.

    It's a given that any computer with any means to take input from its surroundings is inherently insecure at some level but do you guys really have to be such douchebags about it?

    I believe the question should have been worded differently, perhaps something like ...

    Given that total security is impossible for a connected computer, what does the community feel is inherently at least of a risk from every day threats from a clean install and easiest to keep at a peak?

    On the basis that linux kernel source code is given away freely to any that would care to download it I would be inclined to suggest that linux is one of the least secure systems out there.

    My thinking would be on that basis that some corporate OS would be more secure.

    That said, the fact that the source code is freely downloadable makes it easier / faster to point out and resolve security concerns.

    So linux is both the least secure and the most secure "kernel" out there today.

    As for implementations that sit on that kernel ... it is like most things, open to interpretation.

    I would argue that to some extent the security of a computer is down the competency of the person securing it, it's a simple matter of "the more you know, the more you can handle".

    With that in mind ... there is no 1 "most secure OS".

    For example:

    I could put the windows dev team up against say canonicals dev team and set them a challenge to keep a computer running for the longest possible time without infection / compromise that can be proved then set the world on both.

    It's reasonable to assume that both could win in such a scenario and both could lose.

    1. Jamie Jones Silver badge
      FAIL

      "That said, the fact that the source code is freely downloadable makes it easier / faster to point out and resolve security concerns.

      So linux is both the least secure and the most secure "kernel" out there today."

      There are many other open source kernels than just Linux.

  25. SecretBatcave

    this one:

    Its not that powerful, however its fairly immune to network based attacks:

    http://teepoo.files.wordpress.com/2010/11/20100105-moleskine.jpg

  26. mike acker

    if you were interested in computer security you would study the methods used by attackers. The question for the hacker is : get code execution.

    code execution could be a root kit or just a macro running in a word document or java running off a web page. no matter, it's important to ask: what can that code access, exfiltrate or manipulate?

    now that we have polymorphic virus programs and millions of new samples appearing each year the virus scan is less effective that it needs to be . we have to monitor and limit program behavior.

    I'm running Linux now, with my browser confined using AppArmor. It's a good package. Sadly, it's not for everyone.

  27. ehoffman

    It's already been designed... over 30 years ago!

    It's the Commodore 64!

    Well, think about it... You power-cycle it between each application/game, so nothing stay resident in memory to corrupt other programs. And it's also mostly single-application, so no inter-application hijacking. And one big plus, when you insert a disk and run something, usually you turn the computer off, and swap the disk before loading something else. So having independent disks make it very efficient at eliminating virus propagation. That's not to forget that the C64 firmware is all shelf-contained in the C64. No booting of a disk MBR. And yes, apart from old clunky 300/1200 baud modem, there's no network connection, no constant 'always-on' connection, and even less of a TCP/IP stack. Just plain point-to-point connection to those good old BBS!

    But last, the best part of all, even with its venerable 6510, 1MHz clock, there is one thing that has NEVER been equaled, let alone even challenged, with all the PC/MAC computers over 3 decades... Even with today's 3 order of magnitudes faster processor, 6 order of magnitude more memory... It's the booting speed, and to a fully operational OS! Now just try to boot anything, from complete power down, under a second. Hell you don't even make it halfway trough POST (power-on self test) in that time.

    1. Quantum Leaper

      Re: It's already been designed... over 30 years ago!

      The C64 does have a virus or at least a FIX for the virus, I have seen the fix my computer club has a copy of the program, but I have never seen the virus. You don't need to power cycle if you install a reset switch with was very easy, almost all the member of my computer club had one installed on their computer. I used to use a 14,400 modem on my C64. I do believe a TCP/IP stack doe exist for the C64. So the only thing that make it better is not have MBR which the C64 does have but the C128 does have.

      1. ehoffman

        Re: It's already been designed... over 30 years ago!

        Yes, I know there ways to make a stock C64 have those interfaces, and there's even web pages hosted on C64 as of today! But if you look at stock C64, at the time, they didn't have those. Well, we didn't even have the Internet back then :-) Ahh, the good old days of the SID, they didn't even had decent sound on the PC until the SoundBlaster (bahhh) or the Gravis Ultrasound (Which made my friends jealous when I played DOOM) :-)

        For the reset switch, though, I don't think this clears the memory. I remember a few games that hooked the reset indirect jump vector. If I turned off/on the C64 quickly, I would jump right back into that game, with lot of fun glitches. It would need quite a few seconds of power off for the DRAM to clear entirely (to a sequence of AA and 55).

        And, I didn't knew that they had a 14.4K modem for it! I left the C64 aside before that time.

        I wonder today though if one would try to hack into the C64 addon TCP/IP firmware. I'm sure there's lot of buffer overflows in the C64. I agree that back then the security came from the limited capabilities of the machine more than anything else.

        You could always use a computer that has no Internet connection, but even there, it's been demonstrated that you can have virus, and data successfully stolen, even with an always-offline computer. I don't remember which virus it was, but cleverly designed. It infected USB drive of an online computer, which then was inserted in an offline computer. It infected it, gathered data, encrypted it and put it back to the USB drive. When that drive was put back online, it uploaded it's findings back to the originator. All doing this very covertly. So, does a secure PC exists? The simple answer is that the greatest insecurity is believing that a system is secure.

  28. Rabbers

    Consumer Software

    Let's face it, as soon as any part of the security configuration asks a consumer or hard worked employee "'I will steal your money.exe' wants to access your password file, do you want allow this, yes or no?"

    Then it really doesn't matter how good the software of hardware is now does it?

  29. mike acker

    one of the Critical Questions that is missed by security systems is: WHICH PROGRAM DO YOU WANT TO USE FOR THAT?

    when you LOG ONTO your system you are given access to files based on WHO you are and the Ownership of any file you want to open

    you might want to review this

    for example, if you are running a web page do you really want your browser to be able toaccess anything you have access to ?? remember, it's you AND the web-page running your browser...

    to control this you need AppArmor,-- or RACF

    1. Roland6 Silver badge

      @mike acker - RACF

      Now you're talking real security - it is a real shame that it is only available on zSeries - a platform that I suspect that many of the Windows and Linux folks will have had zero exposure to and would also probably refuse the opportunity to explore if given.

      1. John Savard

        Re: @mike acker - RACF

        According to the Wikipedia article on RACF, Computer Associates now owns two products that compete with it: ACF2 and TopSecret. Perhaps they might be persuaded to port one of them to Windows or Linux?

  30. Anonymous Coward
    Anonymous Coward

    The cynics guide to securing the desktop ..

    Security, is expensive, is time consuming and management can't be bothered, much easier to have a number of meetings and then produce a report demonstrating your compliance ..

  31. Peter2 Silver badge

    I don't think there is a "most secure" operating system.

    When it comes to the "most secure" the biggest issue is training, admins of any OS have extremely variable levels of competence and so do the users. A highly competent user and administrator on a more inherently insecure operating system (pick windows as an example) will actually deliver a very secure enviroment through not undertaking dangerious activities and hardening the system against unauthorised code execution/access.

    An incompetent user and administrator on a computer with what may have a better security model (say *nix) who hasn't bothered patched anything because "linux doesn't need patches because it's more secure" who also runs as root is a walking security disaster.

    Comparing the technical merits of two operating systems is easy out of the box, but who actually uses a box in it's out "of the box" configuration besides a few zealots? Ultimately the security of the system is going to depend entirely on the competence of it's users and administrators, and I think that it is very, very difficult to compare the expertise of administrators on two utterly different operating systems.

  32. plrndl

    Users

    From a security viewpoint it doesn't really matter what OS you use, if you have totally untrained users who will click on "See <insert name of starlet> naked" links without thinking.

    1. Anonymous Coward
      Anonymous Coward

      Re: Users

      Sir, I must complain - I clicked on your link "See <insert name of starlet> naked" and nothing happened, please correct this.

      Thanks ;)

  33. Anonymous Coward
    Anonymous Coward

    Live DVD running TAILS

    https://tails.boum.org/

    but check your crypto signature

  34. 45RPM Silver badge

    ZX80

    Easy. It's an unexpanded ZX80. No one will be able to hack that sucker!

    1. ThomH

      Re: ZX80

      I got 90% of the way towards hacking it but then a heavy breeze wobbled the RAM pack and I lost everything.

      1. Anonymous Coward
        Anonymous Coward

        Re: ZX80

        You need a blob of blu-tac about the size of a 50p.

  35. Darren Barratt
    Trollface

    Windows Vista

    Because nobody could stand using it long enough to do any damage.

  36. henrydddd

    My elderly neighbor has the worlds safest computer

    My next door neighbor had an old p3 computer. It was the safest in the world.

    1. It was never hooked up to a network

    2. No usb sticks were used

    3. He only uses the software that he bought with that computer,

    4. He never played a cd or dvd.

    Sadly in the world today, if any one of the above activities are violated, the risk goes up no matter what operating system you use.

  37. Anonymous Coward
    Anonymous Coward

    Anyone claimed VMS yet?

    Hmm?

    1. jacasta
      Happy

      Re: Anyone claimed VMS yet?

      or RSTS/E ?

  38. Anonymous Coward
    Anonymous Coward

    Most secure desktop tool: an abacus. Nuff said.

    1. eulampios

      slide rule

      why is it more secure than the slide rule ?

  39. jacasta

    UX built to CC 3.1r4

    Alias "defense-grade OS". EU implementation as ITSEC E6. Main precursor was DoD Orange Book. HP Labs probably had the first alpha of HPUX-10 to OB standard in the mid 90's but (officially) abandoned due to cost. Yes; it's "UX" - "nearly" Unix/Linux. There are versions today but not available commercially. Closest commercial relative - Linux!

  40. eulampios

    negating it

    I would agree with the sentiments of defining what's secure really means first. I'd say OpenBSD, and hardened GNU/Linux or *BSD. A supported up-to-date (out of the box) GNU Linux is secure enough for the mundane stuff.

    The "big target" theory is a hypothesis and might be too farfetched. We are not being offered any numeric connotation. What is a big target, what is a small target and what that relationship to security of OS is, exponential, polynomial or logarithmic?

    One way to decide about the question though is to rule out some candidates. So answering the question, which (family of) OS's are most insecure, I'd definitely say that it's Microsoft Windows.

  41. Herby

    Please define...

    "Secure Desktop". In the comments I've seen all sorts of definitions. Some make sense, but others don't. About the only thing that most will agree on is that a simple calculator is "secure". The problem is that it lasts only until someone divides by zero.

    Oh, well.

  42. Anonymous Coward
    Anonymous Coward

    Desktop security is all very well, but you need to look at everything as a whole.

    Up until a few months ago KDE looked pretty good, then they nearly lost all their entire codebase because some programmers were in charge of the hosting infrastructure and thought that replication was the same as backup. When the inevitable happened, the only thing that saved the entire KDE project was that one node had been taken offline the previous day for disposal. ie: Total luck.

    The upshot is - if you have the most secure OS/Desktop in the world, that's nothing if for some reason you can't install a new version because, it's owners went bust or a malicious employee destroyed the codebase or there was an accident, etc.

  43. Anonymous Coward
    Anonymous Coward

    Qubes OS

    http://qubes-os.org/trac/wiki/QubesArchitecture

    or at the very least, using Virtualbox to isolate different activities on your desktop.... I never browse the internet in the same OS/VM as my main day-to-day work.....

  44. David Glasgow

    Where the Hell is Eadon?

    I skipped the article and went straight for the comments to get my daily dose of MSogyny.

    Only one poster accused of trolling, and it was pretty poor fair at that. Not enough capitals. Everyone else just being quirky, or reasonable, or a tad silly, or a bit too serious.

    This is not what I come to expect. I demand to know if Eadon has been booted off. If so, let the cry go up.... 'free the Register one!'

  45. FrankAlphaXII

    OpenBSD is my pick for most secure

    Id say the most secure OS you can deploy on a desktop is OpenBSD. I'm not denying that Linux has come a very long way, as has Windows and even OS X though I still have issues with the way Apple does things in regard to security, but as far as overall security goes OpenBSD's pretty much focused on it. The functionality is pretty easy to learn if you know any of the unix-like or UNIX operating systems.

    Keep in mind though, there is no such thing as a completely secure information system. There are layers of security, as the principle of defense in depth applies of course, and a well defended system can be very difficult to crack, but nothing is completely secure. Believing that noone will ever be able to nail you is simply delusional. There will always be a vulnerability which can be exploited somewhere.

  46. lunatik96

    Whonix

    The Whonix concept of running 2 virtual machines, one as a desktop and the other as a TOR anonymiser. The concept can run on any OS, however I prefer Linux as the base using Virtualbox or KVM. A lot of progress has been made on KVM. When WIN 7 gave me crap about installing a legal copy on my tower, I installed linux and Win7 in a virtual machine. I am NOT a gamer so that is not a consideration.

    I also would run different flavors of Linux as the host and guest, just to make it more secure. I would pick the flavor (or 2) I like best as guest and use another for host.

  47. jubtastic1
    Trollface

    Oh you're going to hate me for this...

    It's 6 years old, very popular, about three hundred million active users, commonly contains a treasure chest of personal and financial data, is powered on 24/365 while connected to multiple public networks. Seems to be doing ok so far despite its fair share of the technically incompetent masses.

  48. lunatik96
    Big Brother

    BeagleBone Black

    Angstrom is built in firmware.

  49. Herbert Meyer
    Big Brother

    closed source is OUT !

    Any closed source operating system can be, according to the martyr Snowdon, regarded as insecure, as they have back doors for NSA access. Unless each and every line of the OS source and toolchain can be inspected by suspicious minds, such as the Unix anarchists, and compiled from source, the OS will have a back door for NSA to insert its Iron Fist up the rectum of any system using it. Any back door used by the Iron Fist can also be used by third parties.

    Further, according to the martyr Snowdon, other security holes can be unpatched and unpublic, until the Iron Fist allows them to be patched and publicized, because they are not being exploited by the Iron Fist.

    My Finnish is not good enough to translate the response to "Please Mr Linus, can we put a back door in your kernel ?", It would start with "F no !", and contain a graphic description of your grandmother having sex with a reindeer. Similar responses would come, in various languages from the BSD authors.

    I trust these boys a damn sight more than the sons of Balmer and Cox, even if the Sainted Jobs did not allow it.

  50. FutureShock999

    It's the oldies but goodies...and the oddballs

    Two of my nominations (VMS and AS/400, both of which I learned to program on) have been mentioned, but I will add:

    1) BeOS

    2) NeXT

    3) Plan 9 (running on a Raspberry Pi, of course)

    4) I've listened to all of the Commodore 64 and other ancient PC nominations with a laugh. Too common. You want secure? Ohio Scientific Synmon OS for their C1P model. I still have mine in the loft...now THAT is secure.

  51. WhizzMan

    Critical Infrastructure

    I've worked for several Critical Infrastructure customers in my career. Without exception, they all run Linux on the desktops that are used to manage the actual critical infrastructure. Being involved in both security and infrastructure administration, I can tell why they chose Linux.

    1) Long term support. They all chose a distribution that would give their desktops an 8+ year life cycle. This was guaranteed at the moment they chose. Neither Windows nor OSX get promises like these at the launch of a new version.

    1a) Portability; applications are usually easy to use on newer versions of linux. I've seen applications go for over 20 years. Both OSX and Windows don't have that track record. Granted, those applications came from UNIX, but still.

    2) Customizability. Making an OS secure in the exact situation you are facing, requires good access "under the hood". Both OSX and Windows lack a lot here. They may have improved a lot, but they are still behind. Mind you, even if you have reasonable tools, it's still a highly specialized job and getting it right requires experts regardless of the OS you choose.

    3) Designed as multi user, default deny, separate admin and user roles. Both Windows and OSX are designed for users first, then admin layers are added. Admin tools assume (partial) administration by the user. Because of the security model, there are large parts of Windows and OSX that are on "default allow" and only shielded by very thin security measures. This gives malware a big(ger) chance to break through on those than on (well implemented) Linux. For a critical infrastructure desktop you want something that just works and that is administered by people that are skilled admins and security experts, regardless of the OS.

    Why not some form of BSD or Solaris? There is no commercial support for BSD easily available. If you want a vendor to support you because of hardware problems, you won't find hardware that will do so. Finding admins that are expert on both security and configuration of any of the BSD flavors will be difficult. This doesn't mean that some form of BSD isn't potentially as good as Linux, but that in practice, getting it up to that level is much harder for an organization. Getting Solaris supported is a pain and costs much more than Linux. The moment you run your own applications, all support is practically useless, so going that route is a dead end.

    1. pklausner
      Holmes

      Re: Critical Infrastructure

      Serious question: which vendor will give you 8+ years of *Linux desktop* support?

      And while it may be true that you can compile 20 years old Unix software on said 8 years old desktop - how do you fare with 8 months old Linux software?

      1. itzman

        Re: Critical Infrastructure

        Redhat?

        IBM?

        Do you actually NEED it?

        our default model for WINDOWS was 'all important data on the server' if desktop crashes, spend 20 mins trying to fix, otherwise reinstall '

        You can do the same with Linux. Just have a default 'desktop installation DVD' and if it gets snarfed, load that and reinstall.

        If the /home/user is NFS mounted, that is. All back and running. Unless it's the /home/user that got snarfed, in which case your autobackup from last night wont be overwritten yet, so restore from that .

        That also allows you to hot desk. Log in as yourself on any machine and see the same darned environment.

      2. Anonymous Coward
        Anonymous Coward

        Re: 8+ years of *Linux desktop* support?

        Slackware does a pretty good job of updates for old versions. 12.1 is still getting patches, and must be 5+years by now.

    2. Anonymous Coward
      Anonymous Coward

      Re: Critical Infrastructure

      If you want BSD administrators, or software, try the OpenBSD website. I'm sure that if you contact them they can put you in contact with professionals and not those versed only in OpenBSD.

  52. ForthIsNotDead

    It's VMS.

    It's as simple as that.

  53. trafalgar

    The one where you have the freedom and access to see how it works and what it is doing, and free to make it as secure as you like.

  54. Anonymous Coward
    Anonymous Coward

    There's always one...

    ...muppet who thinks that viruses are predictable based on the "bums on seats" measurement and that therefore if Linux were the number 1 OS, that it would suffer as much as Windows currently does.

    Nothing could be further from the truth.

    It's like saying that because your toy canoe couldn't cope with a North Atlantic gale that any vessel designed for ocean going could also not withstand a North Atlantic Gale. Of course, the makers of your toy canoe are going to pitch this line at you, they don't want you to go and buy a vessel capable of such conditions, they want you to keep buying toy canoes and all the strap on extras they and their partners provide to make your toy canoe appear as though it could cope with a North Atlantic Gale. Which it wil never be able to do, because it's a toy. Toy canoe makers rely on urban myths and ignorance to maintain their sales figures. Real sailors are getting really tired of explaining the difference to sunday afternon toe dippers.

  55. MrScott
    Childcatcher

    Answer to OS security question

    The answer to El-Regs OS security question. As much as boffins hate to admit it, their is no such thing as a secure operating system. OS's are designed to be user friendly to multiple users. Unless the Big Softies have found a way to completely isolate the user with some sort of perfect Evil-User detection software or remove all the IO and user interfaces without impacting usability. Lets proceed to the obvious conclusion. The abacus or the human brain is probably the most secure OS ever created. The fact that lifeforms create software might not exclude whales since their brains are bigger and probably smarter that human brains. I'll choose a whale brain cuz whales are smart enough not to try writing security software. Squid and plankton anyone?

  56. Wardy01

    I'VE GOT IT !!!

    ESXi

    1. You never interact with it.

    2. Everything runs in an instance which is fired up and then shut down.

    3. It can be setup so entire domains running on it have no access to the files that are the ESXi OS.

    4. Never seen or heard of a virus targetted at it.

    5. Exploits are pointless since you only ever talk to a host OS running on it.

    It's a bit bull in china shop ... and built for servers (big ones at that) ... but it makes an awesome desktop OS to host your "environment".

    Also means you get the best of all worlds since you can run any OS on top of it!!!

    The way I see it there's only 1 "unauthorised" way in ... take the hard drive out and plug it in to another pc then access the files.

  57. Anonymous Coward
    Anonymous Coward

    LegOS

    LegOS. It runs purely on the popular building-block platform and therefore only exists in the human imagination.

  58. William Higinbotham

    Apps on top of OS

    I personally feel that the browsers or applications(that uses internet communications) that run on top of the OS can compromise the OS faster than the OSes themselves. But nothing beats a cinder-block on top of hand written paperwork. Just had to say something for NSA to read.

  59. cdshafer

    Secure Operating system

    Ok Bill Gates was once asked what is the most secure OS he ever made. His answer was a computer that is never hooked up to the internet. As for the most secure OS he ever made is Windows 95 because you can not network more than 5 computers together. But I have proven this to be wrong also. I have loaded Windows 95 on a 2002 ASUS computer and gone online and surfed the net just fine. A little slow at loading web pages but it worked. So therefore there is no secure operating system. Even Apple and Linux are both vunerable if you know how to wright code.

This topic is closed for new posts.