Quote Originally Posted by Kano View Post
I don't think that linux desktops are more secure than win by definition. at least with physical access you dont need a livesystem to get full (root) access to user data - btw that works on os x as well. So lets think about remote access, there you are as save as the apps you run. Every app has flaws, most important for home users are most likely all web browsers, mail clients, instant messaging or office apps. Faults in those apps are used to install malware - currently mainly on windows because of much more users - but do you want to say that flash/java is more secure when you use firefox on linux than on win? You are just lucky that the malware authors target win in most cases, same for os x users. You see that same on android, every system that is popular has got lots of malware (often hidden in pirated apk). Currently you are usually save enough without any anti virus tool in the background - but you can be sure in the case that linux desktops are more popular this will change.

For web servers you already have got lots of attack vectors, mainly because of wrongly parsed vars. Most likely you don't read news about stolen passwords/sql databases. Do you really want to say all those systems run windows? Basically it would not matter much, the most exploited bugs are not inside the os kernel. Of course when you have got already a remote shell you want more, like root access...
mmm if you check firefox it is proven to be more secure on linux than on windows, i mean sure firefox can have crossplataform bugs[the source is not the same for every plataform just almost the same massive difference here] cuz like i said windows security concept is a bad joke, so lets say advapi32 has 1 critical security bug[normally is mined with those] and firefox has to use that API[same as any other windows app] cuz on windows it uses MSVC then firefox can't do squat about it[they can try to reduce or add extra check to try to stop a possible attack] but advapi32 doesn't exist on linux and the linux couterpart don't have that security flaw hence is not exploitable on linux or mac in this case and that same thing is true on any crossplataform application, another example could be Mono[i don't like it but for the sake of the example] is lots of time more secure on linux than using .NET directly on windows since the applications developed with it are 100% on the underlying .NET runtime which are mined with security issues too that no .NET app can protect.

this is most of the security issues present on crossplataform apps, so im not saying apps on linux are 100% secure cuz like i said you can have a crossplataform bug but the app security is as strong as the underlying weak slave of the OS chain and in this case linux/bsd/solaris/etc have a pretty stable chain[not perfect but lot closer than winblows].

now i agree if you have physical access to the PC you just put a firewire or easier just a livecd[work with any OS] and booom.

funny note almost any security issue can grant total control over the NT OS kernel, insane right?[that is what you call a well thought security layout]