Why Shouldn’t We Trust Linux on Security?

There are people who think Unix-like operating systems like Linux is safer and more secure compare to Linux. They claim because Linux is open source we could see the source code of it and because it is community driven, then everyone would see and find error and bugs especially security bugs and fix them. Here you will see all these arguments are wrong and Linux is just like scarecrow, where normal people see it like scary and secure from far but security experts will get near and touch it and then it fell down and they will see there is actually nothing there. Firstly, being open source pose more risks, because we don’t have any control about who has access to the source code. Opposite to close-source operating system where people has full control over who has access and why they want to access the source code , in addition, media and external security experts more interested in finding security issues in closed-source operating systems , because they could find story and tarnish reputation of the company, while in open source like Linux, even if hackers take over everything they just write a simple story and no one taking blame and they just say it is community and open to everyone. Support in Linux is also nightmare, the only company who actually doing some support about Linux security is RedHat and in most of the time you should go over forums for hours and hours to figure out which script would solve your issue. It is dangerous especially when your systems are under attacks and immediately you need to close ports, enhance firewall security level, perform some malware scan and while in Windows you could do it with few clicks and very fast, in Linux, you need spend hours to figure out what script you have to write and while you are looking for solution hacker did what they supposed to do. In addition, company like Microsoft, they have full time engineers and team to develop code and fix issues, they are getting paid and they went through security screening and they full time job is to protect Windows and consumers. While in Linux, they never get paid and they just get some money through donation, so they don’t have any duty to fix problems and if they do, they do it for favor and there are many times, when we came across security vulnerabilities and they just say, fix it yourself and share with us. In addition, several attack scenarios which has been fixed in Windows, already exist in Linux. Because it is free, they don’t care much about getting their codes sign and you will face with an OS with several unsigned and unverified codes which bad guys could just replace then whenever they want. There are many cases where an attacker fool users to get a script to fix some issues and inside it hides some malicious activities which result on hacking the server. We could secure Linux, if we pay a lot and develop several applications or enhance already existing security products for Linux, but still it won’t become as secure as Windows. Therefore, if you are wise administrator, instead of putting scarecrow to scare some hackers away, think about a platform which is fundamentally strong like Windows and invest on enhance security on it. You just need to do threat modeling and look into scenario of attacks and then you will know why we need Windows instead of Linux, so do not trust Linux.


Comments are closed.

%d bloggers like this: