Reasons Why Linux is Better Than Windows

In the article "Why Linux is Better than Windows - Five Reasons to Change Your OS," Bright Hub author Persona writes that the reason there are viruses for Windows and not for Linux is because the software tools that malware authors use run in Windows. He says that malware creators use programming languages like C#, C++, and use .NET libraries.

He goes on to say that Linux was created from scratch and Linux users don't have to worry about viruses like Conficker.

What do you think? Is this a fair assessment of why malware creators target Windows, or it more likely that Windows is simply low-hanging fruit because of its much larger install base?

I, for one, believe that Windows is targeted because of it's larger base. The language the operating system, and the use of .NET libraries really has nothing to do with it. Windows is set up to hide things from the user. Software runs behind the scenes with the user having no idea it is going on. That is why Excel Macros can have viruses embedded in them and why many viruses are sent via email.

Linux is safe from viruses for many reasons, including the fact that it's open source (lots of eyes looking at the code), the root user, and the fact that unlike Windows the code is not set up to hide things from the user. The thinking behind the platforms are completely different. Windows wants anybody to be able to run it, Linux (and the other 'nixes) aren't really about making it a no brainer.

Side note - many OSs are taking away the "root user" to make it easier to use. This is a bad idea. If you take away the root user, you are taking away one layer of security.

Can I add one more point that Windows is not designed with security in mind? I mean if you search for "unix security principles" you can come up with noticable results. But on the other hand, there is no such thing as "windows security principles."

Plus, Windows primaly focuses on ease-of-use ("don't touch it, I will do it for you" type) and compatibility to some extent. Security does not top the list.

Personally I find the "sudo" issue very annoying. Imagine that you have to do a couple of tasks in the command line and you need root privileges. Preceding each command with sudo is irritating, if you want to pipe the commands and/or execute them in order. Thus for years I can not use the sudo or kdesu; instead I go on with creating a root password and then "su"ing to root.

Tolga, That is very true. SELinux is a good case in point. There will never be a Security Enhanced Windows.

On the ease of use - the Windows commercials are a perfect example. Yeah, it's great that a 6 year old (or however old that kid is) can edit photos on her computer, but she can also click open a virus laden email and bring the whole operating system down. Don't get me wrong, I'm all for kids on the computer, but give them tux paint ;)

Sudo is annoying for anything more than running one command. i have my machine set up for both. Sudo for running a quick command, su for anything more intense. The servers are set up with managed sudo. That way some people can do some tasks and others different ones. So, sudo does have it's place. But as a 'replacement' for the root user, it's a bad idea.

Actually, there is a security enhanced version of Windows (XP), but you have to have the purchasing power of the US government in order to get it. Outside article here: Wired News.

I'm trying to give sudo and graphical management in Ubuntu a chance. Previously in RedHat, I often left an su console window open on the desktop and even logged in as root if I had something big to do. Then again, I also spent time recompiling kernels and modules to support my hardware. I'm glad that situation is much better now.

The entire concept of a "secret" superuser strikes me as bizarre, but I don't even know the name of the superuser account and don't think that I need to. I'm only running it as a single desktop user, though. It's not like I have a lot to administer.

Lamar, if you're talking about Ubuntu, the secret superuser is still root it is just not given a password. You can get around this by editing some config files.

I'm not sure if "locking down 600 settings" is a good thing. Now, I won't profess to be a Windows' Admin and I'm definitely Unix biased, but I really believe that for an OS to be completely secure, the administrators need to know what is going on.

If something goes wrong on one of the servers, I can pop a terminal window, read the log files and find the problem. i can quickly see if someone is trying to brute force attack my machines and what software is trying to get root access.

If someone can tell me why locking down settings even from administrators is a good thing, please do. If I'm totally reading that article in the wrong tone, please let me know. Like I said - Unix biased here.