Advantages Unix-like OS over Windows for virus protection

We being the unfortunate from this part of the world, Sri Lankans; even though we are always very much keen in using a Genuine Windows, which Mr.Bill puts up at Microsoft Corp, USA, as he claims it is THE best and SECURE operating system in the world. But we still find it difficult to obtain a highly priced genuine Windows and end up buying a ‘Windows XP 2006 Bill Gates Edition’, which is a CD from Pakistan and sold at any computer store for just 100 LKR (~US$1).

Recently when I was talking with a friend he mentioned that he got a lot of viruses, trojans, worms, etc. on his machine which runs on Windows XP (of course not genuine). He said he tried downloading patches from Microsoft website, but it ended up saying ‘You are using a countefit version of Windows…’, and then many things started going abnormal.I asked him ‘What are you going to do now?’, he said ‘Simple, I formated the hard and reinstalled Windows’.

I wondered ‘Then how are you going to get updates…’; ‘Hee.. hee.. NO MORE UPDATES, thats it!’ he replied.

This is a very common scenario among us in Sri Lanka. We use the so said ‘pirated(?)’ Windows, which obviously has the same security risks and holes as a genuine version of Windows. But we can’t get updates from Microsoft website as Mr. Bill don’t like these ‘pirates’. So those holes will remain forever on a machine with ‘pirated’ Windows, and they could be exploited any time. I would like to explain some more of what we do and where it goes wrong.

Viruses will not return after you format

Unfortunately, that’s a specious claim. Although turning on an inbound firewall by default is good, nevertheless until you’ve run the updates, the firewall does nothing regarding outbound connections from your machine. There are numerous exploits which will automatically infest your machine if you attempt to browse the web using Internet Explorer without installing the latest security patches and rebooting first.

You can ensure you don’t get infected right away by first visiting and installing Mozilla Firefox to browse the web, rather than IE, and immediately afterwards use Firefox to download and install AVG Free Edition. Free for home users, and it’s a very competent, non-invasive virus scanner. It’s worlds better than the CPU-hog that is Norton Antivirus. Just make sure your firewall is turned on all the time. But one thing most of us cant do is to ‘download your latest SP2 updates from Windows Update, and you’re fairly safe if you set your PC to auto-update’.

Linux and Unix, however, definitely still have several advantages over Windows for virus protection

The list includes all the Unix-likeoperating systems; OpenSolaris, FreeBSD, OpenBSD, etc.

It has a smaller installed base. This alone makes virus-writers, who are going for the “low-hanging fruit”, less likely to write viruses for the platform. The installed base tends to be technically clue-ful. Obviously, as the “masses” continue adopting Linux or UNIX widely (as has been predicted for ten years, and is happening today at an accelerating rate), this becomes less of an advantage.

The security model has been tested longer, and is inherently more secure, than the Windows model. The largest portion of the reason for this is due its simplicity and age: it’s been around forever, and it’s very easy to
wrap your head around the basic UNIX security model.

Hence, it’s easier to write secure non-root programs on UNIX which won’t open up system-level security holes. UNIX and Linux machines are generally set up to be secure by default. Windows, on the other hand, sets the default user as a computer administrator, and roughly 50% of all programs I install fail to work at all unless run from an account with administrative privileges (or without a ton of post-install tweaking on file and registry permissions to allow a non-administrative user to function).

Mac OS X and Linux have the solution right: prompt the user for the root password when performing privileged system functions, and prefer to install programs in the user’s home directory to avoid asking for root-level access at all. Of course, smart virus and spyware writers will write their programs to prompt for the root password, invalidating this protection, but fixing bugs in a program is much easier than attempting to fix clueless users.

In a corporate environment, administrators can afford to spend the time “tweaking” a program’s install script to make these modifications automatically, but 99% of users will simply leave their account set to “computer administrator” and forget about it.

I would conclude saying, as UNIX-based systems (including Mac OS X) continue to grow in popularity, more rootkits, viruses, trojans, and worms will begin to spread. However, just comparing numbers of system-level compromises, you have to add together every distribution of Linux, FreeBSD, and proprietary UNIX operating systems, PLUS every piece of popular open-source software, in order to surpass the number of Microsoft Windows exploits over the last ten years.

You can read more:

Microsoft, Windows, Windows XP are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other regions and/or countries. (Mr. Bill might get angry if I don’t mention this)

CS&ES AGM 2006 – Sponsors Video Clip

Its just 2 months after I have come to Computer Science and Engineering Department. And this is my first video clip I’m doing for the department alumni AGM, the CS&ES AGM 2006. This is a small clip that shows the list of Event Sponsor. Its not a big one, but as always I am doing my thing here also, hopefully this will got for the next three years till I complete my degree. 🙂

My blog, I’m learning…

A weblog, which is usually shortened to blog, is a type of website where entries are made (such as in a journal or diary), displayed in a reverse chronological order. Blogs often provide commentary or news on a particular subject, such as food, politics, or local news; some function as more personal online diaries. A typical blog combines text, images, and links to other blogs, web pages, and other media related to its topic. Most blogs are primarily textual although many focus on photographs, videos or audio. The word blog can also be used as a verb, meaning adding an entry to a blog.

This is what Wikipedia says.

Everyone is having blogs thesedays, and I wanted to have one too. My first stop was WordPress, BlogSome (which used WordPress), where I had my first blog . Even though I had a lot in my mind to write about, I had no time to put them in words, or rather I was ‘lazy‘. Thus that blog had only a few posts (less than 10). Later on the timeline I heard about Yahoo! 360º, via a promotion mail from Yahoo!. I always try any service on the internet, specially if it is from Yahoo! or Google. So I started my second blog on Y! 360º, which  unfortunately still has one post, which was posted on the last Valentine’s Day. But still I am far away from the blogging world.

Now I’ve landed in blogger. We’ll see what happens in the future.