Is Linux the most secure system? Know the truth!

Among all the myths and truths about Linux, one of the most common is that it is more secure than Windows.

But is this really an unquestionable truth? Why is this said?

If you are the type of person who is not satisfied with just believing what others say, but understanding what is behind this type of statement, as well as everything that is true – and what is not – when When it comes to security, this article is for you.

Linux vs Windows, which is more secure?

The question of which operating system is more secure derives in large part from another old and broader debate, which is between “Windows and Linux, which is better?” and that has on the list of advantages of the penguin system, the issue of security.

It is almost consensual that in this very important aspect, the Microsoft product is the loser and, consequently, its users.

Specialists in the area of ​​digital security, IT professionals, software developers, hardware manufacturers, Internet infrastructure providers and countless other companies that have to choose an operating system for the most varied purposes, most of them choose Linux when they need it. of an environment more protected against the many existing digital threats.

Concrete examples abound:

• IoT – Linux is massively used in IoT devices (acronym for “Internet of Things” or “Internet of Things”), not only because it delivers a great level of scalability, performance and hardware compatibility, but because it offers good security standards;
• Internet – the world wide web is totally dependent on servers. Those who are necessary and involved in the various points of the infrastructure that guarantee the functioning of the Internet, such as DNS servers, are responsible for hosting websites. The overwhelming majority of these servers are Linux;
• Web services – email, cloud storage, social networks, electronic commerce, games and many other services on the Web that we use daily, which have security as a fundamental premise, are anchored in the penguin’s operating system;
• Android – among the advantages and features that made Linux the basis for Android development, having a high security standard was essential;
• SmartTV – Do you have a smartTV? Know that her system is based on Linux, for the same reasons that have already been mentioned as the basis for several developments;
• Project Zero – on the Project Zero blog, which is maintained by Google and which brings together a team of security researchers, the publication entitled “A walk through Project Zero metrics” (originally “A walk through Project Zero metrics”), from February 2022, points out that among the most used systems, the safest is Linux;
• Dell – was not the only hardware manufacturer to insinuate this, but given its importance in the segment, when suggesting in a comparison between branded equipment to its customers, that those equipped with Ubuntu were safer than those that used Windows, created an uneasiness with his partner of years.

That is, the facts presented above are some of the many that justify why the choice falls on the system idealized and conceived by Linus Torvalds.

But this is still not enough to satisfy the curiosity of the most skeptical and reticent, leading us to answer the question that does not want to remain silent.

Why is Linux considered more secure than Windows?

Those who don’t know much about the history of Linux may not know that it was based on Unix, a system that natively has security as one of its fundamental pillars.

In addition, Linus Torvalds and the entire community that has always been involved in the creation and development of the Linux kernel, maintained the concern around this foundation.

In short, the kernel is the core or heart of every operating system and, in layman’s terms, consists of the most basic portion of software responsible for allowing hardware management at the most fundamental level by the user.

It is the kernel, for example, which manages memories (RAM, SSD, HD, microSD, etc), passes and receives instructions from the processor, communicates with peripherals and hardware (keyboard, monitor, printer, ports, etc).

From this kernel, many Linux distributions are developed, which include different tools / resources (calculator, file manager, agenda, e-mail client, browser, etc.) time, they can also contain other layers of security.

Not that there is no such concern on the part of Microsoft developers, but the fact that contributors involved in the maintenance / development of an open source project, such as the Linux kernel, have more than 15 thousand people around the world, from more than 1500 companies, reportedly greatly increases the likelihood of identifying vulnerabilities and bugs.

The fact that it is open source also means that there are constant, quick and dynamic improvements, which are oriented to the good and interests of the community itself and not to a specific company and its commercial policies.

But not only that:

• The user privileges and permissions system, which also exists, but works differently in Windows, makes the risks of malware that eventually is accessed on the device, manage to affect the kernel or produce severe consequences, is much smaller;
• O SELinux (Security-Enhanced Linux, or “Linux with enhanced security”), a security enhancement incorporated into the 2.6.0-test3 kernel in 2004 and which gives the administrator more control over system access levels and the ability what a process or a user can do;
• Secure Boot (SB) is a verification mechanism to ensure that code initiated by a computer’s UEFI (BIOS level) firmware is trustworthy. Thus, malicious code that is loaded and executed early in the boot process, before the operating system is loaded, cannot be executed. It is a protection against so-called boot viruses;
• lockdown is a security feature of the Linux kernel, introduced in version 5.4, as an optional security module. The goal is to enforce a distinction between running as the root user and being able to run code in kernel mode. Depending on the configuration, lockdown can disable kernel features that allow modifications to the running kernel or the extraction of sensitive information from userspace;
• Added to the stricter native security, the number of Windows users and, therefore, with a much larger universe of potential victims, makes it more interesting for cybercriminals to “invest” in exploiting the flaws in the Microsoft system and that in practice it means that there is a lot more malware targeting Windows;
• As you can see from Google’s Project Zero data, in addition to the lowest number of “zero day” flaws in Linux, the community is the fastest to produce and release fixes among the major companies that produce software;
• The different distributions imply in several groups of developers working on different fronts simultaneously, which also contributes to a greater probability of identifying and correcting possible security flaws.

Is Linux 100% secure?

No, Linux – or any of its distributions – is not 100% secure.

By the way, as they say in this area, there is no system that can be considered completely safe. The question is not whether there will be such a failure, but when.

As we have seen, the chances of being affected by a problem are comparatively much lower than the most popular OS’s.

However, due to certain myths about it, it is important to highlight some points that are useful for Linux users, as for any other software:

• Information is the main layer of protection. Staying informed about how malware infections occur, the types and how they behave, the social engineering techniques that are used for their dissemination, as well as all types of virtual fraud, help a lot to stay safe in the digital world;
• The weakest link in the security chain is usually the user, both because he often does not keep himself informed, and because he has several unsafe behaviors, such as:
• Linux does not get viruses or there are no viruses for Linux, and although there are much less than for Windows, some of the few existing ones can be just as harmful, such as the Erebus ransomware and the Tsunami backdoor;
• Installing third-party software without checking its origin.

In other words, for a user to actually benefit from the safest features native to Linux, he himself must adopt adequate standards of use, otherwise not even the most reliable system will be able to prevent certain headaches.

Conclusion

Linux and its many distributions can be quite secure, as long as you know what security in the digital world depends on.