Is Ubuntu Really More Secure Than Windows 7?

Is Ubuntu Really More Secure Than Windows 7?

A lot of people look at Linux because they hear that it’s more secure, among other things. Is there truth to this? In my opinion, yes, and it’s a very complicated subject. I’m only going to touch on a few aspects of operating systems here but you should walk a way with a good idea about whether or not Linux is more secure than Windows.

Ubuntu is one of, if not the most used user-oriented Linux distros. The comparison to Windows 7 (the most widely used user Windows OS) is inevitable. While most of this applies to Linux in general I’m singling out Ubuntu specifically due to market share, userbase, and a particular feature I talk about shortly at the end.

Why Windows 7 Is Secure
I’m not going to go into why Windows XP is insecure but I’ll explain how Vista and 7 improved security. There are definitely a few significant changes that should be noted so that we can compare those changes to Linux implementations.

The first really big change in Windows 7 is ASLR and SEHOP. ASLR is Address Space Layout Randomization and it essentially makes it difficult for an attacker to use a programs own code to execute what they want. SEHOP is a technique that specifically deals with SEH overwrites ie: a specific type of overflow that targets the Structured Exception Handler. SEH overwrites made up 20% of the exploits in the Metasploit Framework at one point. These two techniques directly address highly exploitable features of the OS.

The next change is adding a Windows Update that doesn’t completely suck. XP made you go through IE, it was awful and (I don’t know about you guys) it never worked well for me. The new updater is simple, independent, and far less buggy in my experience.

And then there’s the change in Microsoft. They realized people didn’t like getting infections and they’ve made a huge shift from being insanely slow to patch to being pretty proactive about it. This newfound ability to get patches out quickly combined with an updater that isn’t completely awful is really great for users and is probably one of the largest reasons why we’ve started to see OS exploits drop and 3rd party exploits rise.

Lastly there is the under-appreciated Mandatory Integrity Access Control. Windows 7 has segregated the file system into layers primarily consisting of “Low”, “Medium”, and “High”, integrity files and folders. Programs running at low can’t write to medium/ high, programs running at medium can’t write to high, and programs running at high can write anywhere. It’s very powerful and it’s the basis of the Chrome and IE9 sandboxes.

Why Ubuntu Does It Better
I won’t go into OSS vs CSS in this post. Maybe if I get really really bored some day if anyone actually ever reads this thing. I also will not go into “security through obscurity” as it’s not actually a real thing. I’m going to focus on some other points, which are more easily substantiated.

The first real boon to Ubuntu’s security is package management. Probably my favorite part about running Linux is that I don’t have to do a thing to keep the system up to date. On Windows it’s “Run Flash Updater… ok done… run Java updater… ok done… run Windows updater… etc” but on Linux it’s all handled in one place. I click “Update” (or nothing at all, it’ll do it on its own eventually) and my browser, plugins, IM client, IRC client, and operating system (and anything else) are all patched up. Consider the significance of this – the Flashback trojan infected 700,000 OSX systems using a vulnerability that had been patched *months* before.

Where Windows has Mandatory Integrity Access Control (MIAC) Ubuntu has Apparmor. Well, sorta. Ubuntu has a set of permissions that follow DAC policies. What Ubuntu also has is a MAC implementation that allows for incredibly finely grained access control. On Windows there are very few programs that actually run at low integrity, on Linux virtually every application can run with Apparmor and there are a few that do by default – specifically system services. Apparmor is incredibly powerful because almost anyone can learn to use it – creating a profile takes minutes in most cases and it reinforces the already fair access control. MIAC can’t touch Apparmor – it’s not even close.

Ubuntu is actually fairly unique among distros as it’s one of the first to implement the new Mode 2 Seccomp Filters. A new way to limit visible kernel attack surface by only allowing syscalls on a whitelist basis. This is a new feature so it’s not easy to gauge but, judging by the principal, it should pair incredibly well with other security mechanisms like Apparmor by preventing privilege escalation.

So there you have it. Why Ubuntu is more secure than Windows 7.

What Needs To Be Said

There’s no actual way to say X is more secure than Y. I know, I just typed this whole thing out but we can only make a best guess; there is no objective measure of security. I can’t say that powerful ASLR is more important than strong malicious file detection without significant research to back that up, and even then it’s limited. What I can do is use my own judgement to take the above information (among other things) to come to a conclusion and do my best to present this to you.

There’s a lot more to all of this than what I’ve posted and there are a lot of opinions about it. This isn’t some huge research paper attempting to provide definitive answers, it’s just me, bored, comparing two operating systems. Windows 8 is entirely outside of the scope of this as it includes many new security features.

I could write a lot more like how Linux is inherently more secure because blah blah blah open source blah blah blah kernel blah blah blah but I won’t. Not tonight. Maybe some other night I’ll do an “Is Linux more secure than Windows?” blog post that goes in depth into things like ASLR implementations (mmap is randomized, virtualalloc isn’t), NX(execshield, emet), smartscreen, DAC vs MAC, etc.

Sources:
https://blogs.technet.com/b/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx
https://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx
https://wiki.ubuntu.com/Security/Features

4 thoughts on “Is Ubuntu Really More Secure Than Windows 7?

  1. I have to say that security IS an important consideration when choosing an OS (or more likely, being forced into one, and then finding out you hate it). Your data is the most important thing on your computer, and having malware actually steal it can be very dangerous. Malware writers can go as far as steal your bank details, which means it’s more than just- awww, my computer pops up these annoying ads, big deal. It means people can do you serious financial damage. I wrote a small essay on this, at: https://docs.google.com/document/d/1cquUZsf6FfdoLCc697IJT8BYjiOEpororW0JMmxk9KQ/edit

    • I agree with a lot of what you said. One thing I’ll note is that there is the AppContainer MAC in Windows 8 and that may potentially finally give Windows a decent access control tool. It remains to be seen how AppContainer works though.

      I think you bring up a good point that so many services are running as “Admin” or “SYSTEM.” Look at the Stuxnet printer spooler exploit. Why the hell is my printer spooler running with so many rights?

      And the fact that some 3rd party tool might have the same functions as apparmor, as you say, doesn’t really matter. Security belongs in the kernel.

      I’m a bit more optimistic about Windows security personally. I think Vista and 7 have actually made things more difficult, if only because ASLR/SEHOP make things a pain when implemented properly.

      Thanks for the reply.

      • I too hope MS will improve the security of their OS, but sadly, I’m not sure they can. After all, they are severely tied down to legacy support, and everyone knows that the OS Windows was based- DOS- is seriously outdated and can’t have enough security for this day and age. In the end, there is only so much you can do on top of the OS to improve security, before you need to change base system functions that terminate legacy support.

        But thanks for reading, and I hope you found the tone of the article amusing rather than offensive ;)

  2. hi, dual booting ubuntu 12.04 long term support with xp, as xp support comes to an end, i can see me deleting xp partition and only using ubuntu with wine for those couple of windows programs that are not available in linux, i do enjoy xp but i agree security is important and for that reason i think linux is hard to beat

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>