Monday, July 14, 2014

Most secure operating system !!



This article doesn't contain any facts or evidences, it solely depends on author's opinion.

With the over increasing usage of internet and privacy issues, the first thing that comes in our mind is 'security'. Is our operating system secure? Is our privacy maintained?  I have been using various operating systems from years.
The security of a given anything, even operating systems (OS), tends to be a difficult or even controversial issue to examine. The only, truly secure operating systems are those that lack contact to the outside world. As for any other OS, they'll inevitably have some sort of vulnerability or weakness that can be exploited. In fact, any networked OS can be exposed by careful abuse of its configuration—no exceptions. All the same, here are the top five most secure operating systems on the planet today.
1. OpenBSD: By default, this is the most secure general purpose operating system out there. The fact that it suffered only two remote attack vulnerabilities in the last decade serves as solid evidence of its stringent security and strict auditing policy. Moreover, OpenBSD lacks a large enough attack surface (care of running numerous web applications) for hackers to exploit.

2. Linux: Linux is another superior operating system. When customized, it can be set up to extremely secure. Linux has an impressive vulnerability patching policy.

3. Mac OS X: This Apple-made OS handles user permissions better, but it still contains an indecent number of vulnerabilities and remote exploits in its systems. That, coupled with Apple's slow response to many of its security issues, has landed this operating system at the bottom of this list.

4. Windows Server 2008: Say what you will about a Microsoft operating system's security; at the very least, they know how to improve and they've gone through the very worst security threats that the Internet can dish out. This iteration of Windows Server has improved backup and recovery, user account control, web server (IIS) role, and server role security configuration.

5. Windows Server 2000: This operating system is so secure that it took nearly a decade before Microsoft can come up with a better one. This OS for network servers, notebook computers, and corporate workstations continues to get monthly security patches even after nine years since its release.

The above list was as per technical specifications. But now according to surveys by Government officials, the results are somewhat different.

The Communications-Electronics Security Group (CESG), the group within the UK Government Communications Headquarters (GCHQ) that assesses operating systems and software for security issues, has found that while no end-user operating system is as secure as they'd like it to be, Ubuntu is the best of the lot. In late 2013, the CESG looked at the security of the most popular end-user operating systems for desktops, smart phones, and tablets. This included: Android 4.2, Android 4.2 on Samsung devices; iOS 6, Blackberry 10.1, Google's Chrome OS 26, Ubuntu 12.04, Windows 7 and 8; Windows 8 RT, and Windows Phone 8. These were judged for their security suitability for OFFICIAL level use according to the UK Government Security Classifications. This is the UK's government lowest security level.

Ubuntu however, scores the highest in a direct comparison. “Ubuntu 14.04 is Ubuntu's latest Long Term Support (LTS) version, and it's recommended for use by businesses. The CESG examined each operating system security on the following grounds:

● Virtual Private Network (VPN)
● Disk Encryption
● Authentication
● Secure Boot
● Platform Integrity and Application Sandboxing
● Application White listing
● Malicious Code Detection and Prevention
● Security Policy Enforcement
● External Interface Protection
● Device Update Policy
● Event Collection for Enterprise Analysis
● Incident Response

Ubuntu has three problem areas that kept it from a perfect score where others had more. Windows Phone 8 has the most "Significant Risk" items with two and Blackberry 10.1 Corporate has the most "Some Risk" areas with six. Where Ubuntu could stand improvement is in VPN, Disk Encryption and Secure Boot.

Technically Ubuntu's VPN is good enough, but it hasn't been shown to meet the security requirement by an independent third party. Canonical's current position, from Ubuntu 12.10 onwards, is "to adopt Grub2 as the default boot loader, with support for Secure Boot, but with an ability to turn off secure boot to modify the OS, if required. This gives users and enterprises the best compromise between security and ability to customize after sale." Problems aside, the simple truth is that if security is what you want most from desktop, smartphone, or tablet operating systems than Ubuntu is what you should be using.

True, security is always a moving target, but year-in and year out; Linux-based operating systems are more secure than their competition. As Windows XP's support clock ticks to its end of supported life, Ubuntu should be considered for your most security sensitive desktops. Its smartphone and tablet side, Ubuntu One, is still a work in progress. The most secure mobile operating system for now is Android on Samsung devices.

Linux-based systems get a lot of press in IT trade publications. A lot of that press relates to its security characteristics. In fact, some claim "Linux is the most secure operating system (OS) of them all." Such statements are, of course, unsupportable hyperbole; while many Linux distributions may outshine both MS Windows and Apple MacOS X by a significant margin, there's evidence to suggest that most Linux distributions are not up to the standards of FreeBSD, for instance -- let alone OpenBSD, with possibly the best security record of any general-purpose operating system.

That's even leaving out special-purpose OSes such as a number of RTOSes, IBM i, OpenVMS, and TrustedBSD. In the sense that many people tend to think first, foremost, and often only of Linux-based systems when they think of open source OSes (and even think of "Linux" as an OS without distinguishing between distributions), however, they have a point: all else being equal, a popular open source OS has definite security advantages over a popular closed source counterpart. Linux distributions are far from the only open source operating systems, though. Just for the sake of argument, insofar as Linux is emblematic of open source OSes, then, and that MS Windows is emblematic of closed source OSes, it may not be so unrealistic to say "Linux is the most secure OS of them all," where "them all" consists of only two choices -- but the world is not that simple.

"Linux" in the abstract, however -- as a stand-in for the average Linux distribution -- is simply not the most secure OS available by a more comprehensive view of OSes. There are, in fact, some Linux distributions that have been created for research purposes that are intentionally as poorly secured as possible in default configuration.
Furthermore, determining a "most secure" OS is not as straightforward as it might at first sound. One of the most common criteria used by people who don't really understand security, and by those who do understand it but want to manipulate those who don't with misdirection and massaged statistics, is vulnerability discovery rates. Those of us who know better are aware that there's a lot more to security than counting vulnerabilities. Other, more credible criteria, may involve factors such as:
·         code quality auditing
·         default security configuration
·         patch quality and response time
·         privilege separation architecture
and a whole lot more.
Even if we ignore any OS that won't, for instance, run a popular browser (such as Firefox), a popular email client (such as Thunderbird), and a popular office suite (such as OpenOffice.org) in a WIMP GUI on an Intel x86 architecture computer, the average Linux distribution doesn't beat every other option in all categories by any stretch. Ubuntu Linux, arguably the Linux distribution with the greatest mindshare, certainly doesn't.
Over the last few years, system security has gained a lot of momentum and software professionals are focusing heavily on this aspect. Linux is often treated as a highly secure operating system. However, the reality is that Linux too has its own share of security flaws. But there is no need to worry. Read this to understand how Linux secures your system.
http://www.linuxuser.co.uk/features/security-in-linux

If you're one of those people inclined to say "Linux is the most secure operating system of all," you should probably rethink that. A much stronger case can be made for the security of some other OSes than the average Linux distribution. Even if it couldn't, the variability of Linux distributions in general, and the differing criteria for the security of an OS that may come into play in comparisons, make such a statement quixotic at best.
The long version of the answer to the question "Is Linux the most secure OS?" is that it depends on what OSes you're comparing, or whether you're comparing specific OSes at all (instead of something like "open source vs. closed source"), and for what purposes you mean to evaluate the security of an operating system. If you make claims like that, someone who knows better will have an easy way to discredit your argument. Be more specific, not only in your arguments, but in your thinking -- because it's too easy to form bad habits that may lead to making bad decisions about your own security, and because giving people inaccurate information about security like that can create real problems. If you mean that all else being equal popular open source OSes are more secure than popular closed source OSes, say so. If you mean that Ubuntu's default configuration is more secure than MS Windows Vista's, say so. Just saying "Linux is the most secure operating system of all," on the other hand, is imprecise and inaccurate.

No comments:

Post a Comment