Problem solve Get help with specific problems with your technologies, process and projects.

How secure is desktop Linux versus Windows?

James Turnbull compares and contrasts security attributes of Linux and Windows on the desktop.

What are the differences between the GUI Linux and Windows operating systems in terms of security and robustness?
In answering this question, first we should get some definitions out in the open. Linux and Windows are both operating systems. Both systems can have GUI front ends, but they have different levels of integration for their front ends. Microsoft Windows is primarily a GUI-only operating system, and whilst you can drop to the command line, almost no one boots to command line by default. Linux also has a GUI front end, called X11 or X Windows, but is often booted to command line. The GUI on Linux is optional and consists of multiple components: the base X Windows client-server application, a window manager such as GNOME or KDE and any required GUI applications.

So what about security and robustness? Let's look at Microsoft Windows first. More recent versions of Windows have...

delivered significant improvements in terms of security and robustness. This is particularly true of Windows XP with the release of Service Pack 2. This has resulted in a greater focus on security including introducing a host firewall and beginning the process of addressing issues like virus and worm infections and spyware. Improvements have also been made to Windows Update to improve the ease with which you can patch. Additionally group policies allow you to lock down and manage desktops more easily. Finally Windows XP has been considerably more stable than older versions. Incidences of the dreaded blue screen of death (BSOD) seem to have lessened with the release of Windows XP.

This does not mean that there are now no security and robustness issues with Windows desktops. In order to deploy Windows desktops you still need to do a lot of work. New vulnerabilities are still regularly discovered, and as a result, Microsoft still releases a large number of patches. The built-in Windows Firewall can sometimes be distinctly unintuitive and interact unfavorably with some applications. Also even with recent changes, the automated Windows Update mechanism is inconsistent, tricky to troubleshoot and lacks basic reporting. Finally the development and testing of group policies and general locking down and securing Microsoft Windows desktops can be costly and time consuming, especially if you have a complex environment.

Linux desktops running X11 or X Windows can be both secure and robust but also share some of the issues associated with Microsoft Windows desktops. Firstly, Linux desktops tend not to be the targets of viruses and worms in the same way Microsoft Windows desktops are. There are significantly fewer viruses and worms that can infect Linux desktops. Most Linux distributions also support host firewalls by default, or they are easily implemented. Due to their maturity Linux host firewalls tend to integrate well with services and applications and cause minimal problems.

Maintaining updates and patching for Linux desktops operates similarly to Microsoft Windows. One of the major differences is in the components that make up your Linux desktop: The operating system, X Windows, your window manager and your applications are usually made up a series of individual packages. For example, on a Red Hat distribution these consist of a collection of RPM packages. This can complicate update and patching because of the potential requirement to track the versioning and changes of multiple packages -- especially when combined with the fact that enterprise patch management and deployment on some Linux distributions is not yet fully mature. On a related note, there are not a lot of mature centralized patch and policy management systems available that support Linux (with the notable exception of Novell ZENworks). This can make administering large numbers of Linux desktops problematic.

Lastly, the robustness of your Linux desktops is going to be highly dependent on the Linux distribution you select. Many of the desktop-focused Linux distributions, such as Novell Desktop Linux and Linspire, are designed to provide an optional desktop experience. Other distributions may be less suited to run as desktops. The selection of a particular Linux desktop should not only consider security and robustness but also meeting the business requirements of your users in terms of applications and functionality. It should ensure the user experience is acceptable in terms of performance and ease of use and that the cost of any solution is acceptable.

This was last published in July 2005

Dig Deeper on Linux servers



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.