OXFORD BROOKES UNIVERSITY
Module P00505
Student Number: 18083471
Which of Linux, Windows, or MacOS offer the best security for the
average user and why?
Computer Science for Cyber Security
MSc
Academic Year: 2018 – 2019
Word count: 2000
Supervisor: Dr Clare Martin
2018
ABSTRACT
The literature review aimed to establish which one of the major three operating
systems (OS) Windows, MacOS, and Linux is the most secure. The reason why
this is important is that once the OS is chosen it is difficult to be replaced. Security
is major consideration for the average user. Basic definition was formulated, and
general security classification was investigated. Requirements for common
security features were established. Each OS was analysed from security point of
view. Then they were compared, and a conclusion was drawn. The overwhelming
result from this assessment was that Linux offers the best security for the average
user as it provides low user access. In this way only, a few files can be attacked
but not the whole system, securing its continuous work.
Keywords:
Operating System, Kernel, Denial of Service (DOS), “Security through Obscurity”
i
TABLE OF CONTENTS
ABSTRACT ......................................................................................................... i
LIST OF FIGURES ............................................................................................. iii
LIST OF ABBREVIATIONS ................................................................................ iv
1 Introduction...................................................................................................... 1
2 What is an Operating System? ........................................................................ 2
2.1 Different Operating Systems Security Classification ................................. 3
2.2 General Security Features Requirement................................................... 4
3 Windows .......................................................................................................... 6
3.1 Security Features of the Windows OS ...................................................... 6
4 MacOS ............................................................................................................ 7
4.1 Security Features of the MacOS ............................................................... 7
5 Linux OS.......................................................................................................... 8
5.1 Security Features of the Linux OS ............................................................ 8
6 Comparison ..................................................................................................... 9
7 Conclusion..................................................................................................... 10
REFERENCES ................................................................................................. 11
ii
LIST OF FIGURES
Figure 2-1 Interaction between the operating system and application, hardware
and user (Ali, 2016). .................................................................................... 2
Figure 2-2 The kernel as a component of the operating system......................... 3
Figure 2-3 Standard attacks breaching security (Silberschatz, Abraham; Galvin,
Peter; Gagne, 2008). ................................................................................... 5
iii
LIST OF ABBREVIATIONS
BSOD
DEFCON
DOS
ID
IT
IP
OS
Blue Screen of Death
DEF Convention
Denial of Service
Identity
Information Technology
Internet Protocol
Operating System
PC
Personal Computer
iv
1 Introduction
Average computer users would like to keep their systems secure. Antivirus
software and firewalls help them to do this. But often when the operating system
is chosen, it is not considered for the security that will provide. This literature
overview will try to answer the question: Which of the three major operating
systems offer the best security and why? The Computerworld magazine used
experts to compare the security features of these three operating systems (OS):
Windows that is widely used for desktops; macOS that has UNIX as a base and
is specifically created for Apple Macintosh computers; and Linux which is free
source and includes lots of variations. The reason why such studies are
undertaken is that once an operating system is chosen it is not easy to be
replaced later. In the last years the computer attacks are much more advanced
as the resources put into them seem to have increased. Not only criminals but
even government sponsored organisations are involved. Malware and viruses are
the common personal computer (PC) infection. They can dramatically reduce its
performance and even destroy it (Computerworld,2018).
It was established that social engineering is a wide attack strategy at DEFCON
one of the wold’s largest hacker convention (Goldman, 2017). Because of this it
became irrelevant which OS is chosen. Any system to be kept secure must be
updated regularly. The security patches once released can be reversed
engineered and new vulnerabilities found. The user knowledge is greatly
important to protect the system. The Basic rules are still very much valid like using
strong passwords and no guest access allowed.
1
2 What is an Operating System?
An operating system (OS) is the most important software that runs on a computer.
It manages memory, processes and all software and hardware. It can be said that
the OS is a bridge between the computer’s hardware and the user. The OS is
needed by the application programs so that they can function. It also manages
the resources. The applications request from the OS resources and the system
finds and provides them or reports that this resource is unavailable. Some
systems also make sure that the program addresses only the resources allocated
to it.
Figure 2-1 Interaction between the operating system and application, hardware
and user (Ali, 2016).
When the computer is powered up, the OS checks all the programs to make sure
that they work correctly. Checks for the availability of new equipment and then it
starts.
2
In an operating system the central module is called a kernel. It is retained in the
memory as it loads first. It is the heart of the operating system since it resides in
the memory, it is essential for the kernel to be as tiny as probable despite the fact
that still will deliver all the crucial services necessary for the applications and the
supplementary segments of the operating system. All the memory, process and
task management are typically handled by the kernel.
Figure 2-2 The kernel as a component of the operating system.
2.1 Different Operating Systems Security Classification
It is difficult to reach 100% security of an OS and any attempt can make it
dysfunctional. A feeling of safety can be achieved at certain level of trust in the
OS for being secure. The US Defence Department defines 4 levels of “Trusted
Computer System Evaluation Criteria”:
•
The least trusted OS is level D. Windows 3.1 and DOS fall into this group,
because the user is not identified or authorised and a full access and
control can be had by anyone.
•
The use of identification and authorisation makes the OS level C1 with
added control of accessing files. UNIX systems for cooperating users are
a typical example.
•
With addition of control on individual basis, level C2 is formed.
•
When sensitivity labels are added like “confidential” and the users have
different clearance levels, level B is reached.
3
•
Level B2 includes all systems’ resources labelling.
•
B3, lists for controlled access are created that locate users not allowed
access to particular objects.
•
Class A indicates security of the highest level. The architecture is
identical to B3 but uses formal methods for development to make sure
that there are no bugs or other weaknesses.
The classification helps with what can be implemented, but the security policy
determines the practical execution (“Operating Systems: Security,” 2016).
2.2 General Security Features Requirement
According to Silberschatz, Galvin, & Gagne the security features should protect
the systems from deliberate attacks, efforts to manipulate, damage or steal
information. The violations that happen often comprise of:
•
Stealing personal information that is strictly confidential - Breach of
Confidentiality.
•
Data is changed without consent that has disastrous effect like
modification of a code that can compromise security rules - Breach of
Integrity.
•
Data is deleted without agreement like website vandalism – Breach of
Availability.
•
Resources are used without consent; networked services are tapped –
Theft of Service.
•
Legitimate users are prevented from using resources usually the system
is burdened with lots of requests –Denial of Service (DOS).
4
Figure 2-3 Standard attacks breaching security (Silberschatz, Abraham; Galvin,
Peter; Gagne, 2008).
The OS should be able to avoid and provide protection against processes that
run away (DOS), unauthorised memory access, buffer overflow breaches,
obtaining excessive privileges by launched programs.
5
3 Windows
Windows has the largest share of the market. It is user friendly, supports various
hardware and numerous software is available for it. It has a closed-source
development and is often attacked by malware, spyware, viruses, Blue Screen of
Death (BSOD) and gradual performance decay.
3.1 Security Features of the Windows OS
Windows OS generally supports various methods and features. User accounts
are at its base that can be grouped in different ways. A security access token is
supplied when a user logs on, that contains a user’s security identity (ID), any
membership groups and any distinctive rights the user might have like making
copies for backups, setting the system clock and shutting the system. A copy of
the user’s security token is received by every running program that regulates the
privileges of this process run by the user. Passwords are used for authentications,
but its modular structure permits alternate methods like reading fingerprints. A
built-in auditing lets monitoring of usual security threats, such as when the log in
or out is unsuccessful, attempts to access or write to executable or sensitive files.
A great deal of the security features are not by default enabled, that can result in
breaches (“Operating Systems: Security,” 2016).
6
4 MacOS
MacOS was formerly known OS X. It is an exclusive OS developed by Apple Inc.
It can be seen in devices such as MacBook Pro, MacBook, Mac Pro, MacBook
Air, and iMac. It is also possible to build a Hackintosh by mixing macOS and
normal hardware (Computer Virus - Antivirus Insider, 2016).
4.1 Security Features of the MacOS
MacOS is considered a very safe choice by the average users. It is superb
because of the code secrecy and the software-hardware synergy. Root access
to a Mac device is very difficult for a hacker. Malware hardly gets access as well,
due to stricter sets of permissions (Computer Virus - Antivirus Insider, 2016).
According to Computerworld and the interviewed experts macOS achieves
“security through obscurity”. It can be a discredited concept nowadays. It is not
impenetrable as once believed. Partly macOS has a good track record regarding
security because is targeted less than Windows. The hackers are not ignoring the
Mac world anymore and are branching out.
7
5 Linux OS
Linux is an operating system that practises an open source. Its code can be read
and commented upon with ease by the users and the other coders.
5.1 Security Features of the Linux OS
In Linux very low users’ access is given. In contrast in Windows full
administrator’s access is provided to the software accounts. Due to this “open
access” all the files are in danger when a virus strikes and the whole system can
get corrupted. In Linux the whole system cannot be attacked but only a few files.
Due to this there is no issue for the rest of the system to work. Also, the IP tables
are high tech protected that strengthens the circle of security. Different working
environments are used for Linux operations, like Linux Mint, Ubuntu, Kali and
others. The potential virus attacks are deterred through division and
segmentation. The fact that less people use Linux also makes it more secure
(Aprit, 2017). Harji, Buhr, & Brecht argue that the rapid kernel development
degrades the performance of the OS especially for research applications. So not
everything is that smooth with open source developing, although that in security
aspect has proven to be very beneficial.
8
6 Comparison
For personal computing, what the average users do, there are few options. One,
Linux will help them to avoid most threats and they will benefit from free software.
Second, the macOS device will provide “best-in-class” usability, security and
comprehensive protection against viruses. The next one is a Windows Pc with an
additional antivirus and malware programs installed on it (Antivirus Insider, 2016).
The last but not the least is to have a Windows/Linux dual boot environment which
adds an extra choice and flexibility (Valenzuela, 2003).
9
7 Conclusion
It is not possible to absolutely state that Linux provides 100% security as
Windows and MacOS are not secure completely. Further software engineering is
required to achieve unrivalled protection and trust. Nevertheless, Linux has a
small number of features that rise its security over the other operating systems.
Increasing the use of Linux and migrating from the other operating software
probably will contribute to more secure computing for the average user. The loss
of market share for Microsoft and Apple can be a powerful driver for them at least
to catch up with the security that Linux provides. The users’ knowledge is
absolutely important for maintaining the security of the operating system. Without
their understanding and constant updating any OS will be compromised.
10
REFERENCES
5 Most Secure Operating Systems from Computer Virus Antivirus Insider. (2016). Retrieved October 22, 2018,
from https://antivirusinsider.com/most-secure-operatingsystems/
Ali, H. Bin. (2016). Hassan Bin Ali Department of IT &
Communication Politeknik Tuanku Syed Sirajuddin.
Aprit. (2017). Why linux is more Secure than Other Operating
Systems? - LearnCodeOnline INC. Retrieved October 18,
2018,
from
https://learncodeonline.in/linux-secureoperating-systems/
Goldman, J. (2017). Fully 84 Percent of Hackers Leverage
Social Engineering in Cyber Attacks. Retrieved October
17,
2018,
from
https://www.esecurityplanet.com/hackers/fully-84percent-of-hackers-leverage-social-engineering-inattacks.html
Harji, A. S., Buhr, P. A., & Brecht, T. (2013). Our troubles with
Linux Kernel upgrades and why you should care. ACM
SIGOPS Operating Systems Review, 47(2), 66.
https://doi.org/10.1145/2506164.2506175
Operating Systems: Security. (2016). Retrieved October 22,
2018,
from
https://www.cs.uic.edu/~jbell/CourseNotes/OperatingSys
tems/15_Security.html
Silberschatz, Abraham; Galvin, Peter; Gagne, G. (2008).
Operating System Concepts Essentials (Second Edi).
Hoboken: Wiley.
Silberschatz, A., Galvin, P., & Gagne, G. (2013). Operating
Systems Concepts (Ninth Edit). Hoboken: Wiley.
Retrieved
from
11
http://iips.icci.edu.iq/images/exam/AbrahamSilberschatz-Operating-System-Concepts--9th2012.12.pdf
Taylor, D. (2018). Why Linux is better than Windows or
macOS for security | Computerworld. Retrieved October
22,
2018,
from
https://www.computerworld.com/article/3252823/linux/w
hy-linux-is-better-than-windows-or-macos-forsecurity.html
Valenzuela, B. (2003). Supporting a Windows XP/Red Hat
Linux
Dual
Boot
Environment,
196–199.
https://doi.org/10.1145/947469.947521
12