I am quite often asked about Linux as an alternative to MS-Windows, about viruses on Linux or even does Linux slow down like MS-Windows. Being an Open Source advocate you would think that my answer would be clear-cut. However it is not as simple as it looks.
Viruses And Hackers
On desktop and laptop machines MS-Windows is constantly getting attacked and hacked by viruses and hackers. Yes we all know that. Nothing new there. In comparison Linux hardly ever gets successfully attacked or compromised.
The first reason comes down to market share. MS-Windows has about 90% of the desktop market whereas Linux has about 1.5% (Mac-OSX comes in at about 7%). A few things follow from this:
- The above figures mean that MS-Windows machines take the brunt of the attacks and thus get the most exposure.
- If you are writing malware then you want to have the greatest impact with the least amount of outlay. Thus you will target the most prevalent operating system. Hence the overwhelming majority of malware is aimed specifically at MS-Windows.
Type Of End User
The average MS-Windows user does not really have a clue as to how the thing works and sometimes not even how to most sensibly use it. But then why should they? Expecting otherwise is like expecting patients to be well versed in most common medical procedures prior to visiting a doctor (although some would say that this is not such a crazy idea!).
Gone are the days of men in white lab coats programming big unwieldy computers. These days the majority of computer users are mainstream consumers that treat it as a utilitarian device like any other. It is there to write documents, browse the Internet, send and receive emails, play games or watch films. All perfectly fair and reasonable. In fact it is a testament to the effort of MicroSoft software engineers that people can accomplish complex tasks on a computer without the underlying technical know-how.
As a consequence only a minority of MS-Windows end users are technically knowledgeable when it comes to the basic inner workings of their computer.
This is less so with the Linux desktop as it tends to attract hobbyists, enthusiasts, technologists and a number of refugees from the MS-Windows world. Whilst Linux is slowly becoming more main stream on the desktop (it cannot really get less), its users are generally much more technically able, they have to be, Linux still has some rough edges. Hence they are more aware of the risks and what to do to mitigate against them.
In the server market this distinction is less relevant as the users of those systems are normally properly qualified systems administrators and engineers.
MS-Windows home users tend to log in as administrators to simply use their system. This is historical. On MS-Windows 95 there was no such thing as an administrator, any user could do what they liked. When MS-Windows XP came along, being frustrated that a lot of software simply assumed you had full access to the system, most users, myself included, did everything as an administrator and still do to a large extent.
Microsoft is doing its best to wean us and other software vendors off this way of running a system. But old habits die hard.
On the other hand on Unix and Linux, one is taught from day one not to do this. Also software, whilst it may be more fiddly to install, is usually designed to work in a far better way with a clear separation between system configuration and user settings.
Thus if a hacker gets onto a home computer running Linux, they are much less likely to find the user is running with privileges. Remember that with the advent of firewalls most attacks against home users target the internet facing client software and not the operating system itself. Therefore if you get on the system, you are on as the ordinary user who is running that software. In order to gain privileged access to the system, the attacker has to then use other malware to elevate themselves to the
MS-Windows Bends Over Backwards To be Helpful
This may sound like an odd criticism but it is none the less valid. Do you remember the I Love You virus? That was basically a bit of Visual Basic script sent via email. Pretty basic stuff really. This script trashed a few critical system files on disk and then opened up the user’s email address book and emailed the virus to all the addresses contained within.
But how could this happen? Well on receiving an email which contained text that looked like code, Microsoft’s Outlook would go oh I know what this is I’ll automatically run this code for the user when they preview the email. Maybe a nice cool idea but also a very bad one because of the potential for harm.
Linux is far less helpful! It would simply display the code as ordinary text within the email. In order to run it you would have to save the attachment, possibly edit it to clean it up, and then actually run it inside an interpreter. Less cool and less helpful but it gives time for people to look at the email attachment and reconsider the wisdom of running it in the first place.
This cool feature approach is not limited to desktop tools either. For example, Microsoft’s programming APIs (essentially programmers’ toolkits) are littered with them. Unfortunately they have been abused and have helped many a hacker.
Whilst on Linux even if there are equivalent dirty tricks a hacker can use, they are usually much harder or more involved to do. Unix and Linux have kept their core system APIs small and clean. Unless there is a very good legitimate reason for including a new feature, it does not go in.
Once a Linux system is set up one can run it year in year out, installing software and then removing it again without much or any fear of some sort of slowdown or clogging up of the system.
Not so with MS-Windows. Even if you just install the software you need the system starts to grind after a while.
There are two main culprits to slowdown on a MS-Windows system:
- CrapWare – This is the so called value added software that gets installed along with the stuff you really want. The worst example of this that I have encountered was an HP printer driver that installed a version of TomCat (basically a web server written in Java) so that one could check the printer status via a served up web page! Other examples include the useless application bars that get added to Explorer, software updaters etc.
- Virus Checkers – Some would argue that these often do more damage than the average virus, killing a machine’s performance down to a fraction of what it is capable of.
I think we all know the sort of software I am referring to here. How do you combat it?
Firstly download sites may give you different versions of the same software, one with just the program, which you may have to install manually, and the automated installer that comes with some added extras (not malicious, just unwanted).
If no choice is given there then the installer may give you a choice. For example, the HP driver installer gave me the choice of using the TomCat status monitoring software, I was just not expecting it to do that and so did not look for the option to skip that part of the installation.
Sometimes you are not given a choice but one can always go into the system and prevent the software from starting up on login. I will probably blog on this at some point although there are plenty of places that tell you how to do this.
My MS-Windows XP systems run faster today than the day I got them ten years ago (the speed improvements being down to tuning and more memory). So far I have not had to reinstall any of them. Why? Because I am careful about what I install, I clean up the system (including the registry) after uninstalling any software and I keep a watchful eye on what gets run and when. However this all takes skill and effort.
Linux on the other hand tends to largely if not solely rely on open source software. As such it rarely comes with CrapWare as the authors probably despise it as much as we do. There is also little financial motivation behind most open source software other than paid for support. If a project did behave badly by including CrapWare then the open source community would probably find an alternative to it anyway.
Updates to the software are done at the system level rather than at the application level. Thus there is only one software updater that needs to be run for the entire system. Also software that is installed is usually better structured and has a very clean separation of where system wide configuration data and user preferences go. The software is more compartmentalised, you do not have to dump libraries into shared directories, you are free to store them under their own directory alongside the application if you so wish.
One thing that is often sited, usually by companies trying to peddle their cleaning software, is that the size of the Windows registry can slow down a system. I have never encountered this problem. I guess if you had a really massive registry then there might be an issue but if your system cannot index into a few tens of megabytes of data then you are probably screwed anyway. The more likely issue is that the registry may or may not contain data that is needed for a speedy startup, either because it has become corrupt or someone erroneously removed a few entries. So take regular backups.
As a consequence of some of the design decisions that Microsoft took, when I set up an MS-Windows system I decide what software I want on there and stick to it. I do not fiddle around and install stuff to just try it out and then remove it again. That will lead to disaster. Instead if you want to play around with different bits of software, try running MS-Windows in a virtual machine and then set up the disks to be non-persistent. You can then try stuff out to your heart’s content and then reset the machine back to a pristine state when you are done. Once you have decided on a new bit of software then you can install it, possibly avoiding otherwise unforeseen pitfalls, on your real desktop machine.
Excellent virtualisation software is freely available. One such product is VirtualBox. Another is VMware, however their server software is quite heavy weight and their player products increasingly have hardware dependencies that stop them from working on some older hardware.
Virus Checkers And Other Security Procducts
These are the bane of most MS-Windows users’ lives. They clog up perfectly good systems with their on access checking, bringing the fastest machines to a grinding standstill, and can cause hardware failures.
This is not really the fault of Microsoft. They cannot help being popular! If Linux took over the desktop market and had a 90% share then it would face similar issues (not to the same extent but none the less similar).
Anti-virus companies and security experts love horror stories about viruses and malware. It is in their interest, after all that is how they make their money, by peddling fear and getting us to spend money on their protective software. The fact that for a careful and sensible home user, anti-virus software probably has more of a negative impact against their machine on a daily basis than any virus would do seems to be forgotten. Not that an infection is not serious, but if the right precautions are taken then it is usually very short lived and the repercussions minimal.
However remember that these companies not only provide security software for home users but also to companies and institutions as well. These customers usually have far greater exposure on the Internet as an entity and do get systematically attacked and bombarded by exploits and malware all the time. If anything the risk in this arena is underestimated. There are many more reasons why attackers go after these types of target; political, financial, revenge, organised crime etc.
Some of those motivations still apply to the home user, but normally in a much less targeted way. I.e. the attacker goes after anyone’s bank account details by sending out spam phishing emails, purporting to come from a legitimate bank, asking for those details. This blunderbuss approach will fail 99% of the time, but somewhere there will be someone unwise enough and who has an account with that bank that will respond.
Nonetheless the risks faced by companies and home users tend to get bundled together and distinctions get blurred.
With all the horror stories flying around try to not confuse what is technically possible with what is likely. Remember all the noise about image files potentially being able to exploit your computer? Yes it is technically possible as it would be with any data that is sloppily interpreted by software. But is it very likely? Less so. Attackers would typically try more lucrative routes, because if you behave responsibly and patch regularly such vulnerabilities are short lived. Your data is probably more at risk from accidental deletion or hardware failure.
It is all about sensible risk management.
For example, a lot of attackers are labelled script kiddies as these are presumed to be bored children running hacking scripts written by someone else against random targets. Sometimes they get lucky, sometimes they do not. They are largely seen as a nuisance more than anything. Attackers are not necessarily that skilled. It tends to be a case of a large majority attacking off the back of a very small and clever élite. However all such detected attacks get recorded, be they noisy unskilled poking around or more skilled endeavours. Yet the former is almost considered noise and to be expected and the latter is much more concerning.
Make no mistake, if a talented attacker went after your machine then sooner or later they would probably compromise your computer. Remember that this post is aimed at the home user and not at companies. So why would such a home user be targeted in such a determined fashion? If you are an average computer user who has taken sensible precautions then an attacker will most likely move onto other easier targets.
Another area of risk is from accessing compromised online content, or from the use of file sharing software. Again stick to reputable sites and review your use of client software. Most mainstream sites will do a pretty good job at keeping their pages free of malicious content resulting from compromised systems.
Also remember this sobering fact. Virus checkers and root kit detectors only pick up on stuff that is known about. Some may use heuristics to determine what looks dodgy as well as dumb signatures but these are going after things that are know about. Stuff that is not known about will probably slip right through.
Am I saying that one can do without anti-virus software? On a Linux desktop at the moment yes you probably can quite happily. On MS-Windows it really depends upon you and your usage of your system, but generally no you could not unless you really knew what you were doing. So no I am not recommending that at all. Just a more targeted approach that may suit your needs better. For example you may be able to switch off on access checking but take other precautions instead that do not cripple your system. For instance:
- Update and patch regularly. Little and often rather than en masse once a year.
- Take backups regularly. Imagine as you are reading this that your hard disk failed right now and you lost everything on it. What your reaction would be? Would you be fed up at the cost of getting a new hard disk or distraught at the loss of all the family pictures and movies? If it is the latter then get your backup strategy sorted out and fast.
- Sensible usage. Avoid dodgy sites, question the wisdom of blindly installing file sharing software etc.
- Use firewalls.
- Use an up to date virus checker. Even if on access scanning is disabled you still need to scan new downloads.
- Try and avoid installing software that is downloaded during the installation process, or at least enable on access scanning for the duration. You do not know what is being downloaded to your computer.
- Store sensitive data off the system on a pen drive in an encrypted file or files.
For example, I have anti-virus installed but do not use on access scanning. I scan all downloaded software, patch regularly, backup the entire system regularly and only use reputable software from known sources. I also make use of software and hardware firewalls. Sensitive data are kept on a pen drive and encrypted. I do not visit dodgy sites or look for software cracking tools etc. I do a full system scan about every six months.
Have my MS-Windows machines been infected? Yes twice in ten years. I quickly noticed strange behaviour and simply restored the entire system from backup, including the boot sector. No personal data was compromised because it was on the pen drive and not on the computer. The time from infection to being up and running again was about 30 minutes, and 10 minutes of that was spent investigating the strange behaviour. Both occasions I was running full on access virus checkers and other security products. Both infections resulted from my stupidity and carelessness, but the virus checkers did nothing to prevent it. My other precautions meant that I was mildly inconvenienced rather than devastated by the infection.
However, in comparison to two half hour outages in ten years, on access scanning slowed my boot up and login time to about five minutes. I probably lost another five to ten minutes throughout the day waiting for stuff to be needlessly scanned. It all adds up. I am not even sure it was not responsible for a disk failure.
I now do not have on access scanning enabled and can enjoy the full speed of my machine without hindrance.
If however you are not very familiar with MS-Windows and computers in general then having a full-blown virus checker with on access scanning and additional security products installed will help give you peace of mind. Just do not expect your computer to be blazingly fast. But also remember to follow those precautions listed above as well.
A lot of people associate MS-Windows system with being easily hacked. Whilst this was originally true, Microsoft have made tremendous progress in sorting out some of their security issues and now take security very seriously. They have had to, it is bad business to do otherwise.
A lot of hackers find vulnerabilities because they like the challenge. They are inquisitive and curious people by nature. Only a very small percentage put that interest to bad use and even then it is usually third parties making use of that knowledge and not the hacker themselves. Normally a hacker will contact the vendor and alert them to the security issue, giving the vendor a reasonable amount of time to fix the issue before public disclosure.
However some companies are very complacent about such information, at least to begin with. Apple was one such company. For a long time Apple had believed, as did many others, that they were unhackable. Even thinking that is a recipe for disaster. Despite hackers finding vulnerabilities in their software, Apple still took little to no notice. These vulnerabilities became public and then Apple had to act in the face of customer reaction and a spate of attacks. It is interesting to see that the outcome of this hacking contest had the Apple finishing in third place behind MS-Windows, which in turn was behind Linux (which remained unhacked).
Microsoft now have a good track record at reacting to new vulnerabilities found in their software and readily welcome help in this regard. Let us hope Apple have now adopted a similar attitude.
As for Linux, some people say that being open source means that it is easier to hack. That is true but it is also easier to fix as well. You are not dependent on a company to do it for you. The hacker, once they have found the vulnerability, can simply go in and fix it or at least submit a patch to the maintainer. Also the source code is open to scrutiny by everyone and not just to people in one company.
One thing that is often said about Linux is its reliability when compared to MS-Windows. In the server arena Linux is renowned for unrivalled reliability and rightly so.
However in the desktop arena this is not necessarily the case. The main issue is usually graphics hardware. If you can choose the right hardware then this reputation extends to the desktop as well. NVidia provide Linux drivers for their cards and Intel graphics chipsets tend to be very well supported. But, for example, with ATI graphics cards your mileage may vary.
The most unreliable system I have at the moment is an IBM laptop with an ATI graphics card running Linux. At its worst it was crashing every time I tried to use it. When it was behaving it would crash about once a month. MS-Windows XP on that laptop, it is dual-boot, has never failed once. Admittedly this was largely down to a firmware issue (having patched the BIOS it has yet to crash after three months of frequent use) but firmware or not it always worked fine under MS-Windows. My desktop machine had a kernel panic, the first time in many years, when I unmounted and ejected an NTFS USB drive. Ok the Linux machines get a real pounding on a daily basis and MS-Windows cannot even access Linux file systems, but nothing is perfect including Linux.
Oh and before the Mac-OSX fanboys start up. Remember Linux pretty much has to run on any old rubbish hardware that is thrown at it as well as the new stuff. Whereas Apple ties down their hardware very specifically, if only MS-Windows and Linux had that luxury.
My experience with MS-Windows XP almost rivals that of my Linux desktop system. There were a few kernel panics on booting up to begin with, but updates soon dealt with that. Another MS-Windows XP machine had issues with Java crashing the machine, again updates dealt with that quite quickly. Since then so far so good.
In fact most of the crashes on MS-Windows were not crashes at all. I was simply locked out of the desktop. Usually this was when a full screen game malfunctioned. The system was running and stable but I could not do anything with it as I had lost control of the console as this was under the game’s control. I subsequently installed Cygwin’s ssh daemon so that I could log in remotely and simply terminate the offending game. Ever since then this is what I have done on game lockout and every time I have immediately got back a working desktop. Most people would have just gone `oh **** windows’ and pressed the reset button, which is understandable but unfair.
Switching To Linux
There are a few things to remember. Linux is still rougher around the edges than MS-Windows. However once installed and running it is very good. So do not be put off by some of the initial pain you may have. Also if you run into difficulties then someone else will have probably stumbled across the same issue and have documented a solution to it online. Generally people are only too happy to help.
If you are a utilitarian end-user of MS-Windows and would like to give Linux a try then only do so if you have someone on hand that can help you out when need be. For example, my Mother has used Linux for years now and gets on with it perfectly well. But when something goes wrong or she needs something explained to her then she can call upon me to help out. I also set the system up for her in the first place. Remember you probably bought your PC with MS-Windows pre-installed for you. All the hard work was already done for you. You may want to consider buying a PC with Linux pre-installed, although this is a rather expensive choice really.
There are also a large number distributions to go for. However Ubuntu and Linux Mint are probably most worthy of a look.
Be aware that whilst there is a tremendous amount of software out there for Linux, some killer applications will not be available. Adobe Photoshop being one. There is Gimp on Linux which is a very capable product and would suffice for some photo touch up work, but it is no Photoshop. You could perhaps virtualise the required software or run it under Wine but it is worth looking into what you want to do with your system and what is available before permanently switching.
Another thing to consider is that Linux does not have many games ported to it, although this is beginning to change slowly.
The one main issue is hardware support. These days it is pretty darn good. You may be wondering why Linux has an issue and not MS-Windows. Well hardware manufacturers provide software that will drive their hardware correctly under MS-Windows but most do not for Linux. Thus the Linux community have to write their own software. The upside is you will most likely install Linux and everything just works without having to resort to installing additional software as you would on MS-Windows. The downside is that very occasionally for really new or obscure hardware you may have little or no support, certainly in the short-term.
Be prepared for some amount of pain. But if you persevere you will end up with a cracking system with loads of useful software that will run at a decent rate on older hardware as well as new.
If you are a utilitarian user who is largely happy with the MS-Windows experience then I would stay put. If it works for you why change?
Also will you be able to run all the software that you need on Linux, or find suitable equivalents? If you are into surfing the web, basic photo touch up work, writing documents, 3D modelling or coding then you are good to go. If it is movie editing then you may want to look more closely before leaping (although this seems to be getting a lot better just recently with some major players now supporting Linux).
If you are fed up with virus checkers grinding your machine into a pulp, slowdowns over time, do not want to contend with software installers that act like badly behaved puppies (in that they leave little messes around the place) or are simply fed up of having to wait for all the software updaters to finish their work every time you try to run something… Then perhaps you are ready for the switch. One can always shrink MS-Windows on disk down in size and set the system up to dual-boot. That way you have a safety blanket to fall back on.
If you are considering a switch to Mac-OSX then also seriously consider Linux. You can do the switch to Linux on your existing hardware rather than pay way over the odds for new hardware with an Apple logo on it, which will probably be made obsolete by Apple in five years anyway.
I have dual-boot systems at home. What do I use them for? MS-Windows XP is basically Photoshop work, games and a bit of video editing. The latter may well switch in the near future. Everything else I do on Linux (surfing the web, documents, accounts, email, coding/programming, blogging, artwork and yes a bit of video editing oh and 3D modelling of all things – still not very good at this though!).