Is Linux the safest operating system?

Article Title: Is Linux the safest operating system ?. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

There have been many discussions about what is a "secure" operating system. Especially when people compare the Three-family desktop operating systems: Microsoft Windows, Apple MacOS X, and Linux operating systems, the discussion often becomes very intense. Is Linux the safest operating system? The real answer is uncertain. It is difficult to draw such a clear conclusion that any specific operating system is "more secure" than other operating systems ".

OpenBSD is proud to have seen only two system vulnerabilities that can be remotely connected by default in its stable version history, however, this does not mean that the operating system is "safest". After all, when evaluating the security effect, we need to consider migrating from one system to another, changes in demand.

In the final analysis, any widely used general operating system may have defects theoretically. Recently, the popular virtual machine technology that allows multiple virtual computers to run simultaneously on a single physical hardware platform may lead to a special potential risk, run the operating system on a virtual computer outside the controlled environment: you only need to adjust the operating system image at the system startup time to perform such operations. For virtual machine users, this risk is becoming more and more realistic. They worry that malicious software may be able to get rid of the limitations of virtual machines and affect normal operations by operating systems installed on "bare metal.

However, theoretically, as long as a malicious tool can find a way to enter during the machine startup process, there is no specific method to limit its control of the system running in the virtual machine environment. Although it is quite difficult to do so in a remote environment, at least one situation is even more worrying during this time, and the security spoof may directly connect to the computer through physical means.

For Windows and some Linux releases, this situation is not only theoretically possible, but also a very realistic threat. Peter airay Bania has established a conceptual model that can prove the feasibility of this situation. The Kon-Boot Tool (forgot the login password, and can directly access the system) is being tested, the validity has been confirmed in four Linux releases and a series of Windows versions.

This tool can be used for legal purposes. From security research to easy recovery of systems where the administrator password has been lost, it can all play a role. At least, the author of the tool thinks this way:

It allows you to log on to Linux as a "root" user without entering the correct password, you can also upgrade the current user permission to the permissions of the "root" user. In Windows, it allows you to access all password-protected accounts without a password.

If you want your computer to be protected from any boot damage from physical connections, you should disable all CD, DVD, and floppy disk boot functions, find and lock all external device ports except the internal hard drive that can be used to boot the system.

In addition to locking, selecting an operating system not supported by the tool is also a method. For example, MacOS X or BSD Unix operating system like FreeBSD. Although it is inevitable that other operating systems are under similar attacks, it is only a matter of time, but at least at present, you can rest assured that the system is secure.

In fact, the story explains the simple principle: Be careful with the prevention of people around the computer and give effective access control.