Decrypt This - By Chris Stobing
 
Home > Computing > OS security showdown

OS security showdown

2014 has been a tumultuous year for personal security. Through the continuing revelations of NSA leaks, North Koreans shutting down Sony, and the big bad bug that made everyone’s Heart Bleed, the past twelve months have shown that the hairiest of hacks are almost always in the last place you’d think to look.

But as long as you’re not planning on releasing a movie that depicts the faux-assassination of foreign leaders in the near future, you should be safe. Right? Well, that partially depends on the operating system you use.

I’ll weigh the pros and cons of privacy from the top four consumer operating systems, and help you decide which is the best choice for maintaining the safety, security, and privacy of your personal data while working and playing online. Only one can offer the best OS security of them all.

Windows

Windows has always enjoyed a stable (read: overwhelmingly dominant) slice of the PC market, and is already long past the point of needing to prove itself. It enjoys the widest range of software around, too — a boon that’s also its curse.

When talking about security it’s hard not to mention the many pitfalls of the Windows architecture. The same wide tundra of customization users have come to expect also makes it one of the most vulnerable operating systems around. Though it would be close to impossible to list all the security flaws found burrowed in its binary during the course of the past year, one needn’t look much further than the discovery of the decades-old Schannel bug as a prime example for what users should expect whenever they run a Windows variant on their home or business networks.

bluescreenofdeathvirus

An SSL vulnerability which laid dormant in every version of the OS stretching back to the earliest iterations of Windows 3.1, the Schannel vulnerability shows that even after thousands of security updates, new builds, and from-the-ground-up certification audits, the sheer magnitude of what Windows offers means it will always be a little bit further behind the curve than the rest.

And then there’s this: Microsoft cut XP from the list of Windows versions that receive regular updates from the company’s Patch Tuesday roster in March. System administrators everywhere collectively shuddered at the thought of what virus distributors would come up with to exploit an OS that makes up nearly 15 percent of current installations still active in their ecosystem.

Granted, that number has been falling steadily month by month, but the threat should still be a very real concern for anyone who wants to be sure that what they’re doing on the web isn’t being monitored or monetized by an unknown third party.

Overall, Windows is the option if you’re looking to strike a balance between hardware capability and application availability, but it falls short in security. Microsoft can’t clamp down on malware without restricting its relatively open stance towards applications — which, of course, is part of why Windows is so popular. How’s that for a bind?

Linux

This OS is built for power users and lays out a blank canvas for anyone with a bit of programming prowess who wants to create an operating system experience that’s tailor-fit just for them.

Unfortunately, much like Windows, its open-ended architecture gives viruses room to play. This year saw the introduction of Operation Windigo, a particularly ingenious piece of code that had weaseled its way into upwards of 25,000 UNIX servers and has the potential to sneak into the backdoors of another half million Linux-based desktops across the globe.

linuxsecurityscreen

The virus spreads the way most do, by spamming out troves of infected email attachments to thousands of accounts at once, and throwing out a line to any recipients that were foolish enough to send something back.

And just a few days ago Digital Trends reported on the discovery of the holiday-hampering Grinch bug, an unfixed flaw deep in the Linux source code which gave those with knowledge of its existence the ability to access root-level control of every aspect of the Linux file system, including most builds of Android from Gingerbread to the upcoming Lollipop 5.1.

Linux benefits from its extreme range of customization options and is at its best when the used by someone who actively uses the best security practices. If you’re tech-savvy enough to take on the task, this OS is an optimal choice, but not everyone has such knowledge. Though arguably safer than Windows because it’s less frequently used (a concept known as security through obscurity) it’s not inherently more secure.

Mac OS X

“Hi, I’m a Mac. And I’m a PC.”

Unless you were living under a rock during the mid-2000’s you can probably recite with near word-for-word accuracy how the commercial goes from there. Mac is more secure than PC. Mac doesn’t get viruses, and has the cleanest, most efficient operating system. Plus, it’s obviously the much cooler choice because Justin Long is wearing a blue hoodie, opposite John Hodgman’s buttoned-down gray suit.

Apple has long since waved goodbye to its comparison campaign. Today the company focuses on the sleek, slim, and sexy design of its products instead of what makes its computers more secure than the rest. That may be because OS X is no longer a nigh-impenetrable fortress. As the rate of adoption for Apple laptops and desktops surged, malware makers looked to OS X as a viable platform for pulling in profits through their clandestine hacking networks.

2014 saw some of the largest and most financially successful exploits ever released for OS X. This list includes the traffic-logging Rootpipe trojan, an iPhone cracking installation called WireLurker, and the iSight-integrated webcam-peeping app that plagued 2013’s Miss Teen USA, Cassidy Wolf. Apple was able to coast on its low-key laurels for the better half of its lifespan, but now the wolves are circling, ready to attack the Mac’s growing user base.

Despite these slight slips, though, OS X remains one of the safest operating systems available today. Apple’s firm grasp over its operating system has resulted in a reliable string of updates that plug up holes before they have a chance to snowball out of anyone’s control. Out of all the entries in this list, OS X (and its mobile cousin iOS), are the only two that weren’t affected by the now infamous Heartbleed bug that had been tearing the Internet in two for over five years before anyone noticed it was a problem in the first place.

Increased popularity means more programs and applications are coming to OS X, which could mean more vulnerabilities. Apple has responded with a stringent approval process that catches most issues before they go live. The company has been able to keep most of the wolves at bay. For now.

Chrome OS

Now I arrive at the newest operating system in the fight. One which, by way of its youth and vigor, happens to be the most secure.

Google has, for the time being at least, landed itself in the sweet spot that Mac enjoyed for the early half of the previous decade. A comfortably covert crevice where its share of the market isn’t large enough to make serious exploits profitable (or glamorous) enough for the average hacker to pursue, and the underlying structure of its system is fresh enough that staying on top of security isn’t a cumbersome task.

Toshiba Chromebook 2 front open

Time and time again the search giant has been able to stand tall at the mother of all cryptography competitions, its very own bi-annual Pwnium hacking consortium held at the CanSecWest Security Conference. Of all the entries at the competition, Google let slip a comparatively minor three holes in its operating system and web browser combined, each of which were patched up before the contest participants could check their badges on the way off the main show floor.

The sole drawback of this operating system is that if you want your Chromebook to be more secure than it already is there’s no way to install third-party software without digging into the guts of the machine and morphing it into a box running a bastardized version of Ubuntu Linux first. Google maintains its security superiority by restricting users to the confines of the web browser and restricting the installation of third-party software.

Limited customization is always frowned on by certain users, but it’s not a bad thing for security. Chromebooks make good sense for kids or grandparents who want to get on the net as effortlessly and safely as possible. They also work wonders if you’re in need of a cheap, reliable way to stay connected on the road without having to tweak your firewall rules for every Wi-Fi hotspot along the way.

Wrap Up

So what’s the best option if security is a prime concern?

I’d have to say Chrome OS. However, the limited functionality and restricted flexibility of the operating system make it a hard sell for anyone who wants something more out of their laptop than a web browser with a couple of add-ons installed can provide.

From a practical perspective, then, OS X is the obvious choice. Apple has proven itself to be one of the best at fighting off the bad guys, yet there’s also a broad range of software available. Not as much as Windows, to be sure, but enough for most users to get their feet wet.

OS X is a prime example of what modern operating system security should look like. It’s not impenetrable, but when the chips are down and North Korea’s knocking at your back door you’d be better of with Apple’s operating system than with any other.

Image credit: isak55/Shutterstock, Jayson Photography/Shutterstock,