In last month’s column, I said “I’m more secure on a Mac than I was on Windows XP.” Some of you asked how Linux fares in that comparison.
To that, I’ll say I’m marginally more secure on Linux than on a Mac, but I prefer a Mac anyway. I can almost see my inbox filling with flames from you penguin lovers everywhere, but let me explain my opinion.
First, though, I’ll again caveat these opinions by saying that I’m not saying Linux is or isn’t more secure than Apple’s OS X. I’m saying that I’m marginally more secure on Linux than on a Mac. Here’s why.
• True to UNIXThis may seem peculiar to many of you, but I find Linux’s security controls to be more true to the UNIX model they were patterned after. OS X, on the other hand, started with the UNIX model, but then diverged rather substantially.
The notion of root and even of the desktop user’s identity and security capabilities, for example, is completely different. The default desktop user, as I pointed out last month, has “administrative privileges,” but is not root per se. It’s just different.
To someone (like me) who is familiar with the UNIX security controls, this requires learning and adapting to the security extensions. In practice, I found myself configuring my OS X desktop environment to be more like a UNIX/Linux one, in that all my installed applications are owned by the real root user, for example, and that my desktop user identity has no “super powers” at all.
None of this was necessary on Linux, on the other hand, as everything that it does (at least at a user level) adheres to the established practices in UNIX. Thus, compartmenting files, users, data, etc., between the administrators and users is quite simple and entirely open to view, modify, and such.
Qualitative score:OS X gets a B- while Linux gets an A-.
• Obfuscation by “GUI-ization”In a similar vein, many of the security and connectivity details are obfuscated from the user’s view in OS X. Although this no doubt enhances its ease of use, it also degrades its ability to fine tune.
User account management is again an example here. The Accounts settings in the OS X Systems Preferencesapplication allows the administrator to create, modify, or remove user accounts (which never show up in the /etc/passwd file, by the way), but the security controls are minimal. Essentially, an account can be designated as either a standard user or as an administrator.
Well, to be fair, the administrator can also control various parental controlsthat control which desktop applications a user can execute, but that’s about it.
Underneath that GUI exterior lies the normal security controls, including file access controls and such, of a normal UNIX system. You have to push aside the GUI to get to those things, though. (At least, as far as I’ve been able to tell.)
Qualitative score:OS X gets a C while Linux gets an A.
• User data confidentiality All of this UNIX obfuscation aside, OS X does have a nifty feature for protecting a user’s data files. It’s called FileVault, and it can be (optionally) enabled via the System Preferencesapp.
Basically, what FileVaultdoes is it encrypts all of the user’s files using a symmetric encryption method. This helps protect the confidentiality of the data and reduces the disclosure, for example, of the data on a lost or stolen laptop.
My only confusion here is why Apple chose to make this an optional feature rather than an opt-out one. Perhaps it’s due to the performance hit that you get when you encrypt all your data.
Admittedly, there are a lot of data encryption options available to a desktop Linux user, but none seem to me to be as simple (or included by default) as FileVault.
Qualitative score:OS X gets an A- while Linux gets a D.
• Patch practicesNext we come to patch management. The two systems are nearly equal here in terms of capabilities, but I have to give a slight edge to Linux but with a big caveat. Each Linux vendor does its own thing with regards to patch and configuration management. I’m speaking here only for my experiences from running a Debian Linux desktop. Oh, and I should note that even inside of Debian, the patching varies between the three primary distributions: stable, testing, and unstable.
So how on earth can I defend my opinion that Linux edges out OS X here? Simple. In my experience observing the two communities, I’ve (quite subjectively again) viewed Debian as being more responsive to rapidly resolving security vulnerabilities.
That’s not to say that Apple hasn’t been responsive, and quite possibly someone with more quantitative data will come along and cast aside my “gut feel” here. That said, while running my Linux desktop, I was always impressed when I watched the latency from disclosure to patch time.
That said, I still hate the patch management practice, but it remains the worse possible solution except for all the others.
Qualitative score:OS X gets a B- while Linux gets an A-.
• Desktop targetI’m always cognizant of the lessons I learned in childhood watching educational shows like “Mutual of Omaha’s Wild Kingdom”. It’s the slow gazelle that always ends up as cheetah food. Computer attackers seem to be quite content (and fat) going after Windows users as the metaphorical slow gazelles. Indeed, to extend this bad metaphor even further, Internet Explorer and Outlook must look like slow, fat, pre-barbecued and sauced, gazelles in the eyes of the cheetahs.
I’m quite happy not attracting the attention of the cheetahs, on the other hand. As such, I’ve long favored less-than-mainstream desktop apps like Konqueror and Kmail or Safari and Mail.app.
As Apple gains market share, however, Safari and Mail.app are without a doubt going to increase in their appeal to the cheetahs. For that reason, I give a slight edge here to Linux. Ironically, Apple’s own popularity can be seen as a liability of sorts, at least in this one security aspect.
Qualitative score:OS X gets an A- while Linux gets an A.
With so many of these factors seeming to favor Linux, you may reasonably be asking why I still prefer using a Mac. Well, the answer lies in the classic trade-off that security practitioners face every day: security vs. functionality.
OS X gives me the functionality that I need as a (frequent) traveling professional, all in one place. These things include a really easy to use Wi-Fi capability, MS-Office running natively on the system, a calendar, contacts database, and a slew of other desktop software applications that just run beautifully. Yes, I’m being highly subjective here, but it’s been my experience that the desktop apps on the Mac vastly exceed, in usability terms, anything I ever found on my (now semi-retired) Debian Linux desktop.
In short, the things I need just work.
So OS X won the functionality vs. security battle for me. It’s true that I have to work a little harder to secure myself to a level that I’m comfortable with. But, I’m willing to do that for the level of functionality I get in return.
I believe that’s a really important thing for security professionals to keep firmly in mind. Quite often, the best solution is not the most secure one. I wrote this column on my Mac; I’m sticking with my Mac; and I now think of PC users as those who have never tried Macs.
Let the inbox beatings begin…