Steve's Views Rotating Header Image

February, 2007:

Why Windows is less secure then Linux

It’s one thing to know by your own experience, another to be told by others.
Sometimes you run into something that communicates very well. Like images. Here’s an article that does just that. It communicates graphically in a way that is hard to put in words.

Why Windows is less secure than Linux by ZDNet‘s Richard Stiennon
— Windows is inherently harder to secure than Linux. There I said it. The simple truth.

Many millions of words have been written and said on this topic. I have a couple of pictures. The basic argument goes like this. In its long evolution, Windows has grown so complicated that it is harder to secure. Well these images make the point very well. Both images are a complete map of the system calls that occur when a web server serves up a single page of html with a single picture. The same page and picture.

A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications.

This is a comparison between Linux and their web server and Windows and their webserver. The first picture is of the system calls that occur on a Linux server running Apache.

syscallapachesmall

This second image is of a Windows Server running IIS.

syscalliissmall

The difference is clear. Thanks to Sana Security for generating and providing these images.

Please note that 1. I am not a journalist. 2. I do not work for ZDnet. 3. I am an independant blogger. 4. This is a blog entry not a news article.