It’s Secure

Security is a tough nut to crack, both with respect to making something secure and judging something to be secure. I’m going to call Ubuntu secure, and I suspect that there’s going to be a lot of disagreement here. Nonetheless, allow me to explain why I consider Ubuntu secure.

Let’s first throw out the idea that any desktop OS can be perfectly secure. The weakest component in any system is the user – if they can install software, they can install malware. So while Ubuntu would be extremely secure if the user could not install any software, it would not be very useful to be that way. Ubuntu is just as capable as any other desktop OS out there when it comes to catching malware if the user is dedicated enough. The dancing pigs problem is not solved here.

Nevertheless, Ubuntu is more secure than other OSes (and let’s be frank, we’re talking about Windows) for two reasons. The first is for practical reasons, and the second is for technical reasons.

To completely butcher a metaphor here: if your operating system has vulnerabilities and no one is exploiting them, is it really vulnerable? The logical answer to that is “yes” and yet that’s not quite how things work. Or more simply put: when’s the last time you’ve seen a malware outbreak ravaging the Ubuntu (or any desktop Linux distro) community?

Apple often gets nailed for this logic, and yet I have a hard time disagreeing with it. If no one is trying to break into your computer, then right now, at this moment, it’s secure. The Ubuntu and Mac OS X user bases are so tiny compared to that of Windows that attacking anything but Windows makes very little sense from an attacker’s perspective.

It’s true that they’re soft targets – few machines run anti-virus software and there’s no other malware to fend off – but that does not seem to be driving any kind of significant malware creation for either platform. This goes particularly for Mac OS X, where security researchers have been warning about the complacent nature this creates, but other than a few proof of concept trojan horses, the only time anyone seems to be making a real effort to break into a Mac is to win one.

So I am going to call Ubuntu, with its smaller-yet user base and lack of active threats, practically secure. No one is trying to break into Ubuntu machines, and there’s a number of years’ worth of history with the similar Mac OS X that says it’s not going to change. There just aren’t any credible threats to be worried about right now.

With that said, there are plenty of good technical reasons too for why Ubuntu is secure; while it may be practically secure, it would also be difficult to break into the OS even if you wanted to. Probably the most noteworthy aspect here is that Ubuntu does not ship with any outward facing services or daemons, which means there is nothing listening that can be compromised for facilitating a fully automated remote code execution attack. Windows has historically been compromised many times through these attacks, most recently in October of 2008. Firewalls are intended to prevent these kinds of issues, but there is always someone out there that manages to be completely exposed to the internet anyhow, hence not having any outward facing services in the first place is an excellent design decision.

Less enthusing about Ubuntu’s design choices however is that in part because of the lack of services to expose, the OS does not ship with an enabled firewall. The Linux kernel does have built-in firewall functionality through iptables, but out of the box Ubuntu lets everything in and out. This is similar to how Mac OS X ships, and significantly different from how Windows Vista ships, which blocks all incoming connections by default. Worse yet, Ubuntu doesn’t ship with a GUI to control the firewall either (something Mac OS X does), which necessitates pulling down a 3rd party package or configuring it via CLI.

Operating System Inbound Outbound
Windows Vista All applications blocked, applications can request an open port All applications allowed, complex GUI to allow blocking them
Ubuntu 8.04 All applications allowed, no GUI to change this All applications allowed, no GUI to change this
Mac OS X 10.5 All applications allowed, simple GUI to allow blocking them All applications allowed, no GUI to change this

Now to be fair, even if Ubuntu had shipped with a GUI tool for configuring its firewall I likely would have set it up exactly the same as how I leave Mac OS X set up – all incoming connections allowed – nevertheless I find myself scratching my head. Host-based firewalls aren’t the solution to all that ails computer security, but they’re also good ideas. I would rather see Ubuntu ship like Vista does, with an active firewall blocking incoming connections.

Backwards compatibility, or rather the lack thereof, is also a technical security benefit for Ubuntu. Unlike Windows, which attempts to provide security and still support old software that pre-dates modern security in Windows, Ubuntu does not have any such legacy software to deal with. Since Linux has supported the traditional *nix security model from the get-go, properly built legacy software should not expect free reign of the system when running and hence be a modern vulnerability. This is more an artifact of previous design than a feature, but it bears mentioning as a pillar of total security.

Moving on, there is an interesting element of Ubuntu’s design being more secure, but I hesitate to call it intentional. Earlier I mentioned how an OS that doesn’t let a user install software isn’t very useful, but Ubuntu falls under this umbrella somewhat. Because the OS is based heavily around a package manager and signed packages, it’s not well-geared towards installing software outside of the package manager. Depending on how it’s packaged, many downloaded applications need to be manually assigned an executable flag before they can be run, significantly impairing the ability for a user to blindly click on anything that runs. It’s genuinely hard to run non-packaged software on Ubuntu, and in this case that’s a security benefit – it’s that much harder to coerce a user to run malware, even if the dancing pigs problem isn’t solved.

Rounding out the security underpinnings of Ubuntu, we have the more traditional mechanisms. No-eXecute bit support helps to prevent buffer overflow attacks, and Address Space Layout Randomization makes targeting specific memory addresses harder. The traditional *nix sudo security mechanism keeps software running with user privileges unless specifically authenticated to take on full root abilities, making it functionally similar to UAC on Vista (or rather, the other way around). Finally, Ubuntu comes with the AppArmor and SELinux security policy features that enable further locking down the OS, although these are generally overkill for home use.

There’s one last issue I’d like to touch on when it comes to technical security measures, and that’s the nature of open source software. There is a well-reasoned argument that open source software is more secure because it allows for anyone to check the source code for security vulnerabilities and to fix them. Conversely, being able to see the source code means that such vulnerabilities cannot be completely obscured from public view.

It’s not a settled debate, nor do I intend to settle it, but it bears mentioning. Looking through the list of updates on a fresh Ubuntu install and the CERT vulnerability list, there are a number of potential vulnerabilities in various programs included with Ubuntu – Firefox for example has been patched for vulnerabilities seven times now. There are enough vulnerabilities that I don’t believe just counting them is a good way to decide if Ubuntu being open source has a significant impact on improving its security. Plus this comes full-circle with the notion of Ubuntu being practically secure (are there more vulnerabilities that people aren’t bothering to look for?), but nevertheless it’s my belief that being open source is a security benefit for Ubuntu here, even if I can’t completely prove it.

Because of the aforementioned ability to see and modify any and every bit of code in Ubuntu and its applications, Ubuntu also gains a security advantage in that it’s possible for users to manually patch flaws immediately (assuming they know how) and that with that ability Ubuntu security updates are pushed out just about as rapidly as humanly possible. This is a significant distinction from Windows and Patch Tuesday, and while Microsoft has a good business reason for doing this (IT admins would rather get all their patches at once, rather than testing new patches constantly) it’s not good technical reasoning. Ubuntu is more secure than Windows through the virtue of patching most vulnerabilities sooner than Windows.

Finally, looking at Ubuntu there are certainly areas for improvement with security. I’ve already touched on the firewall abilities, but sandboxing is the other notable weakness here. Windows has seen a lot of work put into sandboxing Internet Explorer so that machines cannot get hit with drive-by malware downloads, and it has proven to be effective. Both Internet Explorer and Google’s Chrome implement sandboxes using different methods, with similar results. Meanwhile Chrome is not ready for Linux, and Firefox lacks sandboxing abilities. Given the importance of the browser in certain kinds of malware infections, Ubuntu would benefit greatly from having Firefox sandboxed, even if no one is specifically targeting Ubuntu right now.

It’s Free – Libre Ubuntu – Long Term Support
Comments Locked

195 Comments

View All Comments

  • amrs - Saturday, September 26, 2009 - link

    Your ignorance and stupidity is showing here. No engineering software for Linux? Hello? Matlab is available, Simulink is available, Labview the same. Xilinx and Altera have supported Linux for a long time and so do the smaller FPGA houses like Lattice and Actel. Mentor Graphics too. Orcad is the only one you mentioned that isn't available on Linux, but Cadence does support Linux with their Allegro product and so does Mentor Graphics with PADS and Board Station and Expedition.

  • MadIgor - Thursday, September 24, 2009 - link

    I have to disagree. You are NOT talking abut average Joe/Jane. I think that even the article author is kind of biased towards enthusiast user. Ubuntu actualy completes all needs of average Joe/Jane user, you can browse www, you can do email/scheduling, you can play games (easy non enthusiast games), you can DL pictures from your camera and edit them, you can even playback mp3/CD and video, do basic office work, all out of the box. The gnom learning curve for PC beginners is much shorter then with windows. Most of the average Joes/Janes dont install aps or peripherals by themselfs, belive me I had to install it for them many many times on Win systems (the best is "installing" digital camera: plug one wire end in camera, other in PC). Yes I agree that installing Ubuntu so that ALL is runing right may be pain in the ass, but average Joe/Jane naever install their system (not Win, nor MacOS), but when they get the PC with preinstalled Ubuntu you are done. With windows you have to worry that they will "bother" you every few months with non working system. Yes it might be nice source of income for PC technician, but not always welcome as reliability advertising (for customer to come).
    I did some instalation of Ubuntu to my customers mostly as a "safe" web/mail PC, they all where used to windows platform already, after one week of using Ubuntu even the hardest critisizer where comfy to use Ubuntu (some even asked me to install it on their home PCs), The most "problem" was: that no one can read our "excel" files. So I showed them that it has to be saved with .xls extension and voila, no more problems. I was NEVER asked for any CAD system, nor MATHLAB, not even Graphics apps, all what they used in offie was already there! Then there are home users, only complaint was that thay had windows at work, but after few houres all was fine, only kids had problems that they cannot play enthusiast games on it. My wife is running Ubuntu for three years now, with no problem. When my 62 year old mother asked me for a computer I brought her a notebook with Ubuntu, had no time to explain it comming next mornig. My mom never used a computer before (ok shooting ships on my ATARI doesnt count), next mornig I came there, she was already browsing. I asked her how did she do that and she said its easy, tap the aplications then internet and one of the apps was "internet". She even installed the snake game, Isaid how did you do that, she said in aplications section is install new aplication, then she clicked on games and then she piscked what she tought would be the game for her and then install, whas that wrong? she asked, I said NO, its right.
    BTW no one knows that they can use CLI or that there is some terminal window in Ubuntu. They are average Joes/Janes.
    Not everyone is an enthusisat with PC full of stuff that, and be honest, you dont use on dayli base.
    The truth is that Ubuntu will not be a succesfull system for enthusiast or high level profesionals until big software houses (Adobe, hallo!) and game producers will not start to port software for Linux. But that is not fault of Ubuntu or linux and again we are not talking here about majority of users (I mean Joes/Janes).
  • fazer150 - Friday, September 4, 2009 - link

    All folks who think Linux is hard. Have you tried PCLinuxOS? this is easier to install, use than Windows XP, 2003 and Vista period.
    there is no Windows hatred here, but you have to try that before you complain.
    I have access to all Windows OS at work including the latest Win 7 RC but i find PCLinuxOS easy to setup and use. Needs no special admin skills every config is GUI driven.
    Linux has come a long way from where it was 5 years ago!
  • Cynicist - Sunday, September 6, 2009 - link

    There are two things I'd like to comment on that bothered me about this article. Firstly, most regular users do not use LTS, the software is just too old and the latest releases of Ubuntu are quite stable. LTS is mostly guaranteed stability for corporate environments.

    Second, this package manager hatred is based on this flawed idea that no packages exist outside of the official repositories. A simple google search for deb packages leads to GetDeb.net, a website dedicated to providing up to date packages of all kinds of software specifically for Ubuntu. Google search too hard you say? But its even less difficult to find packages because many project sites (such as wine, featured in this article) include multiple packages for various distributions and even PACKAGE TYPES.

    Overall not a bad article. The author definitely knows technology and I'm grateful for that, but he did not seem to do much research on the actual community itself or the Linux Way of doing things. These are minor issues which will resolve themselves with time and I'm looking forward to seeing more linux articles on this site in the future.
  • cliffa3 - Thursday, September 3, 2009 - link

    I was concerned as well with the constant releases...until I upgraded the first time. I had set aside the better part of an evening because I was *sure* there were going to be plenty of headaches. I've done three such version upgrades now and am happy (not to mention shocked) to report that it's literally a one click upgrade. Simply amazing. I'm sure something will get mucked up in the future with one of the version upgrades for me...but for now all has gone amazingly smooth.

    That being the case, I have to disagree with you on the "they release too often" point. I understand it's a pain to sift through all the search results on the forums, but I also have found some older threads (sometime 3 versions back) that the same fixes work for my issue. I agree they need to tag posts with version info...that would make it far easier. Also, there's far more useful information in the (versionally-diluted) forums than I've found for any other piece of software or OS I've used. I almost don't cringe when I have a problem or issue now because I'm quite confident I can find the information without too much digging.

    I'd encourage you to upgrade versions from your current install (don't wipe) and comment on how the process goes. Maybe I've just had an extremely easy (and lucky) go of things with no problems...it'll be interesting to read your experiences. Honestly with how easy my upgrades have been, I look forward to new releases (but still give them a few weeks before upgrading...just to see the comments from other users).
  • Mem - Wednesday, September 2, 2009 - link

    Very good read as usual,personally I like to see Kubuntu reviewed at some point(I hear Kubuntu 9.10 is due in Oct) ,as you know its the KDE version,also Gnome and KDE compared would be interesting.

    I think the main problem for new Linux users is which one to go with,sure they are all free but it can be confusing and time consuming to try them all,some are more noob friendly then others like Ubuntu/Mint.
  • lishi - Wednesday, September 2, 2009 - link

    Since you spend so many time dealing with the windows its worth pointing that compiz is actually much more powerful then what you wrote.

    Install the package ccsm-simple for more option.(like different application selector, different windows animations etc).

    Or install ccsm for the complete configuration tools. Given most of them are eye-candy there some who can improve the desktop experience.
  • sethk - Tuesday, September 1, 2009 - link

    In this sentence:
    "It’s undoubtedly a smart choice, because if Ubuntu wiped out Windows like Windows does Ubuntu, it would be neigh impossible to get anyone to try it out since “try out” and “make it so you can’t boot Windows” are mutually incompatible"

    The more common phrase is 'nigh on impossible' (as in close to impossible) or you could say it's nigh-impossible. Definitely not neigh. Sorry to point out grammar issues, but this is a pet peeve, right along with pique being spelt peak or peek (as in pique my interest).
  • v8envy - Tuesday, September 1, 2009 - link

    I've been a 100% Linux desktop (Ubuntu 9.04) user at home ever since I bought my last i7 920. Gaming, multimedia, web -- everything a typical desktop user does under Windows. The inconvenience of migrating an existing Windows install & re-activation outweighed the convenience using Linux which simply booted and worked on the new hardware.

    Yes, there are times where you must fire up Google and search for solutions, some of which are commands to be pasted into a terminal window. Yes, sometimes you need to upgrade software packages (Wine is horribly out of date for instance).

    On the other hand, with Windows you get apprximately 1,337 updaters which run on startup, virus checkers, malware checkers, browser parasite checkers, firewalls, DRM and misc layers of barnacles which accumulate the longer you use the system. Thankfully the gathering of cruft is not a bane on the typical Linux system yet.

    Try 9.04 and see if it is more to your liking. LTS means nothing when most open source problems are "supported" by simply upgrading to the latest software.
  • trexpesto - Monday, August 31, 2009 - link

    "linux" is "niche" spelled inside out and backwards


    ..in rot13.

Log in

Don't have an account? Sign up now