[Tutorial] Windows and Linux Comparisons
Page 1 of 1
Which OS do you prefer?
![[Tutorial] Windows and Linux Comparisons Empty](https://2img.net/i/empty.gif)
[Tutorial] Windows and Linux Comparisons
by Admin Sat Dec 19, 2009 8:37 pm
Okay...So this is a tutorial that I think needs to be a part of the
forum, as a lot of people seem to be posting very uninformed questions
about Linux and Windows. This tutorial does not give instructions on how
to do anything but instead lays a strong foundation for understanding
the structure, design, intent behind the most often implemented
Operating Systems of today. These OSes include the very popular
Microsoft Windows line of OSes and the vast range of alternate OSes
understood collectively as *nix. This includes Unix, from which Linux is
derived, though neither share any code. I will specify when I am
referring to one specific OS or another under the name *nix, but
otherwise I will use the terms linux and *nix interchangeably.
So, what will be learned here are what the main differences and
similarities there are between these two OSes in terms of structure,
design, intent of the developers, security, and a small but not
comprehensive look at the history and current issues.
I may use terms here that you do not understand or know. I will try to
bring definition to those that I believe would commonly not be correctly
understood, but if you come across one that I don't give a definition,
look it up on google and read the first few pages that come up before
posting "wuts a hard drive spindle?!?!?!111?!".
Okay, here goes:
Most computer users have had extensive experience using the Windows
Operating System line, but do not fully understand what it is they are
using or why it works the way it does. We'll start with this one because
it is more widely understood than those that fall under the *nix
category.
Windows is built with the Graphical User Interface in mind, making it
the heart of what Windows users believe IS the operating system. When a
user sees their desktop with all their icons and settings loaded, that
is their concept of what Windows is. This is not wrong, it is just
incomplete.
Windows has many pieces that make it what it is. The most important of
those is the Windows Kernel. Unlike the *nix template, Windows does not
have a fully delineated line between the kernel and the rest of the the
OS. A kernel is the main program that is loaded when your computer
boots up. It is responsible for being the center, the heart of the
operations a system performs. It is responsible for handling memory
allocation and process flow to the processors of the system. A kernel
acts as a medium between the programs a user uses and daemons (Windows
calls them services) of the operating subsystem and the hardware the
software is running upon. The kernel handles how much memory a process
receives and how much of the processor's time it gets to use.
Daemons/Services are programs built into the OS that are not the kernel
but perform necessary tasks for the OS to function. They run all the
time, usually starting during the boot sequence.
The Windows kernel is not a true kernel though. It was designed with the
speed and responsiveness of the GUI in mind. This means that some
programs that would normally just run as background services of the OS
actually share some of the kernelspace.
In terms of memory, the kernel is responsible for allocating and
maintaining space for all the running programs to have a slice of the
RAM for faster execution of commonly accessed values, such as variables,
pointers, and really important function calls. This means that each set
of memory allocated to each process have different permissions,
depending on which user is running them. There are three types of users
on a Windows system: Limited, Administrator and SYSTEM. The SYSTEM
account is not a true account, but actually just a value reserved for
services to run within. If a process such as a virus runs at the SYSTEM
user level, that code cannot be contested by a user with lower account
privileges, including Administrator accounts. In memory, the Windows
kernel has four types of process memory that can be allocated. The three
types of accounts and their privileges are the first three types of
memory allocation. The fourth is kernelspace. So, we have Limited and
Administrator accounts running software in userspace. We have the SYSTEM
account running services in systemspace, and we have the kernel
running code unquestionably in kernelspace.
The Windows kernel has portions of the these various processes and
features built into kernelspace: Internet Explorer, Windows Explorer,
NTFS, FAT, the Windows Registry, and Windows Logon. That's not the whole
list, but it covers the main idea and also highlights a security flaw
in the design of the Windows OS. Both Windows Explorer and Internet
Explorer have parts of their code running in the kernel. This is
implemented with the intent that the user will have quicker response
times from using these processes. Internet Explorer has portions always
running and so starts up faster than it's competitors do. This was
intentionally designed by Microsoft when the browser market was cut into
three, between Microsoft's IE, Opera, and Netscape. Now, the market
includes IE and Mozilla's Firefox, which was built upon Netscape.
Internet Explorer has recently been removed from the European version of
Windows 7, but portions of it remain in the kernel.
Windows also has a large set of programs that are stored in the System32
folder. These are all given SYSTEM rights and basically allowed to do
anything that the kernel doesn't intervene upon. Mixed with Windows file
permissions, which only look at the type of user accessing the file,
this creates an opportunity for wreaking havoc upon the Windows system.
Most of the badware (by this, I am referring to anything that doesn't
help the user do what they want to do) that Windows has become notorious
for is able to do what it does because of the way Windows views file
permissions and because of the way the kernel shares code with some
services and allocates memory for programs that are stored in the
System32 folder.
Windows, other than being designed with the GUI in mind, is also highly
settings-based. By this, I mean that it has a centralized settings
program that manages the settings for various OS settings within
Windows. These include average values, such as the text displayed under
the "Recycle Bin" (which happens to be Recycle Bin) and the arcane
values of things like how large a window is when it opens or whether the
C drive is visible in the My Computer area of Windows Explorer. What is
ironic about the Registry is that it rarely aids software developers,
because most programmers only edit the registry in order for Windows to
properly let the user know that the program exists. The registry is much
more fun for the writers of badware, because it makes the user's life
hell and does not let the user easily stop what the program is doing.
Because the registry also shares some kernelspace, it is also a security
flaw. It can become bogged down when a lot of programs have been
installed or uninstalled, which means that a Windows system will run
slower after six months of use than it did when it was freshly
installed.
Windows programs usually are written with the mindset that a program
should be able to do everything one can imagine needing to do in a
certain environment. We get a lot of programs that try to do everything.
*nix systems are written in the opposite fashion. This means that a
program will do one thing very well, and nothing else. In Windows, you
get programs like Office 2007, Photoshop, and iTunes. In Linux, you get
equivalent programs that were designed with purpose and efficiency as
the main goals, instead of being feature-rich, they are
feature-complete. A feature is only added when it is ready to be added.
Instead of iTunes, you get programs like Sound Juicer, Rhythmbox, and
VLC. Each has a few things that they are very good at, but does not try
to do everything else as well.
This mentality of doing everything at once but ending up doing it poorly
is something that even Windows itself has trouble with. Because of the
poor structuring of the Windows OS, most "updates" do not add features
but instead patch problems that have come up with already added
features. Therefore, most updates are patches that modify code all over
the OS, creating a mis-mash of code that would be very hard to decipher.
This is one reason why they had to start over when creating Vista and
why it took four years to rewrite. Now, Vista had the same problem and 7
has supposedly been the new fix that's going to make it all better.
A lot of people complain that Windows has better programs than some
version of Linux or that Windows has more commercial software, such as
games or Photoshop on it. This is true. But the reason for this is not
because Windows is a better OS, but because *nix support for most
commercial software is not worth the money to spend on it. Or at least,
this is the assumption. Part of the issue is true economics, while a
large part is bad understanding of the Linux market size and the fact
that Microsoft for a long time has had a distinct market monopoly. Many
long time users are now actually looking to other options because of the
extremely bad market reception of Vista.
Those are the main pieces of what makes Windows what it is, with an
emphasis on security. Now, on to *nix systems.
*nix OSes are designed, as said above, with efficiency in mind. The
files are not structured for the user, but for the programmer. If a
certain function is necessary, there is a program that does it well and
does not do much else. Because of the nature of open source, which is
the environment most *nix OSes are created within (with a few
exceptions) there are usually two or three programs that perform the
same function in different ways, while all of them doing it well. An
example would be Vi and Emacs, though both are very old now and are
rarely used by the average Linux user. Both are text editors written for
use within a shell, but the way each goes about doing that are
different. There are still flame wars about Vi and Emacs today. Anyway,
the *nix world is less understood by the average computer user, so I
will elaborate on the history of these OSes so that some foundational
concepts are understood.
The first computers ran custom built OSes that only worked on the system
that it ran on. This was back when the only computers in existence were
mainframes. But some people from AT&T and Bell Labs got a great
idea. They decided that having an OS that could run on multiple types of
systems would be a great idea. So, they created the C programming
language and the UNIX Operating System, which ran on multiple types of
mainframes and had a standard set of libraries, functions, system calls,
commands, and programs. Then, in 1990 a student named Linus Torvalds
decided he would make a type of unix that didn't cost thousands of
dollars and could run on the newer Personal Computers of the day, all of
which ran either Windows, DOS (which is Windows without a GUI), and
Apple's OS. Linux grew rapidly due to the combination of being open
source (meaning that anyone with internet can get the source code for
it), the increasing dominance of the internet in the average computer
user's time, and a need for an OS that was not what was already
available. At first, Linux lacked many things. But over time, it has
become stronger in many ways than all it's competitors because of the
many small projects that have contributed to it. Part of Linux's success
is that it is not an OS by itself. The only part that Linus Torvalds
actually programmed was the kernel. All the other stuff that is added on
top of it is each maintained by a small group of programmers, usually
referred to as a project. A collection of hundreds of programs
configured to work together is a distribution, which is what RedHat's
Fedora, Cannonical's Ubuntu, and Novell's SuSE Linuxes all are. Because
of the modular way open source works together and also competes with
itself, Linux has become the most stable and possibly best designed OS
to date.
The Linux kernel does not have a bunch of unnecessary things included in
it, unlike Windows. In fact, each distribution customizes the kernel to
be able to perform the actions that the distribution is intended to
perform as best as can be done. Support for everything is compiled into
the kernel. The only thing the kernel does in *nix systems is act as a
buffer between the shell, programs, and the hardware. Any support for
hardware that is not added during compile time can be added through a
kernel module. Kernel modules were implemented as of Linux kernel 2.6,
which has been around for about 6 years now. A good example of a module
is the driver for a video card. The kernel only supports open source
drivers, so a commercial driver from the vendor, such as ATI or nVidia
would have to be installed through a module.
Modules have been a security concern, but only a minor one.
Theoretically, a rootkit can be used to hijack a kernel module and then
gain kernel level control of the system. This is very improbably because
of the cumulative other security features built into a standard Linux
system and because writing rootkits takes an intense amount of
understanding. Very few people have that much understanding and so very
few rootkits are available for the average attacker. Rootkits also
require a lot of knowledge to operate as well.
The Linux Kernel has varying degrees of memory privilege, unlike
Windows. There are only three classes, with the lowest class having
graduated privileges determined by the specific user running the
process. The highest level is kernelspace, reserved only for filesystem
and process maintenance. The middle level is reserved for processes
being run by the root user. Root on a *nix system is similar to having
an Administrator account on Windows, except that it is much more
powerful. Anything a root user does is final. Nothing can be done to
undo it or question it. If the root user decides to delete an important
library, the OS doesn't say "You can't do that because it's an important
part of your OS". It may or may not warn root that it can harm the
system, but it will still let root do whatever it wants. The lowest
level for memory allocation is an average user. The power of a specific
user depends on the groups they belong to. A group allows anyone within
the group to operate the programs that are listed as being allowed to be
operated by users within the group. This means that users that don't
need to be able to use DVD burning programs aren't part of the
dvdburners group and are not able to use programs that require that
group to be run.
File permissions are another piece of what makes a linux system hard to
crack. Each file has only certain permissions based on who a user is.
Each file can be set for users other than the owner to only read it, or
read and write to it, or not read or write to it. The system also allows
for special permissions for those users who are in the same group as
the owner. Obviously, root can read and write to any file it wants. This
is why root should only be used when needed and why even system
administrators need separate, low level accounts for normal use.
The *nix OS scheme is not built upon the GUI, but the shell. A shell
acts as an in-between for the user and the programs they use and the
programs and the kernel. A shell is able to execute code and perform
operations upon it, given the parameters the user sets. Unix shells were
the first scripted programming languages. They started out as a way to
execute commands on the system, but then evolved as need arose for more
robust and powerful operations to perform on those commands. Now, most
shells support the common syntax of many full programming languages as
well as a custom set of special syntax for file operations with the
kernel. Because of the shell mentality of a linux system, programs are
all equally separate from the kernel and from each other. This
mentality of a shell-based system means that every program, including
the ones that create the graphical environment most common users today
see, is simply another process that the shell started. This is why a
*nix system will usually boot up (unless you have a Mac or have
customized your system) with text pertaining to various subsystems being
placed on the screen instead of some lame windows logo. This turns some
users off: users that have never seen an OS designed differently than
Windows. This is not only secure, it is smart. This means that any
subsystem can break while maintaining overall stability as a system.
That means, if X breaks, you don't get a BSOD. You just get text telling
you to type startx or to look at xorg.conf.
Another security feature of *nix systems are runlevels. Runlevels work
differently depending on the OS being looked at. OS X does not have as
clear a runlevel system, because it's boot setup has been so drastically
modified from standard unix protocols. BSD does not use runlevels. The
runlevel system is derived from System V, which was the OS that
originally used it. Runlevels allow a system to be booted up to a
specific point, for the purpose of fixing problems with the system, or
in larger systems, giving for processor bandwidth to the one task that
the user wants to perform. What the runlevel system does is give the
advanced user the ability to boot in such a way that only certain,
important portions of the OS are started and not the entire system.
There are 6 standard runlevels, 0 being a halted system and 6 being the
reboot sequence. 5 is a fully running system, with all the various
processes and users enabled to their standard values and permissions.
This system allows for broken subsystems to be fixed before they are
started, creating a way for a system administrator to systematically fix
a hacked or broken system and bring it back up to normal again. A
similar feature in windows is the Safe Mode, but it does not actually
work that well and provides just as many security flaws as it does
actually solving them.
Everything within the *nix file structure is placed by the function of
the file. Executables that are commonly used are placed in the /bin
folder. User files are placed in the /home/username folder. Commonly
accessed libraries are placed in the /lib folder. And so on. / is also
called "root", simply because it is the folder that holds everything
else. An equivalent is the C: drive in Windows, though I never figured
out why the C: drive wasn't call the A: drive. Apple's OS X only follows
this scheme partially, having created a new structure while maintaining
some system files the way other *nix OSes do.
Linux deals with program installation differently as well. This does not
apply to OS X. Apple has their own deal. In the past, linux and unix
systems had installation scripts that would place the various parts of a
"package" (a set of programs that work together) into the various
necessary spots on a system. Today, there are package managers for most
distributions that contain a set of downloadable packages that will be
automatically installed. This means that if a package needs another
package to run correctly, the manager program will automatically know
this and install both when you just ask to install one. Windows does not
allow for this to happen. Because of that, many Windows software
developers waster their time writing code to do something someone else
already did.
Currently, the Linux community has been struggling to come up with ways
to be more appealing than Microsoft. It has done a lot of damage with
programs like wine and GIMP and better GUI and user functionality
through programs like the KDE and Gnome projects and the Compiz Fusion
project. The tides are also turning simply because the world market is
fed up with Vista. Microsoft claims 7 will solve all the problems and
surpass expectations, but many (especially big corporations) are wary of
shelling out up to 300 for an Operating System that doesn't include a
lot of programs Linux offers for free.
And that's it. That's the basic overview of the differences between
Windows and Unix, with an emphasis on security issues. I hope this was
informational and helps others get a better grasp of the what Linux as a
whole is and is not, especially compared to Windows.
forum, as a lot of people seem to be posting very uninformed questions
about Linux and Windows. This tutorial does not give instructions on how
to do anything but instead lays a strong foundation for understanding
the structure, design, intent behind the most often implemented
Operating Systems of today. These OSes include the very popular
Microsoft Windows line of OSes and the vast range of alternate OSes
understood collectively as *nix. This includes Unix, from which Linux is
derived, though neither share any code. I will specify when I am
referring to one specific OS or another under the name *nix, but
otherwise I will use the terms linux and *nix interchangeably.
So, what will be learned here are what the main differences and
similarities there are between these two OSes in terms of structure,
design, intent of the developers, security, and a small but not
comprehensive look at the history and current issues.
I may use terms here that you do not understand or know. I will try to
bring definition to those that I believe would commonly not be correctly
understood, but if you come across one that I don't give a definition,
look it up on google and read the first few pages that come up before
posting "wuts a hard drive spindle?!?!?!111?!".
Okay, here goes:
Most computer users have had extensive experience using the Windows
Operating System line, but do not fully understand what it is they are
using or why it works the way it does. We'll start with this one because
it is more widely understood than those that fall under the *nix
category.
Windows is built with the Graphical User Interface in mind, making it
the heart of what Windows users believe IS the operating system. When a
user sees their desktop with all their icons and settings loaded, that
is their concept of what Windows is. This is not wrong, it is just
incomplete.
Windows has many pieces that make it what it is. The most important of
those is the Windows Kernel. Unlike the *nix template, Windows does not
have a fully delineated line between the kernel and the rest of the the
OS. A kernel is the main program that is loaded when your computer
boots up. It is responsible for being the center, the heart of the
operations a system performs. It is responsible for handling memory
allocation and process flow to the processors of the system. A kernel
acts as a medium between the programs a user uses and daemons (Windows
calls them services) of the operating subsystem and the hardware the
software is running upon. The kernel handles how much memory a process
receives and how much of the processor's time it gets to use.
Daemons/Services are programs built into the OS that are not the kernel
but perform necessary tasks for the OS to function. They run all the
time, usually starting during the boot sequence.
The Windows kernel is not a true kernel though. It was designed with the
speed and responsiveness of the GUI in mind. This means that some
programs that would normally just run as background services of the OS
actually share some of the kernelspace.
In terms of memory, the kernel is responsible for allocating and
maintaining space for all the running programs to have a slice of the
RAM for faster execution of commonly accessed values, such as variables,
pointers, and really important function calls. This means that each set
of memory allocated to each process have different permissions,
depending on which user is running them. There are three types of users
on a Windows system: Limited, Administrator and SYSTEM. The SYSTEM
account is not a true account, but actually just a value reserved for
services to run within. If a process such as a virus runs at the SYSTEM
user level, that code cannot be contested by a user with lower account
privileges, including Administrator accounts. In memory, the Windows
kernel has four types of process memory that can be allocated. The three
types of accounts and their privileges are the first three types of
memory allocation. The fourth is kernelspace. So, we have Limited and
Administrator accounts running software in userspace. We have the SYSTEM
account running services in systemspace, and we have the kernel
running code unquestionably in kernelspace.
The Windows kernel has portions of the these various processes and
features built into kernelspace: Internet Explorer, Windows Explorer,
NTFS, FAT, the Windows Registry, and Windows Logon. That's not the whole
list, but it covers the main idea and also highlights a security flaw
in the design of the Windows OS. Both Windows Explorer and Internet
Explorer have parts of their code running in the kernel. This is
implemented with the intent that the user will have quicker response
times from using these processes. Internet Explorer has portions always
running and so starts up faster than it's competitors do. This was
intentionally designed by Microsoft when the browser market was cut into
three, between Microsoft's IE, Opera, and Netscape. Now, the market
includes IE and Mozilla's Firefox, which was built upon Netscape.
Internet Explorer has recently been removed from the European version of
Windows 7, but portions of it remain in the kernel.
Windows also has a large set of programs that are stored in the System32
folder. These are all given SYSTEM rights and basically allowed to do
anything that the kernel doesn't intervene upon. Mixed with Windows file
permissions, which only look at the type of user accessing the file,
this creates an opportunity for wreaking havoc upon the Windows system.
Most of the badware (by this, I am referring to anything that doesn't
help the user do what they want to do) that Windows has become notorious
for is able to do what it does because of the way Windows views file
permissions and because of the way the kernel shares code with some
services and allocates memory for programs that are stored in the
System32 folder.
Windows, other than being designed with the GUI in mind, is also highly
settings-based. By this, I mean that it has a centralized settings
program that manages the settings for various OS settings within
Windows. These include average values, such as the text displayed under
the "Recycle Bin" (which happens to be Recycle Bin) and the arcane
values of things like how large a window is when it opens or whether the
C drive is visible in the My Computer area of Windows Explorer. What is
ironic about the Registry is that it rarely aids software developers,
because most programmers only edit the registry in order for Windows to
properly let the user know that the program exists. The registry is much
more fun for the writers of badware, because it makes the user's life
hell and does not let the user easily stop what the program is doing.
Because the registry also shares some kernelspace, it is also a security
flaw. It can become bogged down when a lot of programs have been
installed or uninstalled, which means that a Windows system will run
slower after six months of use than it did when it was freshly
installed.
Windows programs usually are written with the mindset that a program
should be able to do everything one can imagine needing to do in a
certain environment. We get a lot of programs that try to do everything.
*nix systems are written in the opposite fashion. This means that a
program will do one thing very well, and nothing else. In Windows, you
get programs like Office 2007, Photoshop, and iTunes. In Linux, you get
equivalent programs that were designed with purpose and efficiency as
the main goals, instead of being feature-rich, they are
feature-complete. A feature is only added when it is ready to be added.
Instead of iTunes, you get programs like Sound Juicer, Rhythmbox, and
VLC. Each has a few things that they are very good at, but does not try
to do everything else as well.
This mentality of doing everything at once but ending up doing it poorly
is something that even Windows itself has trouble with. Because of the
poor structuring of the Windows OS, most "updates" do not add features
but instead patch problems that have come up with already added
features. Therefore, most updates are patches that modify code all over
the OS, creating a mis-mash of code that would be very hard to decipher.
This is one reason why they had to start over when creating Vista and
why it took four years to rewrite. Now, Vista had the same problem and 7
has supposedly been the new fix that's going to make it all better.
A lot of people complain that Windows has better programs than some
version of Linux or that Windows has more commercial software, such as
games or Photoshop on it. This is true. But the reason for this is not
because Windows is a better OS, but because *nix support for most
commercial software is not worth the money to spend on it. Or at least,
this is the assumption. Part of the issue is true economics, while a
large part is bad understanding of the Linux market size and the fact
that Microsoft for a long time has had a distinct market monopoly. Many
long time users are now actually looking to other options because of the
extremely bad market reception of Vista.
Those are the main pieces of what makes Windows what it is, with an
emphasis on security. Now, on to *nix systems.
*nix OSes are designed, as said above, with efficiency in mind. The
files are not structured for the user, but for the programmer. If a
certain function is necessary, there is a program that does it well and
does not do much else. Because of the nature of open source, which is
the environment most *nix OSes are created within (with a few
exceptions) there are usually two or three programs that perform the
same function in different ways, while all of them doing it well. An
example would be Vi and Emacs, though both are very old now and are
rarely used by the average Linux user. Both are text editors written for
use within a shell, but the way each goes about doing that are
different. There are still flame wars about Vi and Emacs today. Anyway,
the *nix world is less understood by the average computer user, so I
will elaborate on the history of these OSes so that some foundational
concepts are understood.
The first computers ran custom built OSes that only worked on the system
that it ran on. This was back when the only computers in existence were
mainframes. But some people from AT&T and Bell Labs got a great
idea. They decided that having an OS that could run on multiple types of
systems would be a great idea. So, they created the C programming
language and the UNIX Operating System, which ran on multiple types of
mainframes and had a standard set of libraries, functions, system calls,
commands, and programs. Then, in 1990 a student named Linus Torvalds
decided he would make a type of unix that didn't cost thousands of
dollars and could run on the newer Personal Computers of the day, all of
which ran either Windows, DOS (which is Windows without a GUI), and
Apple's OS. Linux grew rapidly due to the combination of being open
source (meaning that anyone with internet can get the source code for
it), the increasing dominance of the internet in the average computer
user's time, and a need for an OS that was not what was already
available. At first, Linux lacked many things. But over time, it has
become stronger in many ways than all it's competitors because of the
many small projects that have contributed to it. Part of Linux's success
is that it is not an OS by itself. The only part that Linus Torvalds
actually programmed was the kernel. All the other stuff that is added on
top of it is each maintained by a small group of programmers, usually
referred to as a project. A collection of hundreds of programs
configured to work together is a distribution, which is what RedHat's
Fedora, Cannonical's Ubuntu, and Novell's SuSE Linuxes all are. Because
of the modular way open source works together and also competes with
itself, Linux has become the most stable and possibly best designed OS
to date.
The Linux kernel does not have a bunch of unnecessary things included in
it, unlike Windows. In fact, each distribution customizes the kernel to
be able to perform the actions that the distribution is intended to
perform as best as can be done. Support for everything is compiled into
the kernel. The only thing the kernel does in *nix systems is act as a
buffer between the shell, programs, and the hardware. Any support for
hardware that is not added during compile time can be added through a
kernel module. Kernel modules were implemented as of Linux kernel 2.6,
which has been around for about 6 years now. A good example of a module
is the driver for a video card. The kernel only supports open source
drivers, so a commercial driver from the vendor, such as ATI or nVidia
would have to be installed through a module.
Modules have been a security concern, but only a minor one.
Theoretically, a rootkit can be used to hijack a kernel module and then
gain kernel level control of the system. This is very improbably because
of the cumulative other security features built into a standard Linux
system and because writing rootkits takes an intense amount of
understanding. Very few people have that much understanding and so very
few rootkits are available for the average attacker. Rootkits also
require a lot of knowledge to operate as well.
The Linux Kernel has varying degrees of memory privilege, unlike
Windows. There are only three classes, with the lowest class having
graduated privileges determined by the specific user running the
process. The highest level is kernelspace, reserved only for filesystem
and process maintenance. The middle level is reserved for processes
being run by the root user. Root on a *nix system is similar to having
an Administrator account on Windows, except that it is much more
powerful. Anything a root user does is final. Nothing can be done to
undo it or question it. If the root user decides to delete an important
library, the OS doesn't say "You can't do that because it's an important
part of your OS". It may or may not warn root that it can harm the
system, but it will still let root do whatever it wants. The lowest
level for memory allocation is an average user. The power of a specific
user depends on the groups they belong to. A group allows anyone within
the group to operate the programs that are listed as being allowed to be
operated by users within the group. This means that users that don't
need to be able to use DVD burning programs aren't part of the
dvdburners group and are not able to use programs that require that
group to be run.
File permissions are another piece of what makes a linux system hard to
crack. Each file has only certain permissions based on who a user is.
Each file can be set for users other than the owner to only read it, or
read and write to it, or not read or write to it. The system also allows
for special permissions for those users who are in the same group as
the owner. Obviously, root can read and write to any file it wants. This
is why root should only be used when needed and why even system
administrators need separate, low level accounts for normal use.
The *nix OS scheme is not built upon the GUI, but the shell. A shell
acts as an in-between for the user and the programs they use and the
programs and the kernel. A shell is able to execute code and perform
operations upon it, given the parameters the user sets. Unix shells were
the first scripted programming languages. They started out as a way to
execute commands on the system, but then evolved as need arose for more
robust and powerful operations to perform on those commands. Now, most
shells support the common syntax of many full programming languages as
well as a custom set of special syntax for file operations with the
kernel. Because of the shell mentality of a linux system, programs are
all equally separate from the kernel and from each other. This
mentality of a shell-based system means that every program, including
the ones that create the graphical environment most common users today
see, is simply another process that the shell started. This is why a
*nix system will usually boot up (unless you have a Mac or have
customized your system) with text pertaining to various subsystems being
placed on the screen instead of some lame windows logo. This turns some
users off: users that have never seen an OS designed differently than
Windows. This is not only secure, it is smart. This means that any
subsystem can break while maintaining overall stability as a system.
That means, if X breaks, you don't get a BSOD. You just get text telling
you to type startx or to look at xorg.conf.
Another security feature of *nix systems are runlevels. Runlevels work
differently depending on the OS being looked at. OS X does not have as
clear a runlevel system, because it's boot setup has been so drastically
modified from standard unix protocols. BSD does not use runlevels. The
runlevel system is derived from System V, which was the OS that
originally used it. Runlevels allow a system to be booted up to a
specific point, for the purpose of fixing problems with the system, or
in larger systems, giving for processor bandwidth to the one task that
the user wants to perform. What the runlevel system does is give the
advanced user the ability to boot in such a way that only certain,
important portions of the OS are started and not the entire system.
There are 6 standard runlevels, 0 being a halted system and 6 being the
reboot sequence. 5 is a fully running system, with all the various
processes and users enabled to their standard values and permissions.
This system allows for broken subsystems to be fixed before they are
started, creating a way for a system administrator to systematically fix
a hacked or broken system and bring it back up to normal again. A
similar feature in windows is the Safe Mode, but it does not actually
work that well and provides just as many security flaws as it does
actually solving them.
Everything within the *nix file structure is placed by the function of
the file. Executables that are commonly used are placed in the /bin
folder. User files are placed in the /home/username folder. Commonly
accessed libraries are placed in the /lib folder. And so on. / is also
called "root", simply because it is the folder that holds everything
else. An equivalent is the C: drive in Windows, though I never figured
out why the C: drive wasn't call the A: drive. Apple's OS X only follows
this scheme partially, having created a new structure while maintaining
some system files the way other *nix OSes do.
Linux deals with program installation differently as well. This does not
apply to OS X. Apple has their own deal. In the past, linux and unix
systems had installation scripts that would place the various parts of a
"package" (a set of programs that work together) into the various
necessary spots on a system. Today, there are package managers for most
distributions that contain a set of downloadable packages that will be
automatically installed. This means that if a package needs another
package to run correctly, the manager program will automatically know
this and install both when you just ask to install one. Windows does not
allow for this to happen. Because of that, many Windows software
developers waster their time writing code to do something someone else
already did.
Currently, the Linux community has been struggling to come up with ways
to be more appealing than Microsoft. It has done a lot of damage with
programs like wine and GIMP and better GUI and user functionality
through programs like the KDE and Gnome projects and the Compiz Fusion
project. The tides are also turning simply because the world market is
fed up with Vista. Microsoft claims 7 will solve all the problems and
surpass expectations, but many (especially big corporations) are wary of
shelling out up to 300 for an Operating System that doesn't include a
lot of programs Linux offers for free.
And that's it. That's the basic overview of the differences between
Windows and Unix, with an emphasis on security issues. I hope this was
informational and helps others get a better grasp of the what Linux as a
whole is and is not, especially compared to Windows.
Admin- Admin
- Posts : 645
Points : 11735
Reputation : 62
Age : 40
Location : India (New Delhi)
Join date : 2009-11-30 -
Similar topics» Difference Between windows and Linux Hosting
» Linux Xp Desktop 2010
» Shared Offshore windows or Linux hosting at 5$ per month
» Best VPS and Dedicated Servers from Lunarpages - Windows and Linux Hosting
» DDos Proctected Offshore windows or Linux Shared hosting
» Linux Xp Desktop 2010
» Shared Offshore windows or Linux hosting at 5$ per month
» Best VPS and Dedicated Servers from Lunarpages - Windows and Linux Hosting
» DDos Proctected Offshore windows or Linux Shared hosting
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|