Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] What do typical Linux users do WRT protecting their systems from malware



On Jul 20, 2011, at 8:44 PM, MBR wrote:
> 
> Besides the fact that users generally aren't logged in as root, what 
> other aspects of the Unix/Mac/Linux architecture make Unix a harder 
> target than Windows?

The oldest security flaw in Windows/NT, from 4.0 onward, has nothing to do with being logged in as root (Administrator).  It is GDI, the Windows Graphics Device Interface.  NT 4.0 "featured" the move of GDI and user I/O from ring 3 to ring 0.  This resulted in significant performance improvements over NT 3.5.  It also meant that non-privileged processes were given direct access to ring 0 -- full hardware privileges.  The rest is sordid history.

Linux doesn't have hooks like this.  DRI is an exception, I think, but don't quote me on that.  Even if it is, DRI was designed with security in mind, and vulnerabilities can be easily fixed.

OS X's microkernel prohibits other code from running in ring 0.  That's a feature of microkernel architectures.

--Rich P.





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org