Linux is more secure . . . for now.

Going mainstream will not hurt linux security - if you understood what makes it more secure this would be obvious. It's the seperation of the user from the system, the proper sandboxing of users keeps virus / security holes contained to users data - add to the fact that since the source is available it's easier for security minded programers to look for holes and quickly patch them as problems occur.

Linux is more secure than MS simply because the majority of windows boxes have the users running as admin meaning you break one user you break the system.

Until I see it done at least once - I'll say no. Mac users (OSX is built on *nix / BSD) always brag that they don't have viruses, so do the Linux folks - most virus writers / hackers are doing it for the ego boost, I think being the first to seriously hurt either Mac or Linux with a virus would be a pretty cool claim to fame for them...

Except... it already is "mainstream" in the server rooms and back offices of the world. If the "popularity equals vulnerability" argument had any serious weight behind it, there'd be Linux worms infecting servers left and right, just like Code Red, Nimda and others went after Windows-based servers.

Also, the overwhelmingly most common vectors for desktop malware which destroys user data are emails with malicious payloads and web sites with malicious "drive-by" ActiveX installs. Neither of these work on Linux -- no Linux mail client executes code in attachments, and even if one tried it'd run into lack of an executable bit, and no Linux web browser allows anything near what ActiveX does -- Firefox's XPI comes close, but XPI only works on a pre-defined whitelist of domains.

And XPI is a good example of how to do security right. One of the reasons why anti-virus software for Windows has such problems is that it goes about things in a backward way -- the system, by default, allows everything, and then you impose a blacklist (in the form of virus signatures). This means that every time a new virus shows up, you're caught with your pants down until you update your blacklist. Good security, on the other hand, denies everything by default, and only allows things that are on a whitelist.

Check out this article for some more notes on how to do security right.

Malware writers ARE already finding ways around the *nix security, but it's usually through the software installed that they find vulnerabilities. When a kernel vulnerability is found, it is fixed *really* fast.

Well, my point wasn't that these are the only vectors, and that Linux is secure because they don't exist on the platform. My point was that Linux systems and applications tend to be designed around things like white-list, rather than black-list, security, and that provides a huge boost to the inherent security of the system.

Take the executable bit, for example; on a Windows system, theoretically any file can be executed by the system, and it's only a blacklist of known viruses that stands between most Windows systems and infection. But on a UNIX-based system like Linux, only files which have explicitly had their executable bit set can be executed -- thus, the default policy is "nothing is executable", which is a demonstrably more secure approach because any new malware has to find a way onto that executable whitelist before it can cause harm.

Another example is the permissions system; up until Windows 2000 and XP, pretty much every home installation of Windows was running as a user with administrative privileges. This meant that it was very easy for malware to infect via a user application, and have the privileges it needed to, say, set up a rootkit and take over the entire machine. The NT-based 2000 and XP have mitigated this somewhat, but still allow you to run as administrator and expose yourself to those risks. Meanwhile, in the UNIX world, that's just not possible; for years, desktop environments have been configured to flash all sorts of warnings when you run as root, and do everything possible to get you to run as a normal user who can't compromise the system. Some distros, like Ubuntu, even go a step further and are set up so that root logins have to be explicitly enabled by someone with the requisite know-how.

So while it would be foolish to say it's impossible to write successful malware for Linux, it's correct to say that it is much more difficult to do so, and that there are a number of features of the system's design which contribute to that. In this sense, Linux, even were it to go mainstream, would be "more secure" for general use than Windows.

And again, Linux already is mainstream for server use, so if the argument that attention devoted to the "mainstream OS" will result in more exploits were correct, we'd see many more flaws and exploits exposed for Linux than we do.

Well put James. . .