Evaluating Windows, Mac OS X and Linux Based on Trust

There are times when it may be appropriate to select Linux over Mac OS X and Windows based on the principle of trust, according to Low End Mac on Monday.

Keith Winston, a convert to Mac OS X from Linux, and knowledgeable of Linux, spoke of some of the metrics which, on occasion, might dictate the use of Linux over Mac OS X, namely flexibility, security and trust. Specific applications cited were dedicated servers and high security applications that require the user to have complete understanding and control of the OS.

Evaluating security amongst the three OSes is difficult, perhaps more of an art than a science. "If you start with the operating system, you can look at past history, the number of known exploits, the severity of known exploits, and the malware ecosystem. You have to account for the out of the box configuration, included software and services, encryption options, and the ability to apply patches. Then thereis the hardware -- physical security and locking options, processor and architecture exploits, portability. It can be mind numbing," Mr. Winston wrote.

However, in the specific scenario of user trust derived from a completely open source system, Linux has the advantage.

Mr. Winston worked his through the OS options and gave examples. In the case of Windows, there is the recent fiasco with the Stealth Patch Incident. In this incident, Microsoft updated Windows regardless of their stated preference setting. It raised the question of who was in control of the computer. In addition, the Windows Product Activation feature can unilaterally disable a Windows computer if piracy is suspected.

In the case of Mac OS X, which has an open source FreeBSD UNIX core called Darwin, there is still plenty of proprietary code overlaid on top. "I love using Macs (Iim banging this article out on a Mac)," Mr. Winston noted. "...but there are two things that limit my ultimate trust. One is the lack of open source for the some parts of the system, and the second is the track record of Apple toward users. Without complete source, I canit be reasonably sure that Apple wonit force a Windows-style stealth patch someday. In fact, I am reasonably sure they have the ability to do so."

Finally, there is Linux which is completely open source. "I can be certain that no patches will be applied unless I permit it. I can control precisely the software I want to run and can remove any software I donit want to run. I have complete access to all source code, along with many other people, so security issues can be found and fixed quickly," Mr. Winston concluded.

"There is no phoning home and no unlicensed software by definition. I can use encryption algorithms that have stood the test of time and proven strong. I have a strong level of confidence in every part of the system - I trust it, even connected to the big, bad Internet."

TMO notes that Apple has pointed out to its customers that the resulting tinkerability of Linux is good for individuals in companies, but not always so good for the company as a whole because it can lead to out-of-configuration systems. So, for competitive and ease-of-use reasons, Mac OS X has proprietary code. However, for those occasions when the users must certify their complete control over the OS, in critical server applications and security research, Linux looks like the best solution to Mr. Winston.