Linux: The clear choice for security



Linux security


Recently, the United Kingdom’s Communications-Electronics
Security Group (CESG) ran a series of tests to find out which operating system
would be the most secure platform for the UK government. The test
consisted of the following categories:

  • VPN
  • Disk Encryption
  • Authentication
  • Secure Boot
  • Platform Integrity and Sandboxing
  • Application Whitelisting
  • Malicious Code Detection and Prevention
  • Security Policy Enforcement
  • External Interface Protection
  • Device Update Policy
  • Event Collection for Enterprise Analysis
  • Incident Response

The goal was to see which platform would pass most of the
12 tests. The winner, Ubuntu 12.04 (Figure A), was far ahead of
both Windows 8 and Mac OS X. The CESG
site contains all of the findings, or you can read the Canonical summarization of the report.
From the Canonical summary:

“All in all, Ubuntu 12.04 LTS stacks up as the most secure
of the current desktop and mobile operating systems. Supported by Canonical
with free security updates for 5 years, and without malware problems, it’s hard
to beat in official public sector applications. We are working hard to close
the gap and make Ubuntu clearly stand out as the most trustworthy operating
system for the future and we hope to make excellent progress before our next
LTS release in April 2014, 14.04 LTS, which will be even better.”

Figure A


Figure AFigure A


The Ubuntu 12.04 desktop ready to install.

One interesting statement from the full report is that no operating system that’s currently available can meet all of the above tests.
Also interesting from the full report is that Samsung devices running Android
4.2 scored as high as Ubuntu 12.04.

Why 12.04? Because it’s the most recent Long Term Support
(LTS) release. Canonical is confident that 14.04 (the next LTS release) will
meet or exceed the tests passed by 12.04. As for the current LTS: Ubuntu 12.04
passed nine of the 12 tests and had zero significant risks. Windows 8
passed seven with 1 significant risk. OS X passed eight tests with zero
significant risks.

What does this mean?

One can surmise that the UK government is looking for their
platform of the future. With the dramatic rise in cyber-crime, every government
agency (business or enterprise) would be remiss in failing to run similar
tests or, at the very least, giving the UK report a close read.

People have argued for years about platform security. There
have been numerous events held with the sole purpose of determining a clear
winner. Unfortunately, many of those tests and research papers cannot be
trusted, simply because they were sponsored events (with vested interests in
one particular platform performing beyond the others). But for the needs of a
government agency (or an enterprise-grade business), the tests run by the CESG
are right on the money. These are unbiased, unfiltered tests with end results that aren’t concerned with market share, board of directors, or investors.

And in the end… Linux wins. Period.

No, Linux may not hold the coveted spot on top of the
business and home desktop food chain, but now that a government entity has
singled out Ubuntu 12.04 as the must secure platform available, this could
easily change. Why? Businesses can’t function without security. If the thought
leaders of industries can’t wrap their heads around that one fact, they’re
dooming countless businesses — and not recommending Linux for desktop use is

Over the last five years, I’ve been working as a remote
support engineer for hundreds of clients (with thousands of end users). I can
say this with complete assurance: Nearly 100% of the problems I’ve dealt with could have been avoided by simply using Linux. Desktops have
lost data and businesses have lost hundreds of thousands (if not millions) of
dollars because of Windows. That is not opinion… that is fact. Had
those users been using Linux, that would not be the case.

It never ceases to amaze me the amount of reports and claims
of Windows superior security, when real-world results point to quite the
opposite. And now, thanks to the UK government, there is official proof that
Linux (specifically Ubuntu 12.04) is the best choice in a world where security
should be priority number one.

The results of this test couldn’t have come at a more
poignant time. With Windows XP about to be put to rest, there will be a
seemingly endless needs for businesses around the globe to replace those aging
desktops. With all of the choices available to them, there is now one that
stands well above the rest. That choice is Linux.

 Share your thoughts about this report and the future of Linux in the discussion thread below.