(That's how I became a freaking genius on almost everything else already. Uh, well, maybe not!)
I have an avatar I break out on rare occasions, when I feel it is appropriate. It says, "I suck at Life, but I'm WICKED COOL!
Why should I care about anything, when I can be wicked cool? :wolf:
Linux security? I find it is more secure for several reasons. One is what you've already mentioned, Linux users are such a small percentage of users that there's little to be gained by creating cracks on Linux boxes. Call it security through obscurity.
Then there is the Linus Law, named for Linus Torvalds, which states that given enough eyeballs, all bugs are shallow. Which means there is security in transparency. Redmond has a finite number of developers, working to create new code and working to harden existing code. Linux is open to anyone and if you discover a security flaw, you can report it to thousands of other users, or possibly even fix it yourself. If Redmond discovers a security flaw, you'll learn about it when they release the security patch to fix it. Unless, of course, you are unfortunate enough to have your machine exposed to that flaw before the patch becomes available.
Then comes security through diversity, meaning that while most of the world is running some variation of Windows, Internet Explorer and Outlook or Outlook Express, some of us choose to use something different. A single virus, written to target those Windows/IE/Outlook users can cripple them, whereas with Linux we have different distributions with different shells, different packages and different applications.
Port security is something most computer users don't understand. Linux has always been written to open ports for communication and then to close them when finished. I've yet to find a Windows script that can reliably identify the open ports on a Windows box, let alone the unused, open ports.
User permissions are one of the most overlooked aspects of Linux security, but likely one of the most important. In nearly all Linux installations, you have to go out of your way to gain root access to the operating system. In Windows, most people have no concept of what root access even is, let alone knowing whether or not they actually have it (most do). I can give you the details that would allow you to crack my user account on this machine, but since my account is not root, there is no way you can ever cause system-wide damage to the machine. You might be able to create havoc with my personal account, but you will never be able to touch the core operating system.
File permissions are another important security detail in Linux. There simply are no dangerous .exe files to be concerned with in Linux. I can attach a bit of malicious code to an e-mail with a subject line like, "Check out the incredible hOOters on this blond bombshell" and likely crash the majority of the boxes that receive it. To do that in Linux, I would have to send an e-mail with the attachment, that also gave instructions on how to save the attachment to the system, how to give the attachment executable permissions and then explain how to run the executable file.
Something a lot of people don't understand is that you can send a Linux user a malicious file attached to an e-mail, and while it will not have any effect on the Linux machine, by simply forwarding the e-mail on to other Windows users, their machines can be infected. No one will ever get a e-mail virus passed to them from me, because I refuse to forward e-mails. I won't do it, just to prevent e-mail scrapers from picking over multiple e-mail addresses on each server hop. It's a very rare occasion that I will ever address an e-mail to more than one recipient, for the same reason. If I send a message to 10 people and they all turn around and forward the message to ten more people, look at all the possible opportunities for your e-mail address to be scraped.
And don't let the Apple users fool you, those machines have as many security soft-spots as Windows machines. The last advisory I have on file for OS X lists some 37 vulnerabilities. And iOS isn't exactly locked down, either, as the last advisory I have on it lists 4 holes in it. All the iPhone users were hooting it up, because it took so much time and effort to jailbreak Android phones. With an iPhone, all you had to do was visit the JailbreakMe Web site and the phone was automagically jailbroken. Uh-huh. Now think about that one for a bit. JailbreakMe could access and unlock the iPhone operating system, because of a flaw in how the iPhone renders .pdf files. Well, what's to prevent me from placing a malicious file on a Web site and inviting iPhone users to come pay me a visit, so I can exploit the operating system in the very same manner? Since the iPhone is so popular, I imagine there are several iPhone owners reading this post. Were ever aware of how vulnerable your iPhone was, prior to reading this post? Visit this site to save 50% on your next iPhone. PWNED!
The majority of Linux security is common sense thinking and very little else. If a Windows user operates his system with awareness of what the system is capable of doing and uses common sense, he'll not have any problems either. I've been using computers online for 31 years and I've never had a virus on any of my machines.
