EEVblog Electronics Community Forum

Computing => Security => Topic started by: coppercone2 on May 30, 2019, 10:31:41 pm

Title: Most secure operating system?
Post by: coppercone2 on May 30, 2019, 10:31:41 pm
I think this thread might fill itself. I am out dated at the moment with thoughts of OpenBSD
Title: Re: Most secure operating system?
Post by: David Hess on May 31, 2019, 02:51:50 pm
OpenBSD is at the top of the list.  Next might be FreeBSD and then Linux.  There are specialized distributions of all of them for maximum security.

Forget anything which is closed source.
Title: Re: Most secure operating system?
Post by: techman-001 on June 01, 2019, 03:14:17 am
OpenBSD is at the top of the list.  Next might be FreeBSD and then Linux.  There are specialized distributions of all of them for maximum security.

Forget anything which is closed source.

Agreed. I'm a FreeBSD user myself however I admire OpenBSD a lot, it's clean, functional, expertly designed with a focus on security and very easy to use. Sadly I'd miss ZFS and some other FreeBSD features too much if I switched.
Title: Re: Most secure operating system?
Post by: wilfred on June 01, 2019, 03:21:11 am
Forget anything which is closed source.

Why?

Z/OS on a Z-series server hardware has much to offer in the way of security. It's not open source by any means. Being closed or open isn't a reliable guide to security.
Title: Re: Most secure operating system?
Post by: Halcyon on June 01, 2019, 04:07:04 am
It's a bit like asking "What's the best car?". The answer is, it depends.

Windows is quite often said to be "insecure" or "less secure than Unix/Linux/BSD" but nothing could be further from the truth. It all depends on how it's configured and deployed. The same applies to every operating system. Using Windows as an example, it's still used in Government organisations up to and including "Top Secret" classification.

Just about every operating system can be made to be insecure or vulnerable. It will also depend on the application; the more services you install and run, the more chances of an increased security risk. Then there is security of the hardware itself, for example: Who has access to the physical ports on the device?

There is no magic pill when it comes to cyber security. It's a multi-layered approach. I've spent many years studying and working in this industry and even my knowledge only scratches the surface.
Title: Re: Most secure operating system?
Post by: David Hess on June 01, 2019, 04:07:16 am
Forget anything which is closed source.

Why?

Z/OS on a Z-series server hardware has much to offer in the way of security. It's not open source by any means. Being closed or open isn't a reliable guide to security.

Forget anything closed source because there is no possibility of verifying it or patching it and knowing it was verified or patched.  (1)

That does not help with binary blobs and compromised hardware but it is a start.

Do you believe all of these various exploits in closed source products are accidents? I do not.  And even if they are, you still have organizations like the NSA compromising things and then preventing patches so they can take advantage of the security exploits and then allowing these exploits into the wild as Baltimore has found out.

(1) You must also be able to compile it yourself which is not difficult with BSD or Linux.
Title: Re: Most secure operating system?
Post by: hamster_nz on June 01, 2019, 04:19:59 am
Are you also prepared to forget superscalar CPUs and turn of hyperthreading due to cache timing attacks, and stop processes from rowhammering memory?
Title: Re: Most secure operating system?
Post by: David Hess on June 01, 2019, 04:26:18 am
Are you also prepared to forget superscalar CPUs and turn of hyperthreading due to cache timing attacks, and stop processes from rowhammering memory?

Some things we have little control over.

I already end up disabling hyperthreading on Intel CPUs because of poor reliability.  That took weeks to track down.

I built my systems with ECC and used higher than necessary refresh and scrub rates even before rowhammer was reported.
Title: Re: Most secure operating system?
Post by: techman-001 on June 01, 2019, 05:31:39 am
Quote
It's a bit like asking "What's the best car?". The answer is, it depends.
I think that's a very poor example. The OP asked "Most secure operating system?" not "Best operating system" so if we asked "Whats the safest car" instead, we could use crash tests as a guide instead of personal opinion.

Code: [Select]
Windows is quite often said to be "insecure" or "less secure than Unix/Linux/BSD" but nothing could be further from the truth. The only thing furthermost from the truth is your assertion above. It's well known that a new Windows XP install only took on average 10 minutes before it was 'owned' by crackers after being connected to the internet.

Quote
It all depends on how it's configured and deployed.
That applies to everything. For instance I hear the most secure operating system in existence is a Windows 10 PC, unpowered, no internet connection and sealed in concrete 100 feet below the surface.

Most Windows installs are not so secure however, most are used by Ma and Pa Sixpack and have never been properly administered because they are users only with zero skill apart from browsing and email.

Quote
The same applies to every operating system. Using Windows as an example, it's still used in Government organisations up to and including "Top Secret" classification.
So what ? Australia is well known to be a "Microsoft Shop", the govt gave us the NBN, Tony Abbot and Windows everywhere in government. The Aust government was so besotted by Bill Gates that they actually recalled parliament once so they could hear him speak.

Quote
Just about every operating system can be made to be insecure or vulnerable. It will also depend on the application; the more services you install and run, the more chances of an increased security risk. Then there is security of the hardware itself, for example: Who has access to the physical ports on the device?

You're talking standard security practices which apply to all OS's and adds nothing here.

Quote
There is no magic pill when it comes to cyber security. It's a multi-layered approach.

No but one can get off to a good start with a OS *engineered* for security, versus a white goods OS for the masses such as Windows.

Quote
I've spent many years studying and working in this industry and even my knowledge only scratches the surface.
Security is a part of every Unix admins study and daily practice. As we Unix users say "security is a process, not a product".
Title: Re: Most secure operating system?
Post by: Halcyon on June 01, 2019, 06:01:41 am
I'm not sure what taking my post completely out of context achieved but that's fine. I was summarising and not writing an essay on the security of multiple operating systems.
I spent decades securing Windows. Believe it or not, there are people out there that can do that (which doesn't involve a lack of connectivity and being buried in concrete).

Also, for full disclosure, I run Fedora as my full-time operating system on multiple machines and servers at home, just before I'm accused of being a Windows fan boy. I was merely citing one example out of many. ;-)
Title: Re: Most secure operating system?
Post by: MyEEVBlogAccount on June 04, 2019, 05:04:29 am
I find these responses interesting.  The question is what the most secure operating system is.  To me, the answer to that would be the operating system that goes without incident for the longest period of time with an average person doing average things.  Sure, a computer you never turn on is the most secure but then it isn't really a computer at that point.  And yes, Unix and Linux tend to have better track records in general, but they usually have trained people setting them up and knowing how to lock them down.  Plus, the threat model of a server is much different than the one for a desktop.  In addition, Grandma's threat model is much different than that of a corporate drone.  If you don't keep all the variables in mind, then you aren't really comparing the same things.  It is like asking what car is safer, but then using SUV front-crash results vs. sub-compact car side-impact results.

For example, someone brought up the story (which went viral 14.5 years ago) about how Windows XP took an average of 20 minutes to be exploited after being put on the Internet.  However, that was a fresh-install machine connected directly to the Internet (no router, NAT, or firewall), without a host-based firewall enabled, and everything at default settings, including wide-open and world-accessible SMB ports.  It was probably even worse with Grandma behind the mouse clicking whatever tickled her fancy.  That is nowhere close to comparable to a professionally-administered machine behind the layers of corporate security and "sufficiently" secured (for various definitions of sufficient) before being allowed through the firewall.  Until you take those things into account, you aren't really comparing operating systems, you are instead comparing the technical prowess of their users.
Title: Re: Most secure operating system?
Post by: David Hess on June 04, 2019, 02:48:25 pm
If I include reliability then Windows of any version is not even close.  My Windows 10 system regularly "fails" with updates.  My main XP system can run about 2 weeks before resource leaks require a reboot.  My backup XP system can go at least a month.  My FreeBSD box lasts until power is lost unlike my cable modem.
Title: Re: Most secure operating system?
Post by: GregDunn on June 04, 2019, 03:15:18 pm
I find these responses interesting.  The question is what the most secure operating system is.  To me, the answer to that would be the operating system that goes without incident for the longest period of time with an average person doing average things.  Sure, a computer you never turn on is the most secure but then it isn't really a computer at that point.  And yes, Unix and Linux tend to have better track records in general, but they usually have trained people setting them up and knowing how to lock them down.  Plus, the threat model of a server is much different than the one for a desktop.  In addition, Grandma's threat model is much different than that of a corporate drone.  If you don't keep all the variables in mind, then you aren't really comparing the same things.  It is like asking what car is safer, but then using SUV front-crash results vs. sub-compact car side-impact results.

I think the point is that most default installations of *nix-based systems minimize permissions/security issues and need to be "opened up" for many applications, whereas default installations of (say) Windows are by default very iffy and exploit-prone.  It's pretty hard to make a modern *nix susceptible to hacking without knowing a little about the structure and configuration of the OS.  I have set up countless different computers, and with similar firewall protection, the difference between number of *nix / Mac and Windows systems incidents is pretty sizeable unless you install a constantly updated spyware/virus suite.
Title: Re: Most secure operating system?
Post by: ruffy91 on June 04, 2019, 04:02:26 pm
I use HardenedBSD for systems where I need low attack surface and high attack resilience.

Gesendet von meinem MI 9 mit Tapatalk

Title: Re: Most secure operating system?
Post by: mleyden on June 04, 2019, 04:20:42 pm
I think you might find QubeOS (https://www.qubes-os.org/) interesting...
Title: Re: Most secure operating system?
Post by: apis on June 04, 2019, 05:12:01 pm
For a long time Microsoft even had it as their official policy to not have any security features on by default (like a firewall, multiple users, password login) because they said their studies showed that end users found it annoying.

Quote
Jeff Jones, Microsoft's senior director for "trustworthy computing," said the company was heeding user requests when XP was designed: "What customers were demanding was network compatibility, application compatibility."
https://www.washingtonpost.com/archive/business/2003/08/24/microsoft-windows-insecure-by-design/57eeb240-bc22-4c89-b195-0946d8a27281/?utm_term=.e0ace1eed7f4 (https://www.washingtonpost.com/archive/business/2003/08/24/microsoft-windows-insecure-by-design/57eeb240-bc22-4c89-b195-0946d8a27281/?utm_term=.e0ace1eed7f4)
Title: Re: Most secure operating system?
Post by: Nominal Animal on June 04, 2019, 09:53:23 pm
Most secure from what?  Remote access attacks?  Nefarious local users?  Unprivileged hardware access?  Breaking out of user restrictions?  Bugs?  Data collection by organisations that sell your information?  Data collection by government(s)?  Data collection in general?

If you know what the machine is used for, you can always harden it; how much, varies from OS to OS.  On some, you need additional proprietary/commercial software.  On some, the needed tools are baked-in to the OS.  In my opinion, OpenBSD has the most emphasis on security of the open-source operating systems.

I don't know about Windows or Mac OS, because I don't use either, and have no idea on their developers' emphasis.  As I've used and hardened Linux systems for over two decades, I find that one easy to secure (to my own definition of "secure").  :-//
Title: Re: Most secure operating system?
Post by: Halcyon on June 04, 2019, 11:39:21 pm
... Windows 10 system regularly "fails" ...

There's your first problem... Windows 10 ;-)
Title: Re: Most secure operating system?
Post by: techman-001 on June 05, 2019, 04:31:07 am
For a long time Microsoft even had it as their official policy to not have any security features on by default (like a firewall, multiple users, password login) because they said their studies showed that end users found it annoying.

Quote
Jeff Jones, Microsoft's senior director for "trustworthy computing," said the company was heeding user requests when XP was designed: "What customers were demanding was network compatibility, application compatibility."
https://www.washingtonpost.com/archive/business/2003/08/24/microsoft-windows-insecure-by-design/57eeb240-bc22-4c89-b195-0946d8a27281/?utm_term=.e0ace1eed7f4 (https://www.washingtonpost.com/archive/business/2003/08/24/microsoft-windows-insecure-by-design/57eeb240-bc22-4c89-b195-0946d8a27281/?utm_term=.e0ace1eed7f4)

Exactly right. Microsoft Windows is "White Goods" for the masses, 'ease of use' trumped security every time with Windows because this is a COMMERCIAL OS, it only exists for ONE REASON ... $$$$. Windows users who thought they were smart would use 'password' as the password, others used their name. What scant security Windows actually was capable off was soon nullified by its users.

Ease of use V/S security is always the compromise.
Title: Re: Most secure operating system?
Post by: 0culus on June 23, 2019, 03:55:30 pm
Most secure from what?  *snip*

Ding ding ding, we have a winner. You can't say anything meaningful about security until you state precisely what you are defending against. Until you do that, you're just tossing shit against a wall and seeing what sticks.
Title: Re: Most secure operating system?
Post by: bsdphk on June 23, 2019, 04:31:42 pm
The only correct answer is: The operating system you know well enough to secure and monitor properly.

In competent hands, most operating systems[1] can be made secure.

In incompetent hands, *any* and *all* operating system will become insecure.

In theory, Open Source is better than Closed Source, but in practice only if somebody actually reads the source code.

Finally you also have to consider "secure against what and whom?"

No operating system is secure against state level actors like NSA[2].

So pick an OS that does what you need it to do[3].

Spend the time (years!) it takes to learn that none of it is "black magic".

Only if you are willing to do that, then your OS will be as secure as you can hope for.

/sign Your Friendly Kernel Hacker[4]

[1] The exceptions are "walled gardens" like OS/X and Android, and old insecure-by-design OS's like Win95...XP.

[2] See also: https://www.youtube.com/watch?v=fwcl17Q0bpk (https://www.youtube.com/watch?v=fwcl17Q0bpk)

[3] As part of that selection, you will also want to look at the organization and people behind the OS, because you are going to live with them and their antics.

[4] Yes, I wrote a lot of FreeBSD, but that doesn't mean it is right for you.
Title: Re: Most secure operating system?
Post by: LiftedTrace on January 04, 2020, 07:29:56 pm
Remember the movie "war games". How easy things were to hack back in the day before security started to get implemented?
Well its now 2020.....who possibly remembers all them exploits from back in the day?
Its because of this I say the most secure operating system are the old ones  :-DD.
Title: Re: Most secure operating system?
Post by: firewalker on January 04, 2020, 07:44:51 pm
Define secure OS. Secure against what?

Alexander.
Title: Re: Most secure operating system?
Post by: SiliconWizard on February 23, 2020, 01:30:01 am
For a long time Microsoft even had it as their official policy to not have any security features on by default (like a firewall, multiple users, password login) because they said their studies showed that end users found it annoying.

Yep. I remember when they finally enforced UAC in Windows Vista. Many, if not most users found that infuriatingly annoying at the time. It took a lot of time and a lot of pedagogy so that people would eventually get used to it - let alone see the benefits.

Title: Re: Most secure operating system?
Post by: SiliconWizard on February 23, 2020, 01:35:30 am
Define secure OS. Secure against what?

Yep. Obviously heavily depends on use cases.

An OS for desktop use? For server use? In what kind of hands? Etc.

These days, for desktop/workstation use, you'll still have far less potential security issues using a Linux distribution than using Windows or MacOS. OTOH, a number of things other than security can be annoying for the average user.

For servers directly exposed to outside connections, it's more involved.

Title: Re: Most secure operating system?
Post by: T3sl4co1l on February 23, 2020, 01:44:41 am
Forget anything closed source because there is no possibility of verifying it or patching it and knowing it was verified or patched.  (1)

I wonder what the fraction of CVEs from OSS is, and how that compares to their market share? :popcorn:

Tim
Title: Re: Most secure operating system?
Post by: Jr460 on February 23, 2020, 02:26:15 am
OpenVMS  -   Had an optional DoD approved mandatory security module back in late 80s.   Think of SELinux cranked to the max.   

Even without that module, all I could up with was one security CVE in the past 30 years.  And even that one, just disable  a very rare  command by anyone from users and your problem is gone.   Even at the that You can get to supervisor mode where the shell runs, not the ice, or kernel mode.   So basically you can screwup further commands in your process, not take over a system.  Or apply the patch.

I do know that at one time it was used as for DoD C2 guards, don't know if it still is.   The C2 guard is the only way to get data from an unclassified to classified network other than hand carry and have the incoming media scanned to death.
Title: Re: Most secure operating system?
Post by: Mr. Scram on February 23, 2020, 02:53:47 am
Looking at the subject, sparse opening post, member starting it and lack of subsequent participation this thread seems to be mostly intended to provoke yet another discussion about OSs.
Title: Re: Most secure operating system?
Post by: Mr. Scram on February 23, 2020, 02:57:09 am
Yep. I remember when they finally enforced UAC in Windows Vista. Many, if not most users found that infuriatingly annoying at the time. It took a lot of time and a lot of pedagogy so that people would eventually get used to it - let alone see the benefits.
Nothing has changed. Both people and companies with millions on the line still consider security a barely tolerable nuisance. Very few embrace it and design their systems and processes from the ground up around it. If you're lucky it's tacked on near the end.
Title: Re: Most secure operating system?
Post by: coppercone2 on February 23, 2020, 05:04:30 am
Looking at the subject, sparse opening post, member starting it and lack of subsequent participation this thread seems to be mostly intended to provoke yet another discussion about OSs.

looks like the thread is working fine and its interesting to read, and now specific questions can be asked after a general review.
Title: Re: Most secure operating system?
Post by: george.b on February 23, 2020, 05:42:28 am
https://en.wikipedia.org/wiki/TempleOS
Title: Re: Most secure operating system?
Post by: Karel on February 23, 2020, 07:40:33 am
Forget anything which is closed source.
Why?

Because opensource software contains less bugs?

Quote
Based on static analysis defect density, in the 2013 report, we found that open source code outpaced commercial code in quality.
This trend continues in 2014;

Defect density (defects per 1,000 lines of code) of open source code and commercial code has continued to improve since 2013:
When comparing overall defect density numbers between 2013 and 2014, the defect density of both open source code and commercial
code has continued to improve. Open source code defect density improved from 0.66 in 2013 to 0.61 in 2014,
while commercial code defect density improved from 0.77 to 0.76.

Linux continues to be a benchmark for open source quality. By leveraging the Scan service,
Linux has reduced the average time to fix a newly detected defect from 122 days to just 6 days.
Since the original Coverity Scan Report in 2008, scanned versions of Linux have consistently achieved
a defect density of less than 1.0. In 2013, Coverity scanned more than 8.5 million lines of Linux code
and found a defect density of .61

https://news.synopsys.com/2014-04-15-Coverity-Scan-Report-Finds-Open-Source-Software-Quality-Outpaces-Proprietary-Code-for-the-First-Time (https://news.synopsys.com/2014-04-15-Coverity-Scan-Report-Finds-Open-Source-Software-Quality-Outpaces-Proprietary-Code-for-the-First-Time)

https://news.synopsys.com/2015-07-29-Coverity-Scan-Open-Source-Report-Shows-Commercial-Code-Is-More-Compliant-to-Security-Standards-than-Open-Source-Code (https://news.synopsys.com/2015-07-29-Coverity-Scan-Open-Source-Report-Shows-Commercial-Code-Is-More-Compliant-to-Security-Standards-than-Open-Source-Code)
Title: Re: Most secure operating system?
Post by: T3sl4co1l on February 23, 2020, 09:34:15 am
https://en.wikipedia.org/wiki/TempleOS

As with MS-DOS -- you can't have security issues if there's nothing secured. :-DD

Tim
Title: Re: Most secure operating system?
Post by: george.b on February 23, 2020, 06:29:23 pm
https://en.wikipedia.org/wiki/TempleOS

As with MS-DOS -- you can't have security issues if there's nothing secured. :-DD

Tim

Exactly ;D it doesn't even support networking, by design.
Title: Re: Most secure operating system?
Post by: 0culus on February 25, 2020, 01:53:42 am
Read and weep. (https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf)
Title: Re: Most secure operating system?
Post by: borjam on February 25, 2020, 09:14:22 am
Operating system security is a very complex issue depending on many interconnected factors. Even the user interface is critical.

Architecture, design, and the quality of the software design process is critical as well. In that regard Apple was really ahead in the game for workstations with the relatively quiet adoption of comprehensive sandboxing.

At the same time, sadly, their software design rigor is going down the drain quickly. In a year or two they will reach Microsoftesque crap levels. Their software is falling apart and features that should just work now begin to fail randomly and silently with no explanation and no hope for debugging the reasons.

I guess all the good stuff was inherited from the good old NeXTStep years.

Title: Re: Most secure operating system?
Post by: PKTKS on March 26, 2020, 11:03:19 am
(..)
I guess all the good stuff was inherited from the good old NeXTStep years.

They did.  The folks there had the guts to ditch their crappy kernel..

And replace it with BSD.  Unfortunately they just "converted"
open source (free) in proprietary "Apple style"

MS is not  a software company. They bought a pile of stuff
from others and glued together - that pile they call OS.

Paid closed source drivers/blobs pushed with OEM sales
made a very profitable buzz.. Eventually falling apart.

Just a property holder umbrella - disguised into SAS
Paul
Title: Re: Most secure operating system?
Post by: borjam on March 26, 2020, 11:52:14 am
(..)
I guess all the good stuff was inherited from the good old NeXTStep years.

They did.  The folks there had the guts to ditch their crappy kernel..
There is a common misconception originating from the Linux crowd. Operating system = kernel. And that is
a wrong assumption. Actually, absurd.

They ditched a complete OS, building a new one and adding a compatibility layer (Carbon) so that legacy apps could be recompiled.

Quote
And replace it with BSD.  Unfortunately they just "converted"
open source (free) in proprietary "Apple style"
NeXTStep was Mach + BSD + NeXTStep object oriented stuff.

Macos X is Mach + FreeBSD + NeXTStep descendant object oriented stuff.

BSD was open source at the time (more or less) and FreeBSD is open source today. They haven't made the BSD part proprietary, Darwin is open source (the Mach + FreeBSD part).

Quote
MS is not  a software company. They bought a pile of stuff
from others and glued together - that pile they call OS.
That was in the MSDOS times. Windows is certainly their stuff.

And I forgot. Microsoft was probably the first software company in history serving the microcomputer market.


Title: Re: Most secure operating system?
Post by: PKTKS on March 26, 2020, 01:31:50 pm
And I forgot. Microsoft was probably the first software company in history serving the microcomputer market.

I was using CP/M way before DOS.

And "Windows"  itself appeared when
they "suddenly" just took OS/2 interface...

in fact I used OS/2 pretty much the same at this time

Then.. they bought a thing called LAN Manager.
Which they "converted" into that SMB thing.
. till present day that thing is there..

Before CP/M (even before DOS itself) pretty much
i was confined into IBM stuff  VMS/OS

The way I see.. MS was just a cloud of problems
around 90's  - 80's DOS succeeded dumping CP/M

But since 2000?
they are just a laugh,,,


Title: Re: Most secure operating system?
Post by: free_electron on March 26, 2020, 02:08:25 pm
secure, as in what and how ?

my vote is iRMx running from ROM (not flash , real hard unwriteable ROM).
Very hard to bring down. Even catastrophical memory failure doesn't bring that down.

I've told the story before , but : we ( begin the time i worked in the waferfab) had a ion implanter from Eaton. A -very- expensive piece of semiconductor machinery , and potentially very dangerous as it used hydrogen as a coolant ...
The machine was controlled by a 286 computer . industrial version of a standard PC. This machine booted from ROM containing an iRMX kernel. All memory was considered a ram drive. All applications were loaded from hardddisk in 'virtual partitions'.
This thing had a graphical user interface with touch screen and windowing. Every loaded object lived in its own 'container' ( think something like a virtual drive. the application or object cannot step outside of its container. it only knows its own world.)
items talk to each other passing messages. only the Os has access to load something. if a process or object 'hangs' : destroy the container and reload from disk. The data associated with a process lived in its own container. So that could be preserved and freshly loaded object could be reconnected to the operational state of the crashed one.

This thing was so bulletproof that even failing ram memory could not bring this machine down. The Os would detect parity errors in a segment and simply reload the appliction in a different location and reconnect it to the datapool and then mark this segment as 'bad'. just like in a harddisk. Weeks later , during scheduled downtime, we swapped the memory chips and ran the memtest , freeing that 'sector'.

The Os could never be hacked as it sat in rom and there was no way to 'write' that. It did not get copied to ram, it ran from rom. Any user world stuff was loaded from disk. since all those things lived in their own container there was no way to contaminate anything.

you booted in user mode or in admin mode. There was no way to switch between them apart form a hard system reset. in admin mode you could install new software . in run mode nothing could be written to the application section of the drive. only the data block was accessible for write. If i remember correctly there were two partitions. or two drives. it;s a long time ago.

i have never encountered any other kind of OS that could failing ram memory and keep running.

-edit- and today it is still around. www.tenasys.com (http://www.tenasys.com) . runs parallel with windows , on a multicore cpu it steals a single core and runs in its own section of hardware. you can allocate ow many instances of the os you need. Each grabbing its own core.
it can also run parallel with linux or some other Os's.

Worth reading up on as it is really designed to be a a true RTOS
Title: Re: Most secure operating system?
Post by: borjam on March 26, 2020, 02:17:54 pm
And I forgot. Microsoft was probably the first software company in history serving the microcomputer market.

I was using CP/M way before DOS.
DOS was not the first Microsoft product.

Quote
And "Windows"  itself appeared when
they "suddenly" just took OS/2 interface...
OS/2 was a collaboration between IBM and Microsoft.

Quote
Before CP/M (even before DOS itself) pretty much
i was confined into IBM stuff  VMS/OS
You mean VM, VMS was Digital Equipment Corporation's operating system. By the way the
architect of Windows NT was the VMS architect.

Title: Re: Most secure operating system?
Post by: borjam on March 26, 2020, 02:19:04 pm
my vote is iRMx running from ROM (not flash , real hard unwriteable ROM).
Very hard to bring down. Even catastrophical memory failure doesn't bring that down.
The challenge is keeping security with a rich, complex environment offering a myriad of functions.
Title: Re: Most secure operating system?
Post by: PKTKS on March 26, 2020, 02:31:22 pm
DOS was not the first Microsoft product.

If I recall right it was a BASIC interpreter/compiler

They bought DOS to embed that.
Pretty much their default "modus operandi"

OS/2 was a collaboration between IBM and Microsoft.

until they managed to rip off whatever they needed
to jump off and just dump IBM - then the "File Manager"
they had (or SHELL) became Windows 1.x/2.x (aka 286)


You mean VM, VMS was Digital Equipment Corporation's operating system. By the way the
architect of Windows NT was the VMS architect.

Probably right my recollections from this early 80s are not
that accurate - too much stuff since then

There was also some other Burroughs and BIG main frames
to play over there this era... all pretty much vanished...

Paul
Title: Re: Most secure operating system?
Post by: fragile on July 04, 2020, 11:44:01 pm
I guess the question itself is the red herring to draw attention from the real issue. On the one hand, we can't allow everyone to do as they please. On the other, we can't put everyone in prison as a safety measure. Security is a people thing. The system with best policies and enforcement will be the most secure.

Closed-source is very popular, so attacks are developed for it, so as to get the most bang for the effort expended. Every consumer-owned and operated Windows Desktop or laptop is a sewer pipe for malware. But it doesn't serious alter performance,  invade privacy, or destroy data. It is being spewed out like an infected cell spews  copies of a virus, but the viruses in this case don't do anything but multiply on a typical Windows installation. The targets are servers running certain services on certain ports.

If you connect a packet filter to a Windows machine, you can watch the packets headed all over creation! Thousands an hour sometimes! The antimalware publishers just ignore that stuff. They focus on ransomware: which just bounces off linux, keylogging and remote control trojans, cryptomining trojans, and stuff that really bothers users.

Open-source is very unpopular, so it really doesn't attract malware authors. That, and when Linux is exploited, rebooting remedies it completely. Mac is a fork of BSD UNIX. It has a handful of closed-source tools that make it impossible to use the same way as UNIX. But a lot of standard tools are there. The fork is Darwin, which Apple crafts into Mac like Google crafts Android from Debian Linux.

So, which bullet-proof vest is the most secure? Ok, what if your inside a tank? In mission critical systems, like financial transaction clearing, if any unauthorized hardware is installed, removed or replaced, anywhere within a critical global network, the person in charge of that area will be notified within 30 seconds to disconnect the segment until it can be resolved.

Security is like that.     

     
Title: Re: Most secure operating system?
Post by: electrolust on July 06, 2020, 05:04:29 pm
in the vein of the question, ie context-free except for the mention of "OpenBSD", MacOS 10.15 -- by far.

going a bit deeper, SEL4 followed by QubesOS.