Discussion:
Security of Linux on PPC vs i386
(too old to reply)
Eric
2007-04-29 17:52:05 UTC
Permalink
All else being equal, does Linux on a PPC tend to be more secure than on
an i386?

It seems that many of the Linux exploits seem to arise from things like
buffer overflows that insert machine-language code into predictable places
in the memory map, then the cracker is able to execute that machine
language code as a privileged user to create a back door.

It would seem that on average this would be less prevalent on PPC than on
i386 if for no better reason than there are probably many more crackers
out there that know i386 machine code than PPC machine code.

Is that a reasonable assumption or am I dreaming?
Jerry Heyman
2007-04-30 01:33:32 UTC
Permalink
Post by Eric
All else being equal, does Linux on a PPC tend to be more secure than on
an i386?
Define secure.
Post by Eric
It seems that many of the Linux exploits seem to arise from things like
buffer overflows that insert machine-language code into predictable places
in the memory map, then the cracker is able to execute that machine
language code as a privileged user to create a back door.
It would seem that on average this would be less prevalent on PPC than on
i386 if for no better reason than there are probably many more crackers
out there that know i386 machine code than PPC machine code.
Is that a reasonable assumption or am I dreaming?
As with Windows being the predominate x86 OS - hence the biggest target,
linux on x86 is the largest installed base. It would then point to the
x86 being the one that people would most likely attempt to exploit. The
addition of 'root' for admin, as opposed to the first configured user (a
la Windows) protects Linux from some easy exploits.

As for PPC being more secure than x86 - only because it has a much more
limited user base. Remember, Linux distros (regardless of CPU) use the
same source - if the exploit exists on x86, then the exploit exists on
PPC, Alpha, m68k, hppa, 390, ... People just don't use them as much, so
they're not the initial target - but they will still have the same
fundamental flaw.

jerry
--
// Jerry Heyman | "Software is the difference between
// Amiga Forever :-) | hardware and reality"
\\ // ***@acm.org |
\X/ http://bellsouthpwp.net/h/e/heymanj/
Anton Ertl
2007-04-30 07:39:42 UTC
Permalink
Post by Eric
All else being equal, does Linux on a PPC tend to be more secure than on
an i386?
It seems that many of the Linux exploits seem to arise from things like
buffer overflows that insert machine-language code into predictable places
in the memory map, then the cracker is able to execute that machine
language code as a privileged user to create a back door.
It would seem that on average this would be less prevalent on PPC than on
i386 if for no better reason than there are probably many more crackers
out there that know i386 machine code than PPC machine code.
Is that a reasonable assumption or am I dreaming?
Yes, you would be more secure against attackers aiming to crack just
some machines.

You would not be more secure against a determined attacker who is
specifically after your machine. Well, maybe a little: it might be a
little more costly and take a little more time to work out the attack,
because there are few other attackers working on it.

Note that there are also architecture-independent attacks (often with
data interpreted as scripting-language programs), and you won't be
more secure against those.

- anton
--
M. Anton Ertl Some things have to be seen to be believed
***@mips.complang.tuwien.ac.at Most things have to be believed to be seen
http://www.complang.tuwien.ac.at/anton/home.html
Loading...