Security Threat to Linux is coming? What degree of control an operating system should offer users?

A post in Ubuntu forum about malicious commands is found here which makes me think about security in operating systems.

My wonder is really what kind of control an operating system should offer users?

Say when we worry about traffic safety, most technicians try very hard to somehow arm the car to be a tank. A Economics Nobel Prize winner once argued that the safter the cars are, the more reckless people drive and the less safe a drive is.

So what I am trying to argue here is that worrying about all the security issues on one side, shall we turn our face to look at another direction? Shall we make our systems different so that there's nothing to change or impossible to change in the system in the first place?

This is mainly a logical question instead of a technological question I think. First of all, as is the current operating system designs, users, ultimately, have absolute control. But the thing is, hackers are always better than average users. So what level of authority users have, the bad guys indirectly have them too. And to what percentage of people actually uses their super user priviledges daily?

I think a promising business is, instead of body guard, something like a data guard.

Linux was safer not because it's intrincally safer or anything (it could be, but at most by a neglegible amount.) The mere fact is that it wasn't popular enough yet to attract the demand and for the worth of the trouble to design such subtle malwares. I learned the hard way that MSN space pages could run scripts to infect IE so I stayed in Linux mostly after since.

With Linux, you have more control if you know what's going on (well, probably because we were all educated to make fundamental changes in Linux yet picked up superficial Windows by ourselves). But anyhow, the result is, in Linux, we are able to monitor all system processes, choose to run scripts ourselves etc.

But with the increase of Linux's popularity, and the idea of "Linux for human", Linux is becoming more and more like a daily operating system too. So the problems that Windows had can be directly brought over to the Linux world.

You could blame me on this but I look forward to a Linux distribution,maybe something like "Solid Linux" to be designed such that after it's installed, it's almost impossible to make changes to it. Let's say, make it scan finger prints of 5 people. And to change the 5th finger print, you need 4 and another one providing a key file or something like that. That could be the ideal system that we use to "just get the work done"; when you open the browser, you can surf the web, when you start the text editor, you can edit your paper, when you fire up the email client, you get your emails.

Then there could be the "risky" ones that you can just do whatever you want to do to it. No one hacks your toaster because it's designed only to toast and there's no extensibility and I think the trend in the future, and the demand for stable and consistent daily used operating systems, must be minimal configurability.

Technorati : Linux, security
Del.icio.us : Linux, security