How secure is Tinycore/Microcore ?

[cURIOUSgEORGE]

 How secure is Tinycore/Microcore distros INSTALLED TO HARD DRIVE compared to others? I'm trying to find the right words for my question but it's hard, so here goes...........

 What makes a system more secure then another? I understand firewall, antivirus, antispyware and the user himself of course, but besides all that what else makes a OS considered to be unsecure or more secure then another???

 Is Tinycore/Microcore secure and if so then why or why not?

 Is Linux in general considered to be harder to hack? Or NO! because it is open source?

 hmmmm, if that's the case then why is Windows xp,vista considered to be soo unsecure?

 I understand that NO system is 100% SECURE but what makes a system VERY HARD TO HACK "hack as in from an outside hacker" and could Tinycore/Microcore become that system?

 Does it NOT even matter what OS you have as long as you have a great Firewall???

 Id love to hear any responses from ANYBODY......

 Thanks, cURIOUSgEORGE

[gerald_clark]

There are books written on the subject.

[cURIOUSgEORGE]

 You're right! Read one and get back to my questions.

 Thanks for the response

No matter how much I read I'm still going to have more questions and that's why I posted my questions.
I was under the impression that that's what the forums are for.

[Guy]

One of the advantages of Tiny Core over most other operating systems, is the frugal installation. If ordinary malware was to get into Tiny Core, it would get into RAM. When you turn the computer off and restart, it would be gone.

The firewall is easy to set up, and effective for home users. This makes it very difficult for hackers.

Operating systems which are widely used, are targeted by hackers / malware. Tiny Core has relatively few users, compared to some others, and has not been targeted. But the number of users is continually increasing.

There is no guarantee that Tiny Core will not be targeted in the future. There is not such thing as a computer connected to the internet, which can be guaranteed to be secure.

[gerald_clark]

The subject of computer security and hacking is so complex that it cannot be covered in a few sentences here.
There are many books that cover various aspects of computer security.
If you think I am trying to be "wise", you are not.

If you want to get help in forums, an attitude change would be a good first step.

[cURIOUSgEORGE]

 You clearly were trying to be wise but that's okay. You could have simply said what you just did say "The subject of computer security and hacking is so complex that it cannot be covered in a few sentences here.
There are many books that cover various aspects of computer security."

As far as my attitude, haha ya gotta be kidden me,settle down buddy
Anyways it is what it is, take care and thanks.

[cURIOUSgEORGE]

 Thanks for the response Guy, and it was very much appreciated. I wonder roughly how many users Tinycore has. I also am wondering what advantages TC has without a frugal install, just out of curiosity.

[Jakob Bysewski]

As gerald_clark already pointed out, there is no easy answer to this question.

The direction in which you'd want to research depends on your definition of security (secure against non-permitted mofification of files, secure against reading your files from anywhere, secure against corrupting data, etc.). There are different layers in which this security may be enforced.

What I personally like about the linux philosophy, is that you can do all of your application work without root-rights (which is sometimes hard on a windows system, where you have to use mis-behaving software [which is misbehaving because microsoft does not enforce certain design paradigmas]) and that binaries, data and configuration are clearly separated (as opposed to windows, where there is no central enforced storage for these things - if you just backuped your documents, you may have lost important settings on reinstall).

Your definition of security should also include a definition of trust: whom do you trust? The Tinycore repository? Some public download server? Sourcecode which you downloaded from the - supposed - author? The linux kernel? Your filesystem?
Every action implicates trust in something, at lest in the right outcome of the commands I gave my system. When you think in depth about this, it gets harder and harder.

As an example:
I have to trust into my harddisk, that it will not fail while I don't have a backup in place. Most users I know, do not have a backup or they do it only once in a while. But when I tell you, that the chance your harddisk fails within 3 years after purchase is about 5% you may come to the conclusion, that loosing or at least corrupting your data due to harddisk failure might be more likely than an evil person hijacking your computer...

[tinypoodle]

You clearly were trying to be wise but that's okay. You could have simply said what you just did say "The subject of computer security and hacking is so complex that it cannot be covered in a few sentences here.
There are many books that cover various aspects of computer security."

That would be exactly how I (and I guess others than me) have interpreted the post in the first place. And it was indeed simply stated.

[^thehatsrule^]

For the record, it would not have been "bannable" - so you can relax.

I do think that your questions are more general, so perhaps a security oriented forum or related would be more suitable as I doubt you'll find answers you want here IMO.

[cURIOUSgEORGE]

TinyPoodle , if you got all that from "there are books on that" Then YOU'RE AMAZING! I took it as "go find the answer yourself" but like I said no biggie. Very well put jacob!

[gerald_clark]

I simply meant that the volume of information is so great that there are books of it.

[cURIOUSgEORGE]

No problem Gerald and I see that now. It has been just simply a misunderstanding on my part and I apologize for that...
Just so ya know I was also misunderstood by my response to you "calling you a wise ass" lol , that wasn't ment to be taken seriously or in an angry way at all what so ever. Due to me misunderstanding you in the first place "I thought you were being sarcastic" so therefor........ "I through 1 back at ya" That's all I could tell ya buddy......

Once again, I misunderstood ya
So sorry for that
Thanks for even caring to comment on my post in the 1st place

Alrighty take care

[jerramy]

Sorry to take the topic for yet another turn, but as far as the original question...

I'd say it depends on your definition of "secure".  If you mean, invulnerable to damage, then it's probably pretty good.  Any system can be easily rebuilt, as all the extensions are completely seperated from the kernel and the most important part, -the data-.  That final part can quite easily be backed up, and the rest is easily re-acquired.  Auto-back up your mydata file, and you have a pretty reliable system.

Now if by "secure", you mean that it keeps your data safe from -theft-, well, I gave that battle up a long time ago.  If you want to spy on my web-surfing, have fun, but the actual useful stuff (like financial records) are safe-guarded the old fashioned way:  Manually.

For me, it's as secure as I expect it, which is "not at all".  But it can be made as secure as you can make it, which is the joy of it.  It's up to you to make it as secure as you want it.

There's probably an extension for that...

[cURIOUSgEORGE]

HAHAAAAAAAA There probably is a extension for that! "IDK" But you're right that there is pretty much an extension for everything! Great response, thanks bud.