Well, Windows isn't "that open" to viruses and spyware anymore (at least when you take the releases after XP
. All operating systems suffer from errors in design and programming in parts of their functionality, which allow attacks. However - since Linux is Open Source, you will always have a great community watching over errors and smart people are finding them and are helping to wipe them, which is not the case in closed source products like Windows. Other principles are helping to be more secure, as examples I'd mention:
1. Group/user settings. You will allow special services only to run as an unprivileged user instead of running it as root. That way you might only have privilege escalation in case of a buffer overflow or other severe software problems, which should be fixed by the maintainer of the program. Of course these problems can also appear in the systems C library.
2. iptables secures your network connections, e.g. drop everything else than LPR port connections for printing.
3. Red Hat/Fedora use Security Enhanced Linux (selinux), a "toolkit", which extends the functionality of the file/operating system to allow only special operations for processes on special files, e.g. if a process runs in a "printing context", it is not allowed to read data from the "file sharing context" or "system context", because there should be no use in doing that other than suspicious reasons.
1. and 2. are easily to manage in tinycore, 3. is a little too complicated as you would need a new busybox binary... but these are only a few principles that came to my mind right now
Welcome
FAQ
Downloads
Wiki
