I see that there’s an 64-bit version of Windows Vista. Will it be more
secure on a 64-bit machine that the 32-bit version on a 32-bit machine?
Looking into it a while back I thought I read that there was greater
security on a 64 platform versus 32-bit because there weren’t as many viruses,
and so on. It also dawned on me that banks and so on all insist on 128-bit
security, so I figured that more bits must be better, right?
Well, yes, no, and maybe.
There’s a little bit of apples to oranges comparison going on here, but
there are also some grains of truth.
Let’s look at just what all the differences are and how they do, and do not,
impact security.
Become a Patron of Ask Leo! and go ad-free!
Let me start by saying that a 64-bit computer running 64-bit Windows is not
going to be inherently that much more secure than the 32-bit equivalent.
They’re they same operating system, and most vulnerabilities that appear in one
are likely to appear in the other.
There’s certainly nothing about being 64-bit versus being 32-bit that makes
the computer any more secure.
To oversimplify, when we talk about a computer being a 32-bit versus 64-bit,
we’re really just talking about the size of the biggest integer number that the
process can operate on at a time. On a 32-bit computer an integer number can
range from 0 to 4,294,967,295. On a 64-bit computer, however, it’s 0 to
18,446,744,073,709,551,615.
Now, as I said, that’s an over simplification, but it’s important. When a
computer needs to work on numbers or other concepts that can’t be simply
represented within those ranges it has to break them down to multiple
operations that are within those ranges. Perhaps easier to understand are old
8-bit computers where the range was 0-255. That doesn’t mean that the computer
couldn’t work with larger numbers, it means that programs had to be written to
break operations on larger numbers into pieces that worked on numbers within
the 0-255 range. Depending on what was happening, it could be complex to do so
and certainly slower.
being 32-bit that makes the computer any more secure.”
There are other differences as well. For example a 64-bit computer will
typically load data from memory into the CPU 64 bits at a time, compared to 32
bits at a time on a 32-bit computer. For our discussion here, though, those
differences are transparent.
64-bit computers have actually been around for while. In fact, many of the
processors in newer machines are already 64-bit, but running the 32-bit
operating system in 32-bit mode. The free GRC utility Securable will tell you what you have; you may find you
have a 64-bit machine and not even know it. (It turns out that my laptop has a
64-bit processor, and I didn’t know it until I ran that utility. 
)
One of the reasons 64-bit Windows is not used as commonly as you might
expect is the lack of hardware drivers. Drivers need to be modified to work in
64-bit Windows, and most manufacturers have yet to do so. It’s kind of a
chicken and egg situation: manufacturers would do it if more people ran 64-bit
windows, but more people would run 64-bit Windows only if drivers were already
there.
So this brings us to our first explanation of why 64-bit Windows might, for
now, be slightly more secure: some, though not all, types of Viruses and
spyware implicitly depend on 32-bit Windows and will fail on 64-bit Windows.
Like the drivers, virus writers need to “upgrade” their viruses for the new
platform.
Now, I say all that reluctantly, and use the words “slightly more
secure” for two reasons:
-
Many viruses and spyware are not dependant on the platform.
Meaning they’ll work just as well in the 32-bit world as they would in the
64-bit world. 64-bit Windows is just as vulnerable as 32-bit Windows to these
threats. -
If 64-bit does become as successful as 32-bit is today, the virus and
spyware writers are sure to follow. If you build it, they will come.
So, in summary, I certainly wouldn’t choose a 64-bit machine over a 32-bit
machine for security purposes. There may be other reasons to choose one over
the other, but in my opinion inherent security isn’t one of them.
So, that was the apples, now what about the oranges?
When banks or other firms talk about 128 bits it’s really something else
entirely.
They’re talking about how big a number is used to encrypt the data that’s
traveling between your computer and theirs. The larger the encryption key, the
harder it is to crack or decrypt the encrypted data without knowing the
decryption key.
As we mentioned above, a 64-bit number can be as large as
18,446,744,073,709,551,615. In early forms of wireless encryption, a 64-bit
number was commonly used as the encryption key. Unfortunately computers have
become powerful enough that it’s become fairly easy to crack 64-bit
encryption.
Today 128 bits (which for the record can be as large as
340,282,366,920,938,463,463,374,607,431,768,211,455) is the currently accepted
minimum size for encryption keys to be considered secure. 256 bits is becoming
more common, and for other security applications 1024 and 2048 bit keys are
considered current state-of-the-art when used with the appropriate encryption
algorithms.
But none of that has anything to do with the 32/64-bit question relating to
your computer. Even my old 8 bit computer could handle computing 2048 bit
encryption keys … given enough time.
The bottom line is that the best and basic steps for your security are the
same no matter what platform you’re running. Check out my recommendations in
Internet Safety: How do I keep my computer safe on the internet?
This guy has absoultely no idea what he is talkin about. In order for a virus to work on a 64bit operating system it must be specifically encoded for 64bit. I could give a much better explanation than leo on this subject. WOW64 is written so that viruses that are written in 32bit mode cannot infect the 64 bit kernel of the operating system. Also, must companies are offering 64 bit drivers. LEO=dumb
Yes, I agree with 64bitfreak, leo’s talk is good no doubt as far as explaining some of the basics about OS and CPU relationship is concerned. But unfortunately it does not answer to the origianl question i.e; “64-bit windows Vs 32-bit OS from security and safety per se” is not correct.
Many viruses are written keeping in mind the addressing scheme of the OS. Of course, a 64 bit OS would be more secure than a 32 bit OS because a hacker has more to crack.
In a bit more detail, I would like to say that viruses are all about manipulating numbers and performing arithmetic operations using pointers in a non-formal way, and that’s why they can attack the the memo0ory locations.
Yes, bit ness of a OS of course matters in terms of secuirty from viruses.
How can I recover my 64 bit processor, help plz?
I ran a 32 bit vista premium over my 64 bit vista home, how can I get it back to running 64 bit processor speed, I tried to install a windows 64 bit upgrade over it but nothing. I read on internet that I cant get my 64 bit back that way. Can anyone tell me how I can get my 64 bit back fully, do I have to buy a premium 64 bit upgrade and put it over the 32 bit upgrade. Please someone with intimate computer knowledge please help. Thanks
19-Sep-2009
64bitfreak, once you write a virus for 32 bit, it shouldn’t be that hard to compile it with a 64 bit browser. Since the internal working strategy is almost the same in both cases, i wouldn’t say its more secure.
@ 64bit freak…
I have had to work on 2 Windows 7 64 bit systems loaded with spyware/viruses/toolbars/hosts file injections
if 64 bit is more secure, they certainly seem to have no problem attacking it!
I have seem pretty much the same type of malware/viruses on 64 bit systems, as 32 bit. End result is the same.
I have to agree with Leo, because in theory, 64 bit is secure. In practice, it isn’t really that much better.
Once something is hacked/patched/cracked, it is that way forever. The fact that people love to share guarantees that if one person has it, all do.