Why Linux Will Never Suffer From Viruses Like Windows

Why Linux Will Never Suffer From Viruses Like Windows

There seems to be a recurring phenomenon in the technology press, where any trojan that affects Linux or Macs becomes front page news. On the other hand, trojans that affect Windows are mostly ignored, perhaps because this is considered to be the normal state of affairs. 

There are two common statements made in the discussions of these rare events: 1, No operating system will ever be secure from Trojans and 2, Linux/Mac only have fewer viruses because no one uses them. The first statement is almost correct, whereas the second one is a flat out myth in my opinion. Let me explain, and I’ll listen if you still disagree after reading the following in its entirety.

 

0
+ -

I work in a school environment running mostly Windows XP where students bring their thumb drives, plug them in do whatever they want. How do I prevent viruses from wreaking havoc on a 12 year old OS? Well, by default, I simply setup a restricted account and that's it.

+4
+ -

But the issue with this is that your students then have no access to any advanced tools unless you bypass security for them.

 

Now try transfering this situation to a home environment. As a technician, you setup a restricted account on someone's computer. Look at the issue with this. You're now locking away access to any of the tools on that person's computer. You would have to visit them everytime they wish to bypass security.

 

Now, with Linux, as long as security is looked after, these issues can be avoided entirely.

+2
+ -

For an environment where the usual unsophisticated user is expected, and frequent software changes are unexpected, a system locker like DeepFreeze will work wonders. I'm sure it can be hacked, but in normal use a simple reboot restores the system to pre-idiot settings.

+1
+ -

I work for a small hospital and we use Deep Freeze on our 'public' computers and it saves us a TON of headaches.

+1
+ -

i agree it's amazing how much work faronics saves me. i also bought copies for my parents computers. Instead of going to "mom and dads" house only to fix computers, we can totally sit back and have a nice bbq instead.

0
+ -

>> I simply setup a restricted account and that's it.

Kid has Knoppix on his thumbdrive. Kid runs chntpw. Admin account not so restricted now.

0
+ -

BIOS -> no USB boot = Be a great admin

0
+ -

"BIOS -> no USB boot = Be a great admin"

Great? Not the most stupid maybe.

Kid: Boot normal Windows (restricted access) -> run BIOS password tool -> go into bios -> change settings -> boot whatever he wants -> even change the installed windows os

You might say it's not that easy. Fact is, when I was in school, I did exactly that. I managed to install _a webserver_ on one of the computers, that was accessible within the whole school network.

And there were all those usual things like bios passwords, restricted accounts and stuff like that. It was comparably easy still. ;-)

I must admit that before that, the school PCs had these fancy hardware-cards that did not really write anything permanently on hard-drive, so always when you restarted, the computer was clean again. We did not find a way around these. Except using a screwdriver, opening the case and removing the card ;-)

A good physical case could probably avoid that to some extent.

0
+ -

crazy4chrissi:

"BIOS -> no USB boot = Be a great admin"

Great? Not the most stupid maybe.

Kid: Boot normal Windows (restricted access) -> run BIOS password tool -> go into bios -> change settings -> boot whatever he wants -> even change the installed windows os

You might say it's not that easy. Fact is, when I was in school, I did exactly that. I managed to install _a webserver_ on one of the computers, that was accessible within the whole school network.

And there were all those usual things like bios passwords, restricted accounts and stuff like that. It was comparably easy still. ;-)

I must admit that before that, the school PCs had these fancy hardware-cards that did not really write anything permanently on hard-drive, so always when you restarted, the computer was clean again. We did not find a way around these. Except using a screwdriver, opening the case and removing the card ;-)

A good physical case could probably avoid that to some extent.

Selection pressures seem to have made us the most ingenious of animals - great story !...

Henri

0
+ -

Hello,

Can you name ANY bios tool that doesn't require you to type the previous password before doing any change ?

Anyway, let's pretend it's possible, H4xx0r kiddie has to logon on your machine, you have a trace of who did it (or at least who let someone do it by giving his password).

Be a great computer admin, no unauthenticated logins.

(please let's continue this)

0
+ -

Au contraire, MadPhil. I know for a fact my school logs logins in an SQL database. With one user account. From a VBS script. *tap tap tap*... 'oops' just wiped everyone's login history.

0
+ -

MadPhil:
Can you name ANY bios tool that doesn't require you to type the previous password before doing any change ?

Yup, the BIOS Reset Jumper on the motherboard does that quite handily.

+2
+ -

Very nice article and so true. Market share is certainly a factor but not the end all and be all.

+2
+ -

Good point, Ive always been a big supporter of open source software, and i really do hope linux takes hold as a major OS.

0
+ -

Yes. Great article. I can add also that since most software for Linux is free that users are downloading legitimate copies of Gimp and Kdenlive instead of an infected Torrent version of Photoshop or Adobe Premiere.

0
+ -

Great point, DRoss. I wish I had thought of that one.

+1
+ -

Not really, even on Linux people want to use Photoshop. It's not like open source can replace all the non-free software. Development of really good programs/apps takes time and money and that's hard to do Open Source.

Really, it's been years and yet there's no really good audiophile programs or a real alternative to Photoshop, among other examples. It's why people keep on trying WINE and VM solutions.

Even the move with Valve to put Steam on Linux is not going to be any more free than the Windows version.

DRM, software pirating, etc are all things mainstream OS users will have to deal with regardless of which OS they use!

0
+ -

>> Not really, even on Linux people want to use Photoshop

Nope.  I use Gimp.  Free, and does everything most people want.

I have more audio programs than I can shake a stick at, I don't know what 2004-thing you're thinking of.

Software piracy isn't going to be a big problem in Linux, because there's a free solution that is good enough for pretty much everything:  LibreOffice, Inkscape, Audacity... it's not worth the Linux users time to pirate software when there's a free solution with a one-click install right in front of him.

Pirated games?  Sure, I'll wager there'll be a few.  But, the vast majority of Windows/Mac trojans are going to be found in pirated versions of the OS or productivity suites... so the games probably will never be a big deal.  If Valve's smart, they'll do like android and run everything under a separate user account where the games can't even screw with any directory outside Steam.

-1
+ -

Sorry but I do use Linux, along with OSX, Windows, Android, and iOS. I'm not picky! I just know better to think that any one of them is invulnerable or in any way perfect. All OS have their strength and weaknesses.

Linux has some good defaults but it still requires a good setup and careful users.

While you obviously don't use Windows if you think it's still easy to do unsophisticated attacks. Drivers like the video drivers have been sand boxed since Vista. Along with a lot of security features that's been added over the years.

The majority of Attacks on Windows are Trojans, not viruses!

So it's mostly user error and things like not all users necessarily take advantage of those security features, like many insist on always logging in as administrator instead of a limited account even if they never really need admin privileges.

Also you're assuming things like Java actually has to be installed on Windows just like Linux. So either way user permission is required.

Windows 8 Modern UI brings in the latest security improvements, like all modern UI apps run sand boxed just like Linux. Secure Boot, etc are all enhancing Windows security higher than it's ever been before. The new MS App store will make it a lot harder to attack users through apps, etc.

While like it or not though Gimp is no replacement for Photoshop, sorry but I've worked as a graphic designer and theirs no real replacement for Photoshop. Gimp is more in the class of something like Photoshop Elements, Photoshop features but not the same as the full program.

There are also no really good audio editing programs for Linux.

Really, check out the "Why Linux Sucks | LFNW 2012" (part of LinuxFest North West) on youtube. It covers what Linux still needs to overcome and it's made by pro-Linux people!

+1
+ -

>> While you obviously don't use Windows

I've used it every day in my professional work for the last 20 years, and been writing software for it all that time..

>> Gimp is no replacement for Photoshop,

For the majority of us, it is. It's just not a replacement for everyday professional designers that need that final 5% - and who probably own Mac's (and therefore have OSX) for that type of work.

>> There are also no really good audio editing programs for Linux

http://ardour.org/

>> Really, check out the "Why Linux Sucks | LFNW 2012" (part of LinuxFest North West) on youtube. It covers what Linux still needs to overcome and it's made by pro-Linux people!

I'm very familiar with Bryan's work, having been a long-time viewer of The Linux Action Show. He gives that talk each year to show the progress. You should watch the talk he gave afterwards, called "Why Linux Does Not Suck (Even A Little)".

-1
+ -

"I've used it every day in my professional work for the last 20 years, and been writing software for it all that time.."

Then you should have known better on all counts!

"For the majority of us, it is. It's just not a replacement for everyday professional designers that need that final 5% - and who probably own Mac's (and therefore have OSX) for that type of work."

Doesn't change the point that until Linux has a real replacement then it won't appeal to the professionals!

"http://ardour.org/"

Sorry but that's like GIMP for audio, it's not a pro tool like ProTools, Cubase, Sonar, and Reaper.

"I'm very familiar with Bryan's work, having been a long-time viewer of The Linux Action Show. He gives that talk each year to show the progress. You should watch the talk he gave afterwards, called "Why Linux Does Not Suck (Even A Little)"."

I did watch both, so sorry but I'm not the one in denial here. The first video clearly points out things like Linux has yet to get any really good pro tools for audio and video editing. Among other things that still need to change for Linux.

So, like I said before, Linux has some good defaults but it still requires a good setup (it can actually be made quite a bit more secure) and careful users. Especially the latter as any attack that targets the user can bypass any security the user has access to!

+1
+ -

>Linux has some good defaults but it still requires a good setup and careful users.

My 8yr old installed Linux on his computer this week clicking Enter about a dozen times.

Really not hard to setup..

Careful users?

I call BS on this. If anything, you have to be more careful on Windows.

Granted, use Linux for a while and you become a little cocky. My dad watches sports on Rojadirecta when he is at home using Linux and used it at a friends place one day and within a few mins, that Windows machine was infested.

Had he been using Windows, i would have warned him that hackerz, warez, live feeds. *** sites are high risk...

I have 4 kids running Linux including my sisters and inlaws kids thats 13 kids from 5 to 16yrs old. Careful kids you say?

I have Linux running on many friends and family's computers who always asked me for help since I 'know computers' (telling them I write Perl and Python and dont know user infterfaces is useless) and most of the time it was the same old song and dance. with infested computers.

Counting inlaws-parents-aunts,etc, thats 14 senior citizens using Linux of which more than half never touched a computer before.

Careful users? Dont make me laugh.

I just went through the 10.04 to 12.04LTS upgrade this summer for my family that uses Kubuntu and its been smooth.

The past 4 years of switching all these people (some have dual boots or Virtualbox for work stuff) has meant that my free tech support has diminished by 90%. heck, I use KRDC most times and dont even seen them when there is something that comes up...

And btw, my wife works as project manager for a design company so she uses Photoshop at home (Win7 running through Virtuabox) and is one of the rare people I know that actually NEEDS it for work or that has a legal copy of it.

Its a question system admnistrators always talk about when chatting about what people download at work "How many people have Photoshop and paid for it / or need it?".

My eldest went to Prek years ago and half the mommies used Photoshop. Not well might I add (nightmares of

embossed and lens flare). None paid for it. People think they need it because thats the only thing they have ever heard.

Let's face it, there is barely anyone in our IT department that DOESNT have it. Same at where friends work.

Then ask how many people need it for work or paid for it and you will see that even though the world is full of graphic artists or 'web designers', the majority of those people havent shelled a grand for Photoshop.

There isnt a huge throng of geeks out there looking to get a version of Autocad but tons of people who see themselves as artists who think that the only thing thats stopping them from creating images or movies is their access to the top of

the top of software.

0
+ -

Excellent post, A Dent - your description parallels my own (limited) experience in installing Linux (Ubuntu) on the computers of the retirees I often help. I usually have no problem convincing them to install and try Firefox and/or Chrome alongside the pre-installed IE, and the vast majority seem to prefer these browsers and to stick with one of them. But I've found suggesting a non-legacy operating system far more difficult ; generally speaking I refrain from doing so. In a few cases, however, I've lent refurbished older computers on which I've installed Ubuntu to members of our organisation ; these users have universally found it easy to operate and I've noticed that they have required much less follow-up help than their coevals using various versions of Windows....

Henri

0
+ -

This is the kind of stuff that people laugh at years down the line. It's nothing new.

If Valve or any other commercial giant is successful at driving a large market onto Linux for whatever reason (because the open-source community has proven they can't do it themselves; only commercial entities, like Canonical and Google, have had any success), chances are most people are going to have the most up-to-date version of the latest LTS distribution of Ubuntu. That vastly reduces the target variety and gives malware creators a whole hell of a lot of information to steal.

If Canonical can create a robust sandbox for developers of software commonly used by average, somewhat Linux-literate users, then that's great. But for the power user, that succeeds in only doing what they're trying to avoid in Windows 8 and OSX: reigning in many parts of the OS for the sake of safety and user experience at the expense of the core Linux philosophies. It sounds untenable, but who knows, maybe somebody will figure it out.

0
+ -

The problem isn't the operating system, and it never was. It's the users. I deal very regularly with a lot of low-income computer users, generally running donated or very old used computers, more often than not running Ubuntu. A Linux-targetted botnet would have no trouble reaching these users...it wouldn't even need to use any exploits or 0-days; all it would need to do is trick the user into entering their password with the promise of free porn, or a working Flash plugin, or even funny cat videos. Honestly, I'm shocked this hasn't been tried (or if it has, I'm shocked it's not ubiquitous). The only way to secure things for everyone in the long term is educating the users, whether they're on Windows or something else.

1 2 Next
Login or Register to Comment
Post a Comment
Username:   Password: