I've used windows since it first appeared thru Win95, now Win7 and there is always the risk of virus attacks even with paid virus protection software.
I've used Linux since Slackware was first introduced ... but have been an Ubuntu user for many years and have NEVER had even the hint of a virus and as far as I know, no one I am in communication with that uses Linux has ever seen a virus either.
I personally think about the only risk to Linux users is just plain basic system security common sense. Don't all root login via ssh, keep your password safe & use good passwords etc... which of course are the same things you'd do with Windows.
Discussion on:
View:
Show:
As system admins, engineers and developers we can prefer security, restrictions etc. but lots of the people will prefer to run everything without so much questions (remember how people hate from Vista) This is why they use linux. Of course when they lost their files due to a virus they'll start blaming but still they'll not run linux, because it'll be a very complex system for them. Even so many businesses will prefer to run insecure systems behind a firewall. Because when they install the new security patch so many applications will not work, will take a long time to fix and nobody can answer the claims. With current business model is it possible to dominate the desktop of average Joe?
You would also get more devs fixing holes.
In the end, I think it would balance out. Some unlucky people (probably face book users) will get viruses as they are fresh. But then patches will quickly appear and everyone else will be safe.
That and probably the most vulnerable code will be close source code like Flash and silverlight.
In the end, I think it would balance out. Some unlucky people (probably face book users) will get viruses as they are fresh. But then patches will quickly appear and everyone else will be safe.
That and probably the most vulnerable code will be close source code like Flash and silverlight.
The first "viruses" were on Unix, and the usual attempt was to alter commands. To do that, they needed a "secure shell" like SSH or telnet. It is easy to move telnet to "guest" user and disable SSH port and then inhibit remote login to the few that needs it. There is no way you can change essential parts of Linux or MacOS without having to ask for the Admin password from the user, and been provided this. But, it is fully possible to embed a script in a Jpeg picture, that executes in the user's own context.
If the user wants to see picture effects, video (Flash definitely contains a dangerous script language) and rich media, you will need a way to connect the presentation of these to local applications. These must be able to execute scripts, also to verify and authenticate.
Knowing some of the flaws that allows viruses, I don't expect the developers will have to worry much, except that their code will be inspected to verify that it does just what it should and nothing else. The rest is simple. On Linux and MacOS, an application cannot modify another by accident. It cannot debug the kernel, it cannot chage the "rm" command. Should a pointer go way out in the blue, it will be trapped, and cannot "see" the memory of others (beside allocated shared memory).
I believe most hacks originates from Linux today, since they can leave without making a trace. They have seen to that their systems cannot be hacked. So those writing virus scanners today are facing a bleak future.
If the user wants to see picture effects, video (Flash definitely contains a dangerous script language) and rich media, you will need a way to connect the presentation of these to local applications. These must be able to execute scripts, also to verify and authenticate.
Knowing some of the flaws that allows viruses, I don't expect the developers will have to worry much, except that their code will be inspected to verify that it does just what it should and nothing else. The rest is simple. On Linux and MacOS, an application cannot modify another by accident. It cannot debug the kernel, it cannot chage the "rm" command. Should a pointer go way out in the blue, it will be trapped, and cannot "see" the memory of others (beside allocated shared memory).
I believe most hacks originates from Linux today, since they can leave without making a trace. They have seen to that their systems cannot be hacked. So those writing virus scanners today are facing a bleak future.
It's funny what people will leave out of a story; The first viruses were written as academic works in 1966 (predating Unix) by, John von Neumann "Theory of self-reproducing automata":
http://cba.mit.edu/events/03.11.ASE/docs/VonNeumann.pdf
Which can only mean that you're repeating some bit of rhetoric you overheard.
http://cba.mit.edu/events/03.11.ASE/docs/VonNeumann.pdf
Which can only mean that you're repeating some bit of rhetoric you overheard.
Maybe it is harder to crack, but impervious? Don't think so. Here's another theory:
Could it be that hackers see Linux as part of the same counter culture movement that they belong to so why would they break into their own house? OK... It's a bit cynical but I it's a theory - nothing more... Tthe lack of viruses on the platform is for real and there is definitely something to be said for the open source system helping to resolve these things. BTW I have an android tablet that had the rotate feature crippled by a manufacturer pushed upgrade in OS level. Problem is there is no vector to get to the manufacturer and they have no official response even though it is a known problem. Why do I mention this? Well taking this discussion into account - maybe Linux/ubuntu does have a future on the tablet platform. At least with open source somebody who can do something may actually be listening.. (hear this Acer???)
Could it be that hackers see Linux as part of the same counter culture movement that they belong to so why would they break into their own house? OK... It's a bit cynical but I it's a theory - nothing more... Tthe lack of viruses on the platform is for real and there is definitely something to be said for the open source system helping to resolve these things. BTW I have an android tablet that had the rotate feature crippled by a manufacturer pushed upgrade in OS level. Problem is there is no vector to get to the manufacturer and they have no official response even though it is a known problem. Why do I mention this? Well taking this discussion into account - maybe Linux/ubuntu does have a future on the tablet platform. At least with open source somebody who can do something may actually be listening.. (hear this Acer???)
Hackers are a diverse lot.
1) There is the counter culture like Anonymous, they will break into government computers (linux or wintel). Lulz will do just everybody if you happen to piss them off...
2) There are criminal hackers like the Russian Business Network. they will break into anything where they expect to make money. Wintel offers bigger bonusses than linux, but that's not much of a safeguard.
3) State hackers like Chines Army, Iranian Guard, Israels Mossad and the American agencies like CIA, FBI, NSA. They will break into anything, which they suspect, Linux, wintel or Apple. Not much of a safeguard either.
In the end: with the rise of Linux there will be more break-ins. And a lot of break-ins are browser-attacks...
1) There is the counter culture like Anonymous, they will break into government computers (linux or wintel). Lulz will do just everybody if you happen to piss them off...
2) There are criminal hackers like the Russian Business Network. they will break into anything where they expect to make money. Wintel offers bigger bonusses than linux, but that's not much of a safeguard.
3) State hackers like Chines Army, Iranian Guard, Israels Mossad and the American agencies like CIA, FBI, NSA. They will break into anything, which they suspect, Linux, wintel or Apple. Not much of a safeguard either.
In the end: with the rise of Linux there will be more break-ins. And a lot of break-ins are browser-attacks...
When you have a kernel built on a sound basis, you cannot hack it. If you ever wrote a production operating system, you would understand. With virtual memory on main frames you have "keys" for each user and that prevents them from accessing other users or the nucleus (kernel). While you may POSSIBLY be able to attack the application in a particular user's memory, you won't be able to attack another user's nor the kernel. A good kernel will not provide any back doors to other components, unlike Windows gives access to its other products .
Most viruses are not possible on Linux/MacOS. Only trojans, and for all, they can only get to the files you can get to without any effort. Regarding Linux on the tablet, most early days tablets ran Linux. Then the "analysts" demanded Windows, and Steve Jobs finally got them to make it with their variant of Unix: iOS. But the tablets came from Linux and will most likely return here because of the rich applications you find here.
Let's make this crystal clear, for the cheap seats...
You can build a server system that cannot be cracked. Following security standards that have been in place for years - and for good reason.
All errors are created by people.
The design of a POSIX system is anchored in security. Security gaps are left open by new admins that have no yet been educated but the systems themselves can be buttoned up - air tight.
You can build a server system that cannot be cracked. Following security standards that have been in place for years - and for good reason.
All errors are created by people.
The design of a POSIX system is anchored in security. Security gaps are left open by new admins that have no yet been educated but the systems themselves can be buttoned up - air tight.
Is Linux more secure than Windows? Probably, but it's hardly perfect. Equal growth, maybe not. But never say never. As Linux popularity increases the value of attacking it will increase. As that value increases, so will the attacks. It's pretty basic market economics. There are already a number of Linux server exploits. I suspect a lot of this is due in part to Linux popularity in that area.
I also think it makes no sense to define the problem narrowly. Rootkits, worms and other malware are problems. Malware is an issue for every OS, even Linux and BSD. It's only going to get worse as the value of attacks increase.
Finally, the OS isn't the only attack path. Applications present attack paths as well. Linux may provide better tools for dealing with this, but very few installations apply those tools effectively. It's only going to get worse when less technically oriented users become a higher proportion of the base.
I also think it makes no sense to define the problem narrowly. Rootkits, worms and other malware are problems. Malware is an issue for every OS, even Linux and BSD. It's only going to get worse as the value of attacks increase.
Finally, the OS isn't the only attack path. Applications present attack paths as well. Linux may provide better tools for dealing with this, but very few installations apply those tools effectively. It's only going to get worse when less technically oriented users become a higher proportion of the base.
Linux and MacOS/iOS/Unix is another league when it comes to security compared to Windows. Rootkits is impossible. worms are impossible. The malware that is possible is trojans that can be launched from emails and in the browser and cloud applications. But on Linux/MacOS you can detect the attempts, isolate, and they cannot do anything major wrong without you giving them the Admin password. When I say "cannot" the meaning is physical impossible, where "may" is a request for. Should an application try to go to some other place, it is "Address violation" or "Segment Fault" and that was that.
unless some nitwit makes a distro which logs on as root for convenience and it becomes popular.
On those rare occasions where I have logged on as "root", I would frequently get prompted for the password before the system would make a change. It irritated me since I had supplied the password to obtain root access in the first place and then prompted for a number of operations.
BTW, I am assuming the "nitwit" did not rewrite the kernel.
BTW, I am assuming the "nitwit" did not rewrite the kernel.
I have seen the same logic said for the Mac OS, yet it's met by derision by the Windows folks. Will it be the same here?
I am in year 11 of using Linux as my only system. During that time I have introduced family and friends to Linux and estimate we have collectively 60 years of run time and so far as I know the only successful attack was against my Daughters Yahoo online email address book which we caught right away and she had to change her password. That was a Yahoo problem and was a spam bot thst passed through emails that appeared to come from a friend.
I too was hit by the same "attack" and when I attempted to tell Yahoo they had a problem, they gave me a ration and implied I did everything from beating my dog (which I don't have) to going to Starbucks and passing out my password to the world. Joking aside, Yahoo would not admit they had been compromised and told me I had been careless with my password. At the time, I only had a desktop, no children at home and I was the only user.
... to [Yes (lots)] and [Yes (a few)] -- I mean, if the number of Linux viruses tripled, we'd get to what... 1 a year? I think there will be an increase, but not an alarming amount... Because of this fact, I did vote Yes, but I don't see this as "the end of the world."
It's human nature to "not fix what isn't broken" and I think a lot of the viruses for Linux that may be created in the future will not target the latest-n-greatest kernel, but concentrate on older vulnerabilities that people don't patch for. For this to be "cost effective" for the virus creators, there has to be a "critical mass" of Linux machines already (which *might* happen in the next few years) and then wait for these individuals to ignore the patch manager. It's also possible that the virus creators could target embedded machines (routers, wireless APs, etc.) that would not be patched on a regular basis -- there are a *lot* of those machines out there now.
And there are very secure closed-source operating systems out there - I don't believe there was ever a virus written for VMS, for example; and there were a *lot* of VAXen installed at one point in previous history... [[ Yes, I still have a couple in my basement... ]]
It's human nature to "not fix what isn't broken" and I think a lot of the viruses for Linux that may be created in the future will not target the latest-n-greatest kernel, but concentrate on older vulnerabilities that people don't patch for. For this to be "cost effective" for the virus creators, there has to be a "critical mass" of Linux machines already (which *might* happen in the next few years) and then wait for these individuals to ignore the patch manager. It's also possible that the virus creators could target embedded machines (routers, wireless APs, etc.) that would not be patched on a regular basis -- there are a *lot* of those machines out there now.
And there are very secure closed-source operating systems out there - I don't believe there was ever a virus written for VMS, for example; and there were a *lot* of VAXen installed at one point in previous history... [[ Yes, I still have a couple in my basement... ]]
Since there are, to date, NO viirii in the wild, the appearance of one would be an increase. The increase in numbers of Linux machines is less the issue than what is to be gained by the cracker. No profit, no attack. Given the general profile of Linux users, if a successful attack was crafted, they would detect and kill it quickly. Thus no profit. It is possible there may be a few crackers out there who would go to the time and trouble of writing malware for Linux just to prove it could be done, but I do not forsee any serious efforts.
"Given the general profile of Linux users"
That may be true now, but if Linux were to draw a large number of users away from Windows(and possibly Mac) that general profile would change. One of the reasons that the recent Mac virii ave had success, even with a similar security setup to Linux/BSD/Unix, is that many of the users infected were previously Windows users that switched to the "virus-free" Mac. Rmember when Mac users and ads were spouting the line "there are no viruses for Macs"? People bought into that, got Macs, assumed they were safe and wound up authorizing the malware when hackers started writing it.
Switching to a "more secure" platform had not helped them in the least because the basic behaviours which got them into trouble in the past had not been corrected. And having masses of people switch to Linux would net the same effect. It does not matter how secure a platform is if the user behaviour is not fixed. Once the platform becomes a large enough target hackers will start trying to break it in earnest.
That may be true now, but if Linux were to draw a large number of users away from Windows(and possibly Mac) that general profile would change. One of the reasons that the recent Mac virii ave had success, even with a similar security setup to Linux/BSD/Unix, is that many of the users infected were previously Windows users that switched to the "virus-free" Mac. Rmember when Mac users and ads were spouting the line "there are no viruses for Macs"? People bought into that, got Macs, assumed they were safe and wound up authorizing the malware when hackers started writing it.
Switching to a "more secure" platform had not helped them in the least because the basic behaviours which got them into trouble in the past had not been corrected. And having masses of people switch to Linux would net the same effect. It does not matter how secure a platform is if the user behaviour is not fixed. Once the platform becomes a large enough target hackers will start trying to break it in earnest.
I totally agree with you. The protection offered by the need to enter sudo to gain admin rights is no protection if the user keeps typing it every time it is requested (or the password via GUI) without understanding what's happening.
As I teach in my training to users: the IT department with their AV, UTM and firewalls won't do much for you if you keep inviting the bad guys in. Users are the guardians of their system, period. You need to learn to use a computer safely and keep updating your skills.
The problem with computers today is that most users and specially business users have their priorities for attention and learning on the job they are supposed to complete; many see the PC and all its issues as a burden they don't want to go through. They just wan to "use" the computer without getting a "master degree" in its use. This is the most common complain among my company's users: "I don't want to be a computer expert; I wan to do my job".
As I teach in my training to users: the IT department with their AV, UTM and firewalls won't do much for you if you keep inviting the bad guys in. Users are the guardians of their system, period. You need to learn to use a computer safely and keep updating your skills.
The problem with computers today is that most users and specially business users have their priorities for attention and learning on the job they are supposed to complete; many see the PC and all its issues as a burden they don't want to go through. They just wan to "use" the computer without getting a "master degree" in its use. This is the most common complain among my company's users: "I don't want to be a computer expert; I wan to do my job".
scammers and hackers love this over-confident mentality. it's what they all have wet-dreams about
I agree with the ROI camp. As the number of desktop, tablets etc grows it will become worthwhile to exploit. Just look at Android. Looks to be easily exploited through social engineering and poisoned apps. The distro will open Linux in general to attack.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
