LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 09-06-2012, 05:36 AM   #1
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,040
Blog Entries: 1

Rep: Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366
"Why Linux Will Never Suffer From Viruses Like Windows"


Hi,

Why Linux Will Never Suffer From Viruses Like Windows;
Quote:
There seems to be a recurring phenomenon in the technology press, where any trojan that affects Linux or Macs becomes front page news. On the other hand, trojans that affect Windows are mostly ignored, perhaps because this is considered to be the normal state of affairs.
There are two common statements made in the discussions of these rare events:
  • No operating system will ever be secure from Trojans.
  • Linux/Mac only have fewer viruses because no one uses them.
Maybe Microsoft should use the 'Gnu/Linux' open source methodology to put more eyeballs on the problem. Naw, that would be a pipe dream that would never happen.

Other useful links in Links for Helpful Linux articles & books

Last edited by onebuck; 05-26-2013 at 10:12 AM. Reason: add link
 
Old 09-06-2012, 07:41 AM   #2
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,256

Rep: Reputation: 1076Reputation: 1076Reputation: 1076Reputation: 1076Reputation: 1076Reputation: 1076Reputation: 1076Reputation: 1076
Important lesson about "Internet articles" ... anyone can write them, but very often they're not worth reading. This is one. (Not yours, Gary ...)

The vulnerabilities of Microsoft's system, in home editions, is Microsoft's own inexplicable business choice. It is a very conscious decision to, having equipped their system with an excellent role-based security model that permeates the entire system, to turn it all off and to tell mom-n-pop users nothing about how to turn it on. They actually omit fundamental system administration tools from those editions, and you can't tell me it was done to save disk-space ...

Last edited by sundialsvcs; 09-06-2012 at 07:43 AM.
 
Old 09-06-2012, 09:03 AM   #3
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,040
Blog Entries: 1

Original Poster
Rep: Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366
Member Response

Hi,

I do agree that Microsoft has limited the user. My point was the more people that look at the problem the sooner the issue can be resolved. Not by a singular minded team with stringent rules or guidelines then add in 'egos'.
 
Old 09-06-2012, 09:11 AM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
I agree with the article. However, I think that some distros will suffer from viruses just like Window$. Look at Android, it has tons of malware. I think some of the mainstream distros like *buntu will also suffer.

I think that there is some correlation between system adoption and number of viruses, but it is not always linear. It also depends on proprietary vs FLOSS and on security practices.
 
Old 09-06-2012, 01:07 PM   #5
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, Slackware-14.1, PCBSD-10.0
Posts: 2,851
Blog Entries: 15

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
Here's my take on the issue:

"The nail that sticks it's head up is sure to be hammered down first."

Linux, UNIX, and Mac HAVE all, in the past, been claimed to be invulnerable to malware. This has been completely disproved as the malware now infecting Mac OSX machines is now some of the most destructive and dangerous malware around.

Linux has only one invulnerability. No two systems are exactly alike on any level. Which is the only saving grace Linux has.

BSD, Mac, and Solaris systems are all alike because they have few to no clones. If malware does infect these systems the malware can be devastating.

Windows, now, is NOT a primary target for malware anymore. It's just too difficult now to even effectively target a Windows machine due to all the saturation anti-virus and anti-malware software has made.

Windows has at least a good dozen or more "FREE" anti-virus and anti-malware tools available anyone can use:

Avast Home Edition
Microsoft Security Essentials
Comodo Internet Security
Avira Antivirus
Spybot Search and Destroy
Clam Antivirus
MalwareBytes (free scanner only)
SUPERAntiSpyware (free scanner only)
SOPHOS Anti-Rootkit
Microsoft RootKit Revealer
Microsoft Windows Defender (former Giant Anti-Malware)
BitDefender Rescue Disk

Realistically it's hit or miss with Windows and since Security Essentials has been available for free from Microsoft Update, anyone can get free protection that isn't intrusive or system resource heavy, and if you need tools, plenty extras exist. I'd dare say a malware author would have only nowadays a 10% success rate at targeting Windows, but with Mac OSX, BSD, and Solaris systems he might have a 50% chance.

BSD, Mac, and Solaris have tools to prevent this but none are really on-access scanners. Everything is just a passive Scanner. With things like drive-by downloads, active content media attacks (using JavaScript, Flash, and other embedded formats), as well as complex things like source CVS and SVN attacks to insert malware into the code are on the rise because attackers know these systems are vulnerable and can be hit with the right attack.

The only as I said that saves Linux is, no two systems are exactly alike across the distributions. If you attack Ubuntu you'll only hit Ubuntu, if you attack Red Hat, you'll only hit Red Hat.
 
Old 09-07-2012, 01:57 PM   #6
geox
Member
 
Registered: Jan 2012
Posts: 40

Rep: Reputation: 2
Windows should just stop making every user an administrator.
That would stop a LOT of these problems.

They tried to get rid of the habit of making everyone an administrator but they completely ruined it by implementing the UAC in such a way, everyone now hates it so much they will never ever get a chance to even implement anything even remotely like it.

As for Linux and Mac I totally agree with the previous poster.
But i also believe that when Mac usage is high enough and many virusen come out for it, the antivirus writers will step in and create tools to battle them.
 
Old 09-07-2012, 05:00 PM   #7
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, Slackware-14.1, PCBSD-10.0
Posts: 2,851
Blog Entries: 15

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
Windows by default recommends, through Baseline Security documentation, only 2 administrator accounts, the root and primary should exist on a single computer, with the root account disabled and password protected. Any subsequent users added should be added to the Users group with, if needed, Power User level status, otherwise, normal user settings per account.

UAC doesn't prevent everything from running, all it does is ask if you want to run a program with enhanced permissions, and if you're on a network prompts a user for administrator credentials before proceeding. It's perfectly useless.

You're thinking about Data Execution Prevention (DEP). By default DEP on most systems is set only for system critical programs only, but it can be set to system-wide all programs for better protection of the system.
 
Old 09-08-2012, 04:49 AM   #8
John VV
Guru
 
Registered: Aug 2005
Posts: 12,663

Rep: Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682
Quote:
Why Linux Will Never Suffer From Viruses Like Windows
that should be
Why Linux Desktop Will Never Suffer From Viruses Like Windows

Quote:
Look at Android, it has tons of malware.
and that is NOT googles fault
it is the OEM
and the BIGGEST problem is PEBKAC or in this case between the finger and eyes

even on RHEL6.3 if root installs the malware and then allows SE to run it .... or dose this " setenforce=0"
it will RUN

unfortunately the failed vista and now win7 have taught "the average windows user" to NOT even read that unintelligible warning
( raise your hand here if YOU ,without google, can decipher the windows warnings )
to just click "yes" to EVERYTHING


this might be some good reading
http://www.itworld.com/it-management...-linux-desktop


the linux server ??? is being exploited
mainly the unsupported versions that people are running
a fedora 5 SERVER today ???
or
a RHEL3 server or the old RH9's that are not inside a local net
 
Old 09-08-2012, 06:53 AM   #9
geox
Member
 
Registered: Jan 2012
Posts: 40

Rep: Reputation: 2
Quote:
Windows by default recommends, through Baseline Security documentation, only 2 administrator accounts, the root and primary should exist on a single computer, with the root account disabled and password protected. Any subsequent users added should be added to the Users group with, if needed, Power User level status, otherwise, normal user settings per account.
Yes, if you are a systems administrator that makes perfect sense. But the problem is all user installs and OEM preinstalls for regular users do not enforce that strategy. 99% of private windows PC's is set so the main user is also the administrator. And for user convenience that is best too. Just not for security.

Quote:
UAC doesn't prevent everything from running, all it does is ask if you want to run a program with enhanced permissions, and if you're on a network prompts a user for administrator credentials before proceeding. It's perfectly useless.
No, its not. My customers are perfectly aware that if they have to type the administrator password they should be cautious. And it works. their PC's remain largely troublefree.
If you think UAC is useless, then so is sudo. But after i discoverd how powerfull it really is, i could not live without it.

Quote:
You're thinking about Data Execution Prevention (DEP). By default DEP on most systems is set only for system critical programs only, but it can be set to system-wide all programs for better protection of the system.
No I am not. I know what it is and how it works. But I dont think that will be solution for virus free environments.
 
Old 09-08-2012, 03:50 PM   #10
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, Slackware-14.1, PCBSD-10.0
Posts: 2,851
Blog Entries: 15

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
Actually UAC and Sudo are fairly much useless on a single user system like a Home PC. UAC and Sudo work well in Networked environments where users often don't need access to certain tools of the OS. In this aspect UAC works perfectly as a permission enforcement agent, but for a home PC user it's more or less a nuisance.

The most logical anti-virus and anti-malware sadly is something many people either lack or choose not to use...

Common Sense

If you visit only legit websites, don't download illegal software, don't use software pirating tools, etc. more than likely you only run a 5% chance of ever getting any significant infection.

At best, I've always recommended these tools for people...

Comodo Internet Security (with all settings for heuristics and detection set at highest levels)
Spybot Search and Destroy (with immunization)
DEP enabled for all programs
iTunes, AmazomMP3, and 7Digital.com for legal and inexpensive multimedia downloads.
UAC set to minimal level but not disabled
Use FireFox as a web browser, not IE to avoid ActiveX.

It's not much but it works almost all the time when people stick to common sense.
 
Old 09-08-2012, 04:24 PM   #11
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,077

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Quote:
Originally Posted by ReaperX7 View Post
Actually UAC and Sudo are fairly much useless on a single user system like a Home PC. UAC and Sudo work well in Networked environments where users often don't need access to certain tools of the OS. In this aspect UAC works perfectly as a permission enforcement agent, but for a home PC user it's more or less a nuisance.
i beg to differ, UAC and sudo do have their places on Home PCs, first of all, not all Home pcs are single user systems (sometimes family members have their own accounts (they should at least)
second, the whole idea behind the limited user/UAC or Sudo isn't only to prevent user accidental user damage to system, but also to prevent viruses/malware from running with administrator privileges.

Quote:
Originally Posted by ReaperX7 View Post
The most logical anti-virus and anti-malware sadly is something many people either lack or choose not to use...

Common Sense
agree 100%

Quote:
Originally Posted by ReaperX7 View Post
If you visit only legit websites, don't download illegal software, don't use software pirating tools, etc. more than likely you only run a 5% chance of ever getting any significant infection.
not entirely true, i think the chances are significantly higher than 5% as even legitimate websites can become infected
 
Old 09-08-2012, 04:47 PM   #12
John VV
Guru
 
Registered: Aug 2005
Posts: 12,663

Rep: Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682Reputation: 1682
with only one user sudo is a "BLEEP"
the first thing on suse12.1 was use a REAL root password AND make a root home folder
get ride of as much "sudo" junk and use "su" and "su -"

NOW if there were kids ( well she is now a collage Grad but when YOUNG ...) su and su - are fine till the near teens
THEN you will need "sudo " for limited use

the PC party line
Quote:
iTunes, AmazomMP3, and 7Digital.com for legal and inexpensive multimedia downloads.
the non P.C. party line or TPB line AAARRRRRRR
http://www.youtube.com/watch?v=IBH4g_ua5es
or
http://www.youtube.com/watch?v=MalBJ...endscreen&NR=1

but as ALWAYS

use the TOOL that is BEST FOR YOU!!!!!!!!


Quote:
Use FireFox as a web browser, not IE to avoid ActiveX.
well windows now NEEDS that hole you can sail the USS Nimitz through called
Active X just to install updates



but the answer to all this IS to make the company's that sell the CRAP buggy code legally RESPONSIBLE for the program
look at the PLC that have root passwords HARD-CODED in as "12345"
or a backdoor( factory testing) that uses the mac address AS the password
the "foreverday holes "
 
Old 09-08-2012, 05:02 PM   #13
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,077

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
hehe, i remember working at mcdonald's, and i was reading the manual for warming slot computers (thermostat/timer/display) and the 'administrator' password was 1234, hehe. talk about silly, oh well, it wasn't common knowledge on how to even put the thing into 'program' mode, but still, not exactly secure.
 
Old 09-10-2012, 04:26 AM   #14
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Quote:
Originally Posted by frieza View Post
hehe, i remember working at mcdonald's, and i was reading the manual for warming slot computers (thermostat/timer/display) and the 'administrator' password was 1234, hehe. talk about silly, oh well, it wasn't common knowledge on how to even put the thing into 'program' mode, but still, not exactly secure.
I always try 1234... whenever there is a need for a password. Technically, I first try 0000, then 1234, 4321, then single repeats 1111 2222, then I slam on the number pad a few times at random.
 
Old 09-10-2012, 06:31 AM   #15
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,040
Blog Entries: 1

Original Poster
Rep: Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366Reputation: 1366
Member Response

Hi,

Or 'password'.
Remember or guessing is a certainty. Surprised by how many people that never change it.

Don't forget 'toor'.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"MTRR allocation failed. Graphics performance may suffer." warning on Intel graphic parcox Slackware 1 06-21-2011 02:04 PM
Tip: Why Linux security avoids "viruses" sundialsvcs Linux - Newbie 16 06-06-2007 11:17 PM
Does Tux suffer from "metabolic syndrome"? kaz2100 General 23 03-24-2007 08:53 PM


All times are GMT -5. The time now is 07:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration