Hi all,

This is a general question from a newbie who is enjoying Mepis.

How safe is Linux to use for things like internet banking, and does it reduce the risk of things like phishing and trojans.

I understand that many of the virus writers exploit M$ flaws; but how safe is Linux?

Thanks
John

You should be able to ecape most trojans, since thay are mainly writen to run on Windows. But linux is only as secure as you make it, so never run as root unless you have to, use su or sudo instead, configure your firewall corectly, and don't use esay to guess passwords.

Well, let's see...

First off, phishing is purely aimed at the operator at the keyboard. It is the same regardless what operating system you are running.

Internet banking is done through SSL encryption that is set up at the host site (the bank). That, again, is independent of what OS you are using as the client.

Lastly, viruses and spyware. This is where Linux has a *HUGE* advantage over windows! Like you said, Microsoft is exploited usually through ActiveX, which is microsoft specific code. Also, if you are not browsing as root and you do get a virus, it will not have complete access to your system like windows. Of course the number of viruses (virii?) that will work in Linux is minimal.

Hope that helps!

The key thing about Internet is are that Firefox isn't Internet Explorer, so it doesn't support ActiveX plugins or the other common flaws. It can't protect you from being fooled by fake Websites of course.

A small number of flaws in Windows and Outlook Express make writing virii easy, which is why Linux has about 3 virii (research experiments - they can't spread) and Windows has many thousands.

No. No, no, no. That number is much bigger. See the full list on:
http://www.viruslibrary.com/virusinfo/Linux.htm

But as has been said: it's only as secure as it's made to be--and there is no such thing as `secure enough' without having answered the question `for what?'.

For home banking, it would think that most GNU/Linux systems are quite secure.

One attack I can think of would be to somehow trick firefox into linking against the wrong SSL library (does it link dynamically?)--and that's fairly easy if someone get to set your LD_LIBRARY_PATH and write the library somewhere.

But then again, if one can do that, the system is already compromised

---
btw, I said that the number of viruses was much (much^n) larger. Well, 166% is a lot. Imagine if you got a raise of that size. Maybe I should also send around some `Is your d._.c.k. tOO sma1L?' spam, too; then people would realise how much 166% actually is.
--

--Jonas

You were right first time - the plural of virus is viruses, not virii.

http://dictionary.reference.com/help...e/v/virus.html

One statement : Dont do online banking for your own good.
Its way too dangerous , and linux is not heaven. Its just closer to heaven

1. Quantify that statement
2. Don't be so bloody alarmist!!

Comparing Linux and Windows viruses is comparing apples and oranges. Most Windows viruses infect components in the default Windows install. So nearly all users running this version of Windows are vulnerable.

However, just glancing at the virus list that was posted, I notice that nearly all of those viruses are not exploiting the base of the Linux system but specific applications running under Linux, such as BIND and Apache. Most distributions do include Apache but do not install it by default. So even though there are a number of Linux viruses, as you pointed out, there are maybe one or two that would infect a user's default install on a popular distribution. On a distribution with a regular release cycle or security patch cyle these viruses would not be able to do any harm.

Essentially, for a home user of Linux, the threat of viruses is entirely negligable.

You mean you read *about* the viruses? :O

Anyways, it was merely meant as a <ha-ha only serious> joke--the number of GNU/Linux viruses is incredibly low, and whether it's 3 or 7 doesn't matter muh.

You analysis of the infection hosts is, along with the conclusion based on it, quite clever. I haven't studied the viruses myself, but I believe you to be right.

(r)Amen

There is no necessity to be so rude while replying.
I can also flame worser than that.

I meant to say hackers can implant backdoors.
If u think linux can't be backdoored please stop ur crap.

Kernel level keylogging and backdooring is possible.

I didn't say that I thought linux can't be backdoored...I'm under no illusion that linux is impregnable, but unquantified statements like yours serve no purpose than to alarm people. Online banking is generally no more a security risk than using your PIN in an ATM with someone standing behind you; if you're careful you'll be fine. Likewise online, if you're careful and take the right security precautions you'll be OK.

So in short you're saying "Dont do online banking for your own good: Hackers can implant back doors". That's like "Don't go outside, you might get mugged and the air quality isn't great!". Surely the benefits and convenience of online banking outweigh the (very small) risk.

Well, let's put it this way. My mom used to run WinXP Home. I had to run Weekly virus scans and also had to constantly clean spyware and other crap off of her computer.

I then installed CentOS (RHEL rebuild) (picked it cause of long maintenance period) and I rarely ever look at her computer. Actually, the only time I had to do anything was to upgrade her from 4.0 to 4.1 (which took about 5 minutes).

My brother ran Linux for a short time and again, no probs. He then switched to Windows for games, and now he constantly has security related problems.

But, that is not the whole story. I, myself, can run Windows without problems.

So even though Linux is more safe out of the box generally, your system is only as secure as you make it. So setting up a firewall (guarddog for KDE and Firestarted for Gnome...both iptables based...come to mind) is a good idea. Also, don't run as root. etc etc

I run Windows (2k) as "limited" user. I can click on anything.... I click on yes everywhere never had any problems. It seems that most Windows programmers always want to write files in c:\windows (dumbasses). Of course, the problem is that really simple apps like Winamp and games like GTA2 or the Tiger Woods whatever tour Golf course manager also feel the need to store their settings in c:\windows\system32 or whatever. And what I love the most is applications or games (most EA games do this) that say they can only be run as admin but actually would run fine if it wasn't for that message.

I run Linux (the Slack) 'cause Linux software developers seem to have brains....

edit. Right after I posted this my dad asked me about an online concert and I bumped into this:
The concert will be broadcast/streamed live on the Internet.

You will need Windows operating system, Windows Media Player v7.1 or greater and a broadband connection ( > 300Kbps ) to be able to watch the concert.

I feel like shooting Bill in the eye with a shotgun.

I feel this is worth repeating:
...Which applies to both the unixen (GNU, GNU/Linux, Mac OS X) and the ms-DoSes or windowses(sp?).

Then again, some systems are pretty safe out of the box, others are not. Repeat: `*make* it'. Some systems are harder to actually *make* secure than others (imagine if the kernel came with a built-in, easy-to-use exploit and you didn't have source--I know it doesn't happen, but it gets the point across).

Yeah--most of us actually *have* brain. I fake it, but *most* others have a brain

A technique I find quite useful to feel better about myself is to direct the anger towards those who produces the content(*) you can't (won't) view instead of those who produce the content viewers you can't (won't)) use.

The reason this is good (I think-IANA shrink-TINLA) is that it spreads out the anger, instead of directing it all against *one* entity.

For example: A friend of mine told me a `cute' story about how some republicans censored (yes, *CENSORED*(**), FCOL) a democrat--he saw it on C-SPAN, and directed me to the stream link. So I go look, and find out that C-SPAN offered the streams in both wmv and rm formats
Result: I get pissed off at C-SPAN. And, of course, at the republicans, but that's not the point.

If anybody cares to see it, it's at www.c-span.org; the title of the clip (as I'm told) is "Rep. Sensenbrenner (R-WI) Chairs House Hearing on Patriot Act Reauthorization (06/10/2005)".

(*) I couldn't come up with a better generic word; see http://www.gnu.org/philosophy/words-...d.html#Content

(**) "Mom--can I have a refugee stay in my room? Democracy is collapsing where he's from" // "Sure--where's he from?" // "Texas."

---

... Of course, if you *want* to be mad at M$, by all means focus your wrath. We need the wrath --but it may be bad for your health. IANAL, TINLA.

---

If this post has gotten *too* OT (it is *at least* somewhat OT I admit), I apologize. Slap me around a bit with a large trout

--Jonas