Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You should be able to ecape most trojans, since thay are mainly writen to run on Windows. But linux is only as secure as you make it, so never run as root unless you have to, use su or sudo instead, configure your firewall corectly, and don't use esay to guess passwords.
Distribution: Slackware 13; Ubuntu Raspberry Pi OS
Posts: 255
Rep:
Re: How secure is LINUX?
Quote:
Originally posted by heffo_j Hi all,
This is a general question from a newbie who is enjoying Mepis.
How safe is Linux to use for things like internet banking, and does it reduce the risk of things like phishing and trojans.
I understand that many of the virus writers exploit M$ flaws; but how safe is Linux?
Thanks
John
Well, let's see...
First off, phishing is purely aimed at the operator at the keyboard. It is the same regardless what operating system you are running.
Internet banking is done through SSL encryption that is set up at the host site (the bank). That, again, is independent of what OS you are using as the client.
Lastly, viruses and spyware. This is where Linux has a *HUGE* advantage over windows! Like you said, Microsoft is exploited usually through ActiveX, which is microsoft specific code. Also, if you are not browsing as root and you do get a virus, it will not have complete access to your system like windows. Of course the number of viruses (virii?) that will work in Linux is minimal.
The key thing about Internet is are that Firefox isn't Internet Explorer, so it doesn't support ActiveX plugins or the other common flaws. It can't protect you from being fooled by fake Websites of course.
A small number of flaws in Windows and Outlook Express make writing virii easy, which is why Linux has about 3 virii (research experiments - they can't spread) and Windows has many thousands.
But as has been said: it's only as secure as it's made to be--and there is no such thing as `secure enough' without having answered the question `for what?'.
For home banking, it would think that most GNU/Linux systems are quite secure.
One attack I can think of would be to somehow trick firefox into linking against the wrong SSL library (does it link dynamically?)--and that's fairly easy if someone get to set your LD_LIBRARY_PATH and write the library somewhere.
But then again, if one can do that, the system is already compromised
---
btw, I said that the number of viruses was much (much^n) larger. Well, 166% is a lot. Imagine if you got a raise of that size. Maybe I should also send around some `Is your d._.c.k. tOO sma1L?' spam, too; then people would realise how much 166% actually is.
--
Comparing Linux and Windows viruses is comparing apples and oranges. Most Windows viruses infect components in the default Windows install. So nearly all users running this version of Windows are vulnerable.
However, just glancing at the virus list that was posted, I notice that nearly all of those viruses are not exploiting the base of the Linux system but specific applications running under Linux, such as BIND and Apache. Most distributions do include Apache but do not install it by default. So even though there are a number of Linux viruses, as you pointed out, there are maybe one or two that would infect a user's default install on a popular distribution. On a distribution with a regular release cycle or security patch cyle these viruses would not be able to do any harm.
Essentially, for a home user of Linux, the threat of viruses is entirely negligable.
However, just glancing at the virus list that was posted, [...]
You mean you read *about* the viruses? :O
Anyways, it was merely meant as a <ha-ha only serious> joke--the number of GNU/Linux viruses is incredibly low, and whether it's 3 or 7 doesn't matter muh.
You analysis of the infection hosts is, along with the conclusion based on it, quite clever. I haven't studied the viruses myself, but I believe you to be right.
Quote:
Essentially, for a home user of Linux, the threat of viruses is entirely negligable.
Originally posted by gnukish There is no necessity to be so rude while replying.
I can also flame worser than that.
I meant to say hackers can implant backdoors.
If u think linux can't be backdoored please stop ur crap.
Kernel level keylogging and backdooring is possible.
I didn't say that I thought linux can't be backdoored...I'm under no illusion that linux is impregnable, but unquantified statements like yours serve no purpose than to alarm people. Online banking is generally no more a security risk than using your PIN in an ATM with someone standing behind you; if you're careful you'll be fine. Likewise online, if you're careful and take the right security precautions you'll be OK.
So in short you're saying "Dont do online banking for your own good: Hackers can implant back doors". That's like "Don't go outside, you might get mugged and the air quality isn't great!". Surely the benefits and convenience of online banking outweigh the (very small) risk.
Well, let's put it this way. My mom used to run WinXP Home. I had to run Weekly virus scans and also had to constantly clean spyware and other crap off of her computer.
I then installed CentOS (RHEL rebuild) (picked it cause of long maintenance period) and I rarely ever look at her computer. Actually, the only time I had to do anything was to upgrade her from 4.0 to 4.1 (which took about 5 minutes).
My brother ran Linux for a short time and again, no probs. He then switched to Windows for games, and now he constantly has security related problems.
But, that is not the whole story. I, myself, can run Windows without problems.
So even though Linux is more safe out of the box generally, your system is only as secure as you make it. So setting up a firewall (guarddog for KDE and Firestarted for Gnome...both iptables based...come to mind) is a good idea. Also, don't run as root. etc etc
I run Windows (2k) as "limited" user. I can click on anything.... I click on yes everywhere never had any problems. It seems that most Windows programmers always want to write files in c:\windows (dumbasses). Of course, the problem is that really simple apps like Winamp and games like GTA2 or the Tiger Woods whatever tour Golf course manager also feel the need to store their settings in c:\windows\system32 or whatever. And what I love the most is applications or games (most EA games do this) that say they can only be run as admin but actually would run fine if it wasn't for that message.
I run Linux (the Slack) 'cause Linux software developers seem to have brains....
edit. Right after I posted this my dad asked me about an online concert and I bumped into this: The concert will be broadcast/streamed live on the Internet.
You will need Windows operating system, Windows Media Player v7.1 or greater and a broadband connection ( > 300Kbps ) to be able to watch the concert.
I feel like shooting Bill in the eye with a shotgun.
Last edited by Haiyadragon; 06-19-2005 at 07:47 AM.
...Which applies to both the unixen (GNU, GNU/Linux, Mac OS X) and the ms-DoSes or windowses(sp?).
Then again, some systems are pretty safe out of the box, others are not. Repeat: `*make* it'. Some systems are harder to actually *make* secure than others (imagine if the kernel came with a built-in, easy-to-use exploit and you didn't have source--I know it doesn't happen, but it gets the point across).
Quote:
Linux software developers seem to have brains.
Yeah--most of us actually *have* brain. I fake it, but *most* others have a brain
Quote:
I feel like shooting Bill in the eye with a shotgun.
A technique I find quite useful to feel better about myself is to direct the anger towards those who produces the content(*) you can't (won't) view instead of those who produce the content viewers you can't (won't)) use.
The reason this is good (I think-IANA shrink-TINLA) is that it spreads out the anger, instead of directing it all against *one* entity.
For example: A friend of mine told me a `cute' story about how some republicans censored (yes, *CENSORED*(**), FCOL) a democrat--he saw it on C-SPAN, and directed me to the stream link. So I go look, and find out that C-SPAN offered the streams in both wmv and rm formats
Result: I get pissed off at C-SPAN. And, of course, at the republicans, but that's not the point.
If anybody cares to see it, it's at www.c-span.org; the title of the clip (as I'm told) is "Rep. Sensenbrenner (R-WI) Chairs House Hearing on Patriot Act Reauthorization (06/10/2005)".
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.