|
Is linux secure from bad websites
hello robert here, I am curious to know, if I go to a bad website. Can linux protect my system in case the bad website tries to download something and execute it? I don't have any anti-virus/malware for linux to warn me.
|
Lets just say in all my years using linux. No website has been able to treat me like I am on Windows. I have never received a active infection in my root or home folder. Not any execution happens outside of my control.
YMMV from mine. |
Most nasty website thingees expect users to be running Windows. Consequently, most of the things they want you to download are executable under Windows, which means they will not run on Linux. So, yeah, you are much safer on Linux.
In fact, many experienced Linux users do not routinely use an anti-virus program, unless they have a compelling need to do so (for example, running a mail server that relays mail to Windows users). All experienced Linux users use a firewall. Here's a good intro to firewalls on Linux: http://www.howtogeek.com/177621/the-...inux-firewall/ Nevertheless, you are not necessarily impregnable on Linux. Linux has no mechanism for preventing you from clicking on something you shouldn't click on. Surfing sensibly is always your best defense. Oh, and welcome to LQ. |
Exclusively using Linux for over 14 years now. I go to all websites I want. I open all email attachments I want. Sometimes out of curiosity I run clamav on my home directory. A few times some Windows badware is found in browser cache. That's it. Couldn't care less.
|
Hello and welcome to LQ.
It is very hard to have some meaningful metric to reply to this. I'd say that Linux sites get hacked almost every day. Peoples servers running linux get taken over all the time. There may be some truth to the notion that windows is more common therefor it makes it an easier target for the average computer. There are some common sites that(maybe)should never be gone to. Linux won't warn you. Porn sites and file sharing sites are pretty well asking for it. Professional hackers and ones that want to gain access may not care what OS you run. Best practices are a number of steps that reduce one's exposure. The more you do and the better you do those steps the less likely your data will be affected. |
That's reassuring to know. I feel a little better now. :) Thanks all.
|
Quote:
I use linux mostly as a desktop. |
For some protection against visits to bad websites, try some firefox add-ons like noscript, ublock origin (ads can serve nasties), ghostery etc.
Really, there are loads you could try. I prefer to use https as much as possible, so also https-everywhere from eff.org. Nonetheless, doing the usual like avoiding dodgy sites, not opening dodgy emails etc also go a long way to being safe. |
Quote:
If some webpage wants to download me a 'ABCDdownloadAcceleratorHelper.exe' or whatever, Firefox warns me: "Do you really want to download it?". If i download it and click it, Windows warns me: "This package is not signed, do you really want to run it?". Yes, Windows. Windows can protect you from these, too. You don't have to have any scanners; these protect you only from yourself. Linux has the additional advantage of not being able to run the aforementioned 'ABCDdownloadAcceleratorHelper.exe' at all, unless you have wine installed (don't quote me on this, i'm not versed in using wine so i don't know if it runs or if you have to configure it somehow to run). Then there are specific program vulnerabilities, like the flash ones. If you have flash installed, you can be infected. Then it matters how the infliction proceeds: if the exploit is Windows-specific, you're safe on Linux. If it's not, you're not. But don't ask me about the details, i'm no security expert. I just gathered some knowledge in time. tl;dr Yes, you're much safer on Linux, but not because "Linux/Unix is inherently safer" (every time i hear this i have to laugh), but because nothing targets Linux. Observing the recent Mint security breach, things might have been changing. Windows NT security model is many times better than the Linux/Unix one, sadly no one really cares to use it. Probably everyone will tell you that "VMS was built like a tank", but reading about the most famous hacks, nost of these were actually done on VMS: because nobody cared to change the default passwords, account and such (guess which kernel has strong VMS roots :^) ). You can never say "i'm secure"; security is a everyday process: of you abiding by the security principles. The OS can help you, but the security really is just about you behaving. |
Code can be executed from a web page as in one example not too long ago. An advertiser on Popular Science was hacked. Their ad simply by being on the page would trigger a browser flaw and allow access.
If you do things in linux that are against best practices then you can expect that your data will not be secure. I like linux but am not sold on the fact it is more secure by default. There are way more crooks out there able to build towards windows I'd think. The question is more about what you want to secure? Do you want passwords to email safe? Do you want to do banking? Do you simply want to surf the web? In any and all answers, the more best practices you learn and use the more secure your data will be. There is no security on the web. |
Don't surf the web as the root user! If you do. STOP!
Use google chrome browser for flash based websites. It's version of flash is compatible with adobe flash and it's updated frequently. |
Judging by your concerns, entertain installing TOR Browser and using it when necissary. It is free, a bit slow but it works. It wont block all bad stuff but it will keep the goonies from knowing who you are.
|
Quote:
Well, for that to happen, the "bad website" would have to use a security exploit in either your browser or a browser plugin. You protect yourself by being diligent about downloading the security updates (for your browser and browser plugins, in particular) that every distribution provides. That, and not running anti-virus, is also the most important thing on Windows. If you're running web browser as a regular user (as you should be), then the worst case scenario is that you lose everything that that user account has write access to. Anything that your user account does not have write access to is safe. |
Quote:
"Most nasty website thingees expect users to be running Windows. Consequently, most of the things they want you to download are executable under Windows, which means they will not run on Linux. So, yeah, you are much safer on Linux." --frankbell "Professional hackers and ones that want to gain access may not care what OS you run." "Best practices are a number of steps that reduce one's exposure. The more you do and the better you do those steps the less likely your data will be affected." --jefro "Nonetheless, doing the usual like avoiding dodgy sites, not opening dodgy emails etc also go a long way to being safe." --chrism01 "If you do things in linux that are against best practices then you can expect that your data will not be secure. I like linux but am not sold on the fact it is more secure by default. There are way more crooks out there able to build towards windows I'd think. || The question is more about what you want to secure? Do you want passwords to email safe? Do you want to do banking? Do you simply want to surf the web? || In any and all answers, the more best practices you learn and use the more secure your data will be.|| There is no security on the web." --jefro "You're talking about malware delivered via infected ads and launched via remote code execution exploits in things like Flash and Java, right?" "Well, for that to happen, the "bad website" would have to use a security exploit in either your browser or a browser plugin. You protect yourself by being diligent about downloading the security updates (for your browser and browser plugins, in particular) that every distribution provides." --dugan Those are the answers I wanted to see to get posted for the benefit of the OP, for everyone, and me. Thank you. |
| All times are GMT -5. The time now is 10:47 PM. |