Hello all,
I have been told that Linux PCs do not get viruses.
Is this true and why is it true in laymans terms?
I am glad because my old windows was always getting slowed down and needed anti virus software but why does Linux not get infected and should I install anti virus software just in case?
Thanks

No, this is not true -- a Linux system can be infected by viruses. See Linux Malware.

On the other hand, it would be true to say that the number of viruses that infect Windows computers is astronomically higher than the number of Linux viruses. And on top of that, the viruses that do manage to infect Linux will be much less widespread than Windows viruses -- there has never been a single instance of a widespread Linux virus akin to your bi-monthly Windows worm that infects a few hundred-thousand/million computers.

This is due to Linux's vastly superior security architecture, and to the fact that people can actually find and fix security vulnerabilities in Linux without having to reverse engineer binaries.

So, while it's not true to say that Linux cannot be infected with viruses, it is true to say that Linux is far less likely to be infected, and if it is, then the damage will be much less significant.

Linux CAN get a virus, but hackers spend their time exploiting Windows machines as that is the mainstream OS. Also linux users tend to be smarter about the security of their machines..

I've seen a number of posts indicating that people, newbies mostly, are wanting to run as root for their normal stuff, instead of having a regular/restricted user. Be aware that if you run as root, you will be among the first to be affected by any malware that comes along.

1 members found this post helpful.

That's the line that Microsoft and other proprietary software vendors like to take to resolve themselves of any responsibility for designing insecure/buggy software.

Of course the prevalence of Windows plays a role in why it is more commonly targeted.

But in reality, what is more significant is the fact that Microsoft designs their operating system poorly, writes buggy code in an attempt to implement their poor design, and then doesn't enable to anyone review the source code for vulnerabilities.

A nice recipe for disaster.

Ive actually never heard microsoft use that as an excuse for the predominance of malware in windows.

Rather, its just common sense that the operating system running 99% of the worlds computers is going to be a more enticing target. Its deceitful in most cases for other operating systems to claim better malware protection when people are simply not writing malware to bother a few hundred/thousand people when they could be targeting tens of millions...

... duh.

It should also be noted that MS Windows was originally designed with NO intention of being connected to the internet, thus internet security was never a thought until far into Win development.. Win was thought up with the idea that it would be a DESKTOP system, period.

Whereas *nix was created/designed specifically in networking environments, and with a mind towards keeping things secure in those networked environments.

The Win-OS is inherently flawed in this area, and since every subsequent release of Win is just a whack of modifications (for better or worse) on the previous release, I can't see how this scenario is going to change..


Sasha

Firstly it is better you not to be overconfident. Although Linux is by far less succeptible to cyber attacks, it is not totally imune. A good firewall setting using iptables is generally enough to navegate safely.
Windows is so inseccure because:
1. With default settings it Windows "automatically" executes any crap ending with .exe or .pif and even hides the termination for the user. Apparently Microsoft made it deliberately easy for trojans to be accidentaly executed. On the other hand, if you use Linux to download a Linux executable from the Internet, it comes with execution permission off. You have to explicitly chmod it in order to make it really executable.
2. To preserve some compatibility with legacy Win16 and DOS applications, Windows security policies are very slack, being easily overcome by malware. This evolution from MSDOS, a very limited 8/16bit sigle tasking small memory system to a heavy windowing environment that tries to hide its shortcommings from the end user that has made Windows so fragile and unreliable.
Linux is based on a unix/posix model which was designed from the begining to be a multiuser multitasking environment.
3. Most (almost all) viruses are made for Windows.
4. Almost all Windows applications are distributed without source code. Quite a few have undocumented features that spy on your data, make unsolicited internet connections and mess your settings. Even (or especially) the ativiruses are not to be trusted. On Linux (almost) all the software is distributed with open source code, so that generally there are no hidden features.

Don't forget the register in windows.. the central database!
It's a big security issue, and malware/virus devs LOVE it.

Besides, for windows home use, the first account that is being created (and thus used for daily operations) is an adminstrator account, with a different username. So everything you execute as that user, is has total access to the system.
And can on itself destruct the whole OS if it's made to do so. In Linux, this ain't the case. Since each user is quarantined environment. Only ROOT has complete system access.

Another factor why Linux.. is not so much vunerable to malware/viruses, is because there are so many different versions of it. (read: distro's) Each with it's own selection of apps, and setups. (incl. different version numbers of apps, and patches (custom or not).) It's barely impossible to write a virus for Linux that works for ALL distro's (and release versions incl.).

You could say, Linux has no real viruses/malware. In the sence as described above.
There are some proof of concept viruses written, but they where only successfull on a certain version of a certain distro, under certain conditions.


As with every OS (and version therof), exploits/bugs do exist (and will eventually be abused, if not patched). Also misconfigurations can be exploited/abused. E.g. wrong service configuration for e.g. SSH or PHP etc.. But that is not the same as a virus or malware app.

Grapefruitgirl hit the nail on the head. windows isn't made for networking and linux is. Theres no DLL's linux either, which stops viruses and BSOD a whole lot. As said already you could conceiveably get a virus or malware in *nix but it is highly unlikely.

Security needs to be run a bit tighter, there was a time red hat was so exploitable its nickname was "root hat" in reference to the ease of gaining root access.

These are all great points and absolutely correct.

However, you should still have anti-virus on your linux system.

Especially if you do networking and share files with Windoze boxes. Just because a virus will not affect your system doesn't mean you can't pass a virus along to another user. Protect yourself and others.

There are a lot of good posts, above, but the key one that separates Windows vulnerability from Linux was stated by teebones:

If Microsoft had changed just this one thing they would have put quite a dent in the malware universe. I wonder why they don't? Or have they fiinally caught on to this in their latest release?

thanks for all the answers.
I am most concerned with spyware because of my bank account paypal and stuff I use. I am concerned that perhaps linux pcs get spyware and I just wouldn't know about it. With windows you know because there is so much free spyware and anti virus software installed but how would I know if someone is tracking all my files on linux?
I am with aol and my old windows pc came with aol anti spyware and norton anti virus but now I have none of that on my pc.
I am just concerned about people been able to see my files etc on linux.
No built in anti virus or spyware like windows.

First the disclaimer: I am not a security expert. For one of those, you need to go to the Linux Security forum. Really smart guys there.

From my point of view, if your machine doesn't have a net "presence", IOW if it's behind a firewall and you're not running a webserver, then the chances of getting malware are really reduced in Linux. If you are running a webserver or have any ports open to the internet, then you are certainly in the high risk group. If you routinely login as the "root" user, then you are really in the high risk group. If you are using wireless, then at the very least you are more vulnerable than someone who is not; especially if you aren't running WPA.

The two "standard" malware hunters on Linux are "rkhunter" and "chkrootkit". I run both of them about once a month on my machine. I've never found anything, but there could always be a first time - for instance if my provider's firewall were to be compromised.

[added]
You should be able to install rkhunter and chkrootkit from your repository, depending on which repo you are using. If you are really paranoid, get a known good liveCD that has them already installed, and boot from that to check your system. It's up to you to know how vulnerable your installation is to malware.
[/added]

But, seriously, go over to the Security forum and look around at the stickys etc.

Re WPA; make sure its v2, security researchers in Japan prove a crack in about a minute for v1
http://tech.yahoo.com/news/pcworld/2...ptioninaminute