LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-13-2009, 12:00 PM   #1
reavean
LQ Newbie
 
Registered: Feb 2009
Posts: 4

Rep: Reputation: 0
Smile Why linux is more secure?


Hello friends,

I am a newbie here and I have interests in operatin systems and its concepts.I jus want to know why linux is more secure and why people say virus cannot make damages linux. Thank you in advance.
 
Old 03-13-2009, 12:36 PM   #2
johnsfine
LQ Guru
 
Registered: Dec 2007
Distribution: Centos
Posts: 5,286

Rep: Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190
Quote:
Originally Posted by reavean View Post
I jus want to know why linux is more secure
The true real world reason is primarily the same effect as biodiversity for disease resistance in biology:

There are a lot more Windows systems than Linux systems and the security holes tend to be more similar between two Windows systems than between two Linux systems.

So creating a virus for Linux is more effort for less impact than creating one for Windows, so more virus writers focus on Windows.

For the few Linux viruses that are written, there is a lower population of susceptible hosts, so they spread slower.

Multiply fewer original viruses by slower spread and you get far fewer infections.

Quote:
why people say virus cannot make damages linux.
That isn't really true.

A Linux system or a Windows system can be set up to be much more secure than the typical install by a home user. Linux has some fundamental (as opposed to biodiversity) reasons it may be more secure, so it may be easier for a non expert to make a Linux system relatively secure and easier for an expert to make a Linux system absolutely secure than would be possible in Windows. I don't have the expertise to say much more about that.

But the typical home user doesn't do any of that. So a virus targeting exactly the security mistakes you make on your Linux system could easily trash your Linux system. You are protected by the fact that it isn't worth someone's effort to write that virus. (And if someone did, it still would have very little chance of finding your computer).

Also, the many Linux systems operated by people who are expert and careful about security provide even further protection for those of us who aren't as careful, because they make it even harder for Linux viruses to spread.

Last edited by johnsfine; 03-13-2009 at 12:39 PM.
 
Old 03-13-2009, 12:55 PM   #3
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,227

Rep: Reputation: 402Reputation: 402Reputation: 402Reputation: 402Reputation: 402
2 other things, first of all, any program run by a user is granted the same priveleges as the user running it, in windows, the user is all but encouraged to run everyday tasks such as web browsing/im chatting using an account with an account that has admin priveleges, therefore even a small bug in the routine that draws the mouse cursor in windows can potentially be exploited to gain full access to your machine, whereas in linux it is designed from the ground up to have one and ONLY one user with full admin priveleges, thus unless a user has 'sudo' priveleges all their processes run with limited permissions and even then they have to explicitly tell linux to run something as root using sudo
therefore in windows a virus gets in, it can infect the whole OS, whereas in linux, unless you run as root on a regular basis, if a virus gets in it only has priveleges to infect that user's files but can't touch the core OS

second, windows makes things easier by 'dummying them down' by allowing executables to be downloaded and run without asking your permission, thus making it possible for virus/spyware writers to attack your system and install their malware without you even knowing it because of all the flashy 'user friendliness' of windows making for an attack vector

Last edited by frieza; 03-13-2009 at 12:57 PM.
 
Old 03-13-2009, 01:02 PM   #4
malekmustaq
Senior Member
 
Registered: Dec 2008
Location: root
Distribution: Slackware & BSD
Posts: 1,665

Rep: Reputation: 487Reputation: 487Reputation: 487Reputation: 487Reputation: 487
reavean:

Any system that can be hacked can be infiltrated with virus. Linux is not an exception. "If it bleeds, we can kill it." says Schwarzeneger in Predator. That's a good lesson that humbles us.

Only that, because of sound engineering and implementation Linux has developed a very strong immune system to resist common viruses that plagued other operating systems.

Granted that virus has entered a GNU/Linux file system, what would it do there? It has no right to execute whatever demonic or malicious intention it has: its like a robber with a dagger but lost his both arms, or a sniper without an ammo?

Another reason is that, in GNU/Linux community nothing can much entice "commercialists and profit hungry people" as to encourage them write viruses or hire clever heads for that in order to earn money, if they sell antivirus software after creating one their competitors (this community) will give you "free!" so they don't invest that naughty craft in this side of the world. As you know viruses are not wrought from dullards, they are created by real heads and to hire one for that is expensive.

The technical side has more explanations to your question. Just wait for the senior members, when they're awake they tell you more.

Goodluck. I hope this answers.
 
Old 03-13-2009, 01:46 PM   #5
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,074

Rep: Reputation: 387Reputation: 387Reputation: 387Reputation: 387
Quote:
and why people say virus cannot make damages linux. Thank you in advance.
It's false. They would have a harder time though.

Quote:
Originally Posted by reavean View Post
Hello friends,

I am a newbie here and I have interests in operatin systems and its concepts.I jus want to know why linux is more secure
There are thousands of reasons, I'd highlight these:
  • obscurity, there are lots of linux distros that works differently, different architectures, different kernel versions that will render any rootkit for another version useless.
  • separation of privileges out of the box, in windows you are always root, so any buggy activex script in a harmful website has FULL ACCESS to every single byte on your system, this can be alleviated if the user has the knowledge to do that, which is not the case 99.99999% of the times. In linux, at most, any malicious code that runs under your user account can only damage those files that are writable by you.
  • the windows firewall can't compare in flexibility and power to iptables, not at all
  • vulnerabilities are reviewed by thousands, instead of a couple of ms technicians, and they are fixed quick, you can even fix them yourself, which is impossible in a closed source system
  • linux is much more strict in what a program can and can't do than windows, a buggy program should never be able to crash your whole system unless the problem resides in the kernel or a driver module

At the end of the day, a system is as secure as knowledgeable its administrator is. So, while linux becomes more famous and more non-techie users come to linux more linux based malware will eventually arise.
 
Old 03-13-2009, 01:57 PM   #6
johnsfine
LQ Guru
 
Registered: Dec 2007
Distribution: Centos
Posts: 5,286

Rep: Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190Reputation: 1190
I want to expand on one detail of something others have said.

Quote:
Originally Posted by frieza View Post
in windows, the user is all but encouraged to run everyday tasks such as web browsing/im chatting using an account with an account that has admin priveleges,
Quote:
Originally Posted by i92guboj View Post
in windows you are always root
In Linux, if an ordinary application only works for root, that application is considered broken. Distributions won't include it and most people won't figure out how to use it. People understand the need for sudo for operations that have an obvious need for it, but won't accept the need for sudo when it is there just because the programmer was sloppy.

In Windows, if an ordinary application only works for members of the "administrators" group (equivalent to Linux root), that is pretty common and anyone who wants to use that application will make their primary login a member of the computer's administrators group.

Last edited by johnsfine; 03-13-2009 at 02:00 PM.
 
Old 03-13-2009, 08:18 PM   #7
rysiekmus2
Member
 
Registered: Mar 2007
Location: Manchester UK
Distribution: Sabayon
Posts: 30

Rep: Reputation: 17
Hi,

I will try not to repeat what others already said. I would say:
Everything is in the concept.

Windows has been desinged to be easy, so that a person without any computer knowledge would be able to do everything. So if you receive an email from a friend and it has a progam attached and it's an .exe file, all you do is click and... the program runs.
That's because the Windows concept allows that kind of action. And now Microsoft is trying to fix this concept by asking the user "Are you really so stupid to run this program that can damage your computer?"
Look at what this has lead us to, Try and click on something in a mail client and run something? If you get 50 emails with pictures you have to click on a button with each email to allow the images to be displayed in order to read those 50 emails. Ridiculous!
If it wasn't for the Windows system, we wouldn't probably have this today.

On Linux the concept is different. When you install the system you then are asked to create user accounts. So only then you can login and work with the system. On Windows you also can work as a regular user, but no one bothers to play with creating user accounts after the installation. Remeber, things must be easy?
If you can browse the internet as the Admin, why not?

On Linux in order to execute/run that progam you got in the attachment you would have to save it on your hard drive. Then you would have to do certain manual actions to make the program run, when you save the file it does not automatically get the permissions to be executed.
When you save a file, it usually gets the permissions:
rw-r--r--.
So you need to change it to at least rwxr--r-- in order to be able to run it.

So for a simple person without any knowledge how a computer works it takes more than just a click to kill someones computer. And even if you get to the point when you can run the program, it can mainly damage what's in your personal folders, not the whole system! You may loose your documents, pictures, music, but your system will continue to do the job. THe program you will run may steal your personal information though, but still not damage the system. At least not so easily.

Of course if you have something like Java that allows you to run a progam in a browser, this only proves the concept is wrong again.
To me the whole concept of running progams in a web broswer is completely ridiculous, this is why we have web pages damaging computers. But what can we do now, probably nothing, the world moves on...

And think of protecting your c:\windows\system32 folder by setting the permissions as READ ONLY. You will not be able to update your system 3 times a day. As with Linuxes the concept is different, you can stay logged in as a regular use and run admin progams as root, but only when you allow them to and you know what you are doing.
On WIndows at work I am logged in as a domain user, which proves the UNIX concept. On Windows you can run admin progams and utilities with the "run as".
But I don't think people at home have Windows domains to control their computers.

Regards,
Richard

“Computers have enabled people to make more
mistakes faster than almost any invention in history,
with the possible exception of tequila and hand guns”
Mitch Ratcliffe

Last edited by rysiekmus2; 03-13-2009 at 08:19 PM.
 
Old 03-13-2009, 11:12 PM   #8
palisetty_suman
Member
 
Registered: Feb 2007
Location: TX, USA
Distribution: fedora
Posts: 191

Rep: Reputation: 33
Thumbs up hi

Hi always use this before you ask others

http://www.lmgtfy.com/?q=why+linux+is+more+secure

ALL THE BEST.


























Quote:
1% intelligence and 99% hard work makes you great person
 
Old 05-01-2009, 02:54 PM   #9
reavean
LQ Newbie
 
Registered: Feb 2009
Posts: 4

Original Poster
Rep: Reputation: 0
Hi,

hey thanks guys,thanks for your support.I got my doubt cleared,I need to work more I think.Thanx once again guys.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Why EnGarde Secure Linux is "Secure By Design" LXer Syndicated Linux News 0 10-10-2006 01:21 AM
how can I secure my nis server ?can I use openSSL to secure it form sniffing ? abhi_raj Linux - Networking 1 07-10-2006 07:19 AM
LXer: University of Michigan Selects SSH Tectia for Secure System Administration and Secure File Transfers LXer Syndicated Linux News 0 04-25-2006 01:54 AM
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 5 04-07-2005 05:12 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 02:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration