Yellow Fang
Legendary Member
- Location
- Reading
Why is Linux less vulnerable to virus attack? Is it more than it not being the dominant operating system?
Linux and viruses
- Thread starter Yellow Fang
- Start date
Page may contain affiliate links. Please see terms for details.
OP
OP
Yellow Fang
Legendary Member
- Location
- Reading
Why is Linux less vulnerable to virus attack? Is it more than it not being the dominant operating system?
2Loose
Guru
- Location
- Loughborough, Leicestershire.
I'll have a pop at this one...and I am sure it won't be the full story but here goes.
Linux follows a security model that means people or programs have to be specifically allowed to do things, rather than the model used by windows which allows (almost) everyone all of the rights and privileges by default.
Linux is very popular for web servers and so on, hopefully(?) configured and looked after by experts, making them generally harder to infect.
Linux on the desktop is far less popular than windows, but the majority of its users are also fairly tech savvy, meaning their systems are generally more secure.
These reasons in particular make the virus writers choose between 1)a large number of generally clueless set of targets (Windows) or 2)a small number and likely to be well protected (Linux) set of targets.
There are virii that infect Linux where the machines have not been updated or configure properly, but faced with the above choices, and assuming you were a bad man trying to make cash out of dodgy things, which targets would you pick to try and exploit?
Linux follows a security model that means people or programs have to be specifically allowed to do things, rather than the model used by windows which allows (almost) everyone all of the rights and privileges by default.
Linux is very popular for web servers and so on, hopefully(?) configured and looked after by experts, making them generally harder to infect.
Linux on the desktop is far less popular than windows, but the majority of its users are also fairly tech savvy, meaning their systems are generally more secure.
These reasons in particular make the virus writers choose between 1)a large number of generally clueless set of targets (Windows) or 2)a small number and likely to be well protected (Linux) set of targets.
There are virii that infect Linux where the machines have not been updated or configure properly, but faced with the above choices, and assuming you were a bad man trying to make cash out of dodgy things, which targets would you pick to try and exploit?
2Loose
Guru
- Location
- Loughborough, Leicestershire.
I'll have a pop at this one...and I am sure it won't be the full story but here goes.
Linux follows a security model that means people or programs have to be specifically allowed to do things, rather than the model used by windows which allows (almost) everyone all of the rights and privileges by default.
Linux is very popular for web servers and so on, hopefully(?) configured and looked after by experts, making them generally harder to infect.
Linux on the desktop is far less popular than windows, but the majority of its users are also fairly tech savvy, meaning their systems are generally more secure.
These reasons in particular make the virus writers choose between 1)a large number of generally clueless set of targets (Windows) or 2)a small number and likely to be well protected (Linux) set of targets.
There are virii that infect Linux where the machines have not been updated or configure properly, but faced with the above choices, and assuming you were a bad man trying to make cash out of dodgy things, which targets would you pick to try and exploit?
Linux follows a security model that means people or programs have to be specifically allowed to do things, rather than the model used by windows which allows (almost) everyone all of the rights and privileges by default.
Linux is very popular for web servers and so on, hopefully(?) configured and looked after by experts, making them generally harder to infect.
Linux on the desktop is far less popular than windows, but the majority of its users are also fairly tech savvy, meaning their systems are generally more secure.
These reasons in particular make the virus writers choose between 1)a large number of generally clueless set of targets (Windows) or 2)a small number and likely to be well protected (Linux) set of targets.
There are virii that infect Linux where the machines have not been updated or configure properly, but faced with the above choices, and assuming you were a bad man trying to make cash out of dodgy things, which targets would you pick to try and exploit?
amnesia
Free-wheeling into oblivion...
- Location
- Bournemouth, Dorset
+1
Windoze is such an easy target, why bother making life difficult for yourself ?
That said, a true hacker would prefer the challenge of LINUX.
Windoze is such an easy target, why bother making life difficult for yourself ?
That said, a true hacker would prefer the challenge of LINUX.
amnesia
Free-wheeling into oblivion...
- Location
- Bournemouth, Dorset
+1
Windoze is such an easy target, why bother making life difficult for yourself ?
That said, a true hacker would prefer the challenge of LINUX.
Windoze is such an easy target, why bother making life difficult for yourself ?
That said, a true hacker would prefer the challenge of LINUX.
There's a couple of other, important points.
The big advantage Linux has over windows is its repositories which are monitored, along with the use of md5 checksums to make sure software isn't modified by external sources. And, of course, you can look at the source code of anything written under the GPL, so you can see exactly what it does.
Still, it's not fair to say Linux is more secure than Windows. There is a lot of malicious code written to exploit Linux, and both systems have strengths and weaknesses.
The big advantage Linux has over windows is its repositories which are monitored, along with the use of md5 checksums to make sure software isn't modified by external sources. And, of course, you can look at the source code of anything written under the GPL, so you can see exactly what it does.
Still, it's not fair to say Linux is more secure than Windows. There is a lot of malicious code written to exploit Linux, and both systems have strengths and weaknesses.
There's a couple of other, important points.
The big advantage Linux has over windows is its repositories which are monitored, along with the use of md5 checksums to make sure software isn't modified by external sources. And, of course, you can look at the source code of anything written under the GPL, so you can see exactly what it does.
Still, it's not fair to say Linux is more secure than Windows. There is a lot of malicious code written to exploit Linux, and both systems have strengths and weaknesses.
The big advantage Linux has over windows is its repositories which are monitored, along with the use of md5 checksums to make sure software isn't modified by external sources. And, of course, you can look at the source code of anything written under the GPL, so you can see exactly what it does.
Still, it's not fair to say Linux is more secure than Windows. There is a lot of malicious code written to exploit Linux, and both systems have strengths and weaknesses.
OP
OP
Yellow Fang
Legendary Member
- Location
- Reading
I'm sure I read something about the fact Linux being open source meant that any code that you downloaded came as source code which you could inspect before compiling and installing. That does not really seem to be the case any more. Every now and then with Ubuntu, I get a message recommending I install the latest update, which I do on trust. I don't seem to have to build and install any source code first. OTOH, Linux doesn't seem to just download and install any other unsolicited software.
OP
OP
Yellow Fang
Legendary Member
- Location
- Reading
I'm sure I read something about the fact Linux being open source meant that any code that you downloaded came as source code which you could inspect before compiling and installing. That does not really seem to be the case any more. Every now and then with Ubuntu, I get a message recommending I install the latest update, which I do on trust. I don't seem to have to build and install any source code first. OTOH, Linux doesn't seem to just download and install any other unsolicited software.
2Loose
Guru
- Location
- Loughborough, Leicestershire.
chris667 said:
You don't have to use the default repositories, but the ones you know, you can trust. Rather like only getting your downloads from downloads.com. Maybe. Even so, as you point out, you could take a look at the code to check if you wanted...people really do that you know.
I don't think one OS is more secure than the other, unless you throw the user element into the mix.
Non-Windows OS's (inc Mac's) are far better at teaching the user what is going on, without them getting into the habit of just clicking the OK prompt to make it go away without reading the message as *many* Windows users do out of habitignorance...my parents anyone?
CopperBrompton
Bicycle: a means of transport between cake-stops
- Location
- London
Here's a Linux virus:
evilmalware 0.6 (beta)
Copyright 2000, 2001, 2003, 2005 E/17 |-|4><0|2z Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of Viagra spams to people accross the world).
Basic Installation
Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to ‘allow everything’.
evilmalware 0.6 (beta)
Copyright 2000, 2001, 2003, 2005 E/17 |-|4><0|2z Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of Viagra spams to people accross the world).
Basic Installation
Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to ‘allow everything’.
- Put the attachment into the appropriate directory eg. /usr/src.
- Type ‘tar xvzf evilmalware.tar.gz’ to extract the source files for this virus.
- ‘cd’ to the directory containing the virus' source code and type ‘./configure’ to configure the virus for your system. If you're using ‘csh’ on an old version of System V, you might need to type ‘sh ./configure’ instead to prevent ‘csh’ from trying to execute ‘configure’ itself.
- Type ‘make’ to compile the package. You may need to be logged in as root to do this.
- Optionally, type ‘make check_payable’ to run any self-tests that come with the virus, and send a large donation to an unnumbered Swiss bank account.
- Type ‘make install’ to install the virus and any spyware, trojans pornography, penis enlargement adverts and DDoS attacks that come with it.
- You may now configure your preferred malware behaviour in /etc/evilmalware.conf.
Ben Lovejoy said:Here's a Linux virus:
evilmalware 0.6 (beta)
Copyright 2000, 2001, 2003, 2005 E/17 |-|4><0|2z Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of Viagra spams to people accross the world).
Basic Installation
Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to ‘allow everything’.
- Put the attachment into the appropriate directory eg. /usr/src.
- Type ‘tar xvzf evilmalware.tar.gz’ to extract the source files for this virus.
- ‘cd’ to the directory containing the virus' source code and type ‘./configure’ to configure the virus for your system. If you're using ‘csh’ on an old version of System V, you might need to type ‘sh ./configure’ instead to prevent ‘csh’ from trying to execute ‘configure’ itself.
- Type ‘make’ to compile the package. You may need to be logged in as root to do this.
- Optionally, type ‘make check_payable’ to run any self-tests that come with the virus, and send a large donation to an unnumbered Swiss bank account.
- Type ‘make install’ to install the virus and any spyware, trojans pornography, penis enlargement adverts and DDoS attacks that come with it.
- You may now configure your preferred malware behaviour in /etc/evilmalware.conf.
What?2Loose said:
Software people should stand well back from real languages. Only Latin words ending in -ius had a plural -ii. So even if this was a second declension masculine noun (which it isn't), the plural would be 'viri'.
In fact:-
- it's a neuter noun, so the theoretical plural would have been 'vira' or possibly 'virora'.
- it never had a plural in Latin. They used 'infection' as a collective word and would say 'different infection' just as we would say 'different weather' rather than 'different weathers'.
Dropping 'arboreta' or 'hippopotami' into the conversation is one thing: pedantic, but correct. 'Virii', however, tries to show erudition but actually demonstrates ignorance. It's a nasty Californian pretension, 2Loose, don't do it.
The English plural of virus is viruses.
2Loose
Guru
- Location
- Loughborough, Leicestershire.
Cor blimey guv'nor, bang to rights.
I learn something every day, but did you have to put int he Californian pretension bit
I learn something every day, but did you have to put int he Californian pretension bit
