[kwlug-disc] Linus viruses

John Van Ostrand john at netdirect.ca
Tue Jul 27 19:50:02 EDT 2010 


----- Original Message -----
> I don't think there's a need to get that specific.
> 
> I have a linux desktop, had one for something like 5-10 years. I take
> no specific security precautions, run no virus scanner, and have never
> had an issue with external intrusions or compromises.
> 
> Try the same thing with a windows desktop. My mother's computer was
> filthy with viruses and hacks until I got her on to linux. All I did
> was do a default install, give her the machine, and no further issues.
> My point was, linux desktops don't get compromised ever. Not rarely -
> ever. I've never had it happen, and nobody on this list even knows
> anybody that it's ever happened to. that's the point I was curious
> about
> - could it happen in some remote possibility? Apparently not.
> 
> It's been argued back and forth 'why' many times. But the end result
> is, linux as a desktop has got to be the safest desktop available in
> terms of being compromised.
> 
> Webservers are an entirely different matter. Even still, almost all
> the
> hacks that happen on webservers that I've ever seen have nothing to do
> with linux and not even anything to do with the services - it's a
> problem with the web apps that allow hackers in. My webserver has been
> compromised a number of times. All times but one they were a mysql
> injection from poorly written code. The second time was an email form
> problem that allowed population of the 'to' field, again from a poorly
> written app.

>From a practical perspective you are correct. It would be fair to also include any non-Microsoft operating system in that including BSD, Unixes and Mac OS, etc.

I think the OS specific viruses are designed almost exclusively for the dominant desktop. If that were to change to Linux we would see a marked rise in problems. I would expect it would be less than for Windows though because of fewer design compromises.

The phishing tricks that I mentioned must just not be that common. The cross-site-scripting is one that needs to be solved on web servers so it should be more central and thus easier to eradicate.

-- 
John Van Ostrand 
CTO, co-CEO 
Net Direct Inc. 
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6 
Ph: 866-883-1172 x5102 
Fx: 519-883-8533 

Linux Solutions / IBM Hardware

More information about the kwlug-disc mailing list