[kwlug-disc] Linus viruses
rashkae at tigershaunt.com
Wed Jul 28 10:57:34 EDT 2010
Insurance Squared Inc. wrote:
> I don't think there's a need to get that specific.
> I have a linux desktop, had one for something like 5-10 years. I take
> no specific security precautions, run no virus scanner, and have never
> had an issue with external intrusions or compromises.
> Try the same thing with a windows desktop. My mother's computer was
> filthy with viruses and hacks until I got her on to linux. All I did
> was do a default install, give her the machine, and no further issues.
> My point was, linux desktops don't get compromised ever. Not rarely -
> ever. I've never had it happen, and nobody on this list even knows
> anybody that it's ever happened to. that's the point I was curious about
> - could it happen in some remote possibility? Apparently not.
I'm sorry, this is simply false. Very false. I've once been pwned by a
worm. I'll freely admit, it was entirely my fault for not locking down
a default Slackware install and not taking action to fix a well
publicized vulnerability. It was fascinating to see the hackers work,
using the compiler toolchain on my system to build the rootkit on the
fly and access the machine via an irc bot.... fun times. And more
recently, we have the example of themes being downloaded with malware
from gnome-look.org; a perfect example of Windows style malware when you
have users downloading and installing whatever they want with admin
privilages from untrusted sources.
I believe Linux security to be far and away better than the traditional
Windows model, but a direct comparison is unlikely to be useful. Linux
security is greatly improved by two important factors that are,
combined, probably better than any software design of modern OS's.
1. Relative obscurity: If Linux requires more work to compromise and
represents only 5% of of your potential target base, it makes little
sense to invest in malware for Linux desktops, currently.
2. Linux users are likely to be more tech savvy. So if Linux is on 1 -
5% of desktops, how many of those are likely to be a potential victim?
half? less than a quarter?
More information about the kwlug-disc