With tools and things readily available with most Linux distros. C Compilers, Libraries, and such.

If it became a more mainstream Operating System, do you think we'd see a rise in Trojans, Viruses, Worms and Malware?

Rise in viruses, no.

Rise in trojans, of course. Trojans rely on social engineering (tricking the user) and not OS flaws.

I don't see what the "tools and things readily available" have to do with it.

I don't see what the "tools and things readily available" have to do with it.

i think that had more to do with how linux would become more mainstream.

I don't see what the "tools and things readily available" have to do with it.

I had a person tell me that Linux is a breeding ground for hackers. And, in truth, it might be a "hackers" OS of choice.

But the point he was making is that it's easier for people to cause damage based on the access you can get within the system.

Actually, I should qualify my last post by saying it depends on which Linux distro becomes most popular. If it's a distro that has security essentially disabled (no password for sudo or su, for example), then there's absolutely no reason why viruses and other malware could not thrive as much as they do in Windows.

I still think the most popular malware is based on social engineering.

Also, don't forget that a lot of non-power users do not install system updates regularly. Conficker could have infected no computers (instead of 10 million) if Windows users had installed all their Windows updates.

But the point he was making is that it's easier for people to cause damage based on the access you can get within the system. If someone is able to gain root access, then tools being available means nothing. If you have root access, you can always install your own tools.

If someone is able to gain root access, then tools being available means nothing. If you have root access, you can always install your own tools.

So are you saying without root access, you can't change anything in the system?

So are you saying without root access, you can't change anything in the system?
Without root access, you can't change any system files, yes.

But...

1. There exist some distros (Eee Xandros, HP Mobile Internet Experience) that have essentially no separation between user and root. If one of these distros were to gain serious popularity, then security wouldn't really be that much better than Windows'.

2. If people just migrate to Linux without educating themselves about social engineering and how to avoid it, then they will download and double-click (and password-authenticate for) any random .deb file, which will allow that .deb root access.

So are you saying without root access, you can't change anything in the system?

Of course you can change something. For example, Gedit doesn't require root, but it can save text files. You can delete files in your home folder. But nothing that kills the system.

With tools and things readily available with most Linux distros. C Compilers, Libraries, and such.

If it became a more mainstream Operating System, do you think we'd see a rise in Trojans, Viruses, Worms and Malware?

There is no such thing as absolute security; to quote Batman, "The Pentagon is just another building with more locks." :D

The scourge of the internet (trojans/malware/ etc...) will come to Linux if the OS proves worthwhile to creators of malicious code. Until then, it's a waste of time for them to target an operating system that features fewer potential victims than, say, Microsoft users.

There is no such thing as absolute security; to quote Batman, "The Pentagon is just another building with more locks." :D

The scourge of the internet (trojans/malware/ etc...) will come to Linux if the OS proves worthwhile to creators of malicious code. Until then, it's a waste of time for them to target an operating system that features fewer potential victims than, say, Microsoft users.

No. No, no, no.

Yes, more trojans will come if linux gains more market share. That's an inevitable fact.

But not more viruses. If your argument is that we don't have enough market share yet, may I remind you of servers, in which linux has a large majority of market share?

No. No, no, no.

Yes, more trojans will come if linux gains more market share. That's an inevitable fact.

But not more viruses. If your argument is that we don't have enough market share yet, may I remind you of servers, in which linux has a large majority of market share?
Servers don't run the same kinds of applications that desktops and laptops do, and they also are more likely to be run by a qualified network administrator instead of your average Windows user.

Its a simple matter of numbers.
Windows is the most popular system and most widely used, so it has more vulnerabilities due to the sheer number of people using it.

If i had 1000 apples, and 10 oranges. Both are fruit so they are both equally as likely to get worms. But in which crate do you think youd find the most worms?

If Linux ever became more popular and widly used than Windows then Linux will be the most vulnerable to any type of attack. Its just a matter of numbers.

I had a person tell me that Linux is a breeding ground for hackers. And, in truth, it might be a "hackers" OS of choice.

But the point he was making is that it's easier for people to cause damage based on the access you can get within the system.
I think the person you refer to needs to have the difference between hackers and crackers explained to them.

Of course hackers like Linux - hacking code together is so much easier when the code is available!

Its a simple matter of numbers.
Windows is the most popular system and most widely used, so it has more vulnerabilities due to the sheer number of people using it.

If i had 1000 apples, and 10 oranges. Both are fruit so they are both equally as likely to get worms. But in which crate do you think youd find the most worms?

If Linux ever became more popular and widly used than Windows then Linux will be the most vulnerable to any type of attack. Its just a matter of numbers.
I've heard this said before and I don't agree with it, certainly not as simplistically.

Sure, if the whole world ran Ubuntu then it would be more of a target but the reason Windows is so often compromised is due to some unfortunate design decisions.

To further your analogy - no matter how many oranges there are, worms don't like them.

Its a simple matter of numbers.
Windows is the most popular system and most widely used, so it has more vulnerabilities due to the sheer number of people using it.

If i had 1000 apples, and 10 oranges. Both are fruit so they are both equally as likely to get worms. But in which crate do you think youd find the most worms?

If Linux ever became more popular and widly used than Windows then Linux will be the most vulnerable to any type of attack. Its just a matter of numbers.
You've already presupposed that Windows and Linux are the same type of fruit. So, of course, if you make that misplaced assumption, then they would have the same number of vulnerabilities exploited with the same marketshare.

But you really have shown in any way that they are the same type of fruit.

With tools and things readily available with most Linux distros. C Compilers, Libraries, and such.

If it became a more mainstream Operating System, do you think we'd see a rise in Trojans, Viruses, Worms and Malware?

No. But I do think users of GNU/Linux will be targeted more often by social engineering attacks. No OS can protect the user from handing over root access to some silly "screen saver" or other such garbage. And considering how easy it is to install .debs from outside the repos, I think this will be a future attack vector. Some scammers will invariably put up fake websites with all sorts of little toys for download and, sadly, new users will fall for it because they just aren't used to the notion of a package manager.

But if you're asking if being open-source makes Linux more susceptible to attack, then the answer is a resounding no. On the contrary, being open-source makes it less susceptible to attack. You know, "many eyes" and all of that.

With tools and things readily available with most Linux distros. C Compilers, Libraries, and such.

If it became a more mainstream Operating System, do you think we'd see a rise in Trojans, Viruses, Worms and Malware?

There may be a rise in attempts at these sorts of things, but the more the waves crashed against the kernel, the stronger it would become. I think that when people would be infected it would be by and large socially engineered viruses, not so much the exploitation of security holes in the OS itself (while readily admitting there is not such thing as a perfectly secure OS). In all probability, this is what plagues Windows more than anything else. People visiting dark corners of the interwebs, downloading software from these dark corners, people installing software without knowing anything about it. Sure people get nailed with the holes in the OS, but most people get nailed with a lazy attitude about security. Indeed, its one of the things that amazes me; most people lock their cars, homes, avoid "bad areas of town", etc.; then, they hop on the internet, throw all caution to the wind, and hand their computers off to every shady character they come across; insane no?

Indeed, its one of the things that amazes me; most people lock their cars, homes, avoid "bad areas of town", etc.; then, they hop on the internet, throw all caution to the wind, and hand their computers off to every shady character they come across; insane no?
Its not that surprising really - why do people avoid the bad areas? They heard it was somewhere they could be robbed. How do they know that's a bad thing? They have experienced, at some point, intimidation, fear and loss. They use this experience to make judgements.

These same people often have no experience of any of these connections on a computer, moreover everyone they have met and everything they have so far used was easy to get along with and helpful.

Its like young children having no fear of cars - they associate them with warmth, comfort, going to sleep and waking up somewhere new.

There may be a rise in attempts at these sorts of things, but the more the waves crashed against the kernel, the stronger it would become. I think that when people would be infected it would be by and large socially engineered viruses, not so much the exploitation of security holes in the OS itself (while readily admitting there is not such thing as a perfectly secure OS). In all probability, this is what plagues Windows more than anything else. People visiting dark corners of the interwebs, downloading software from these dark corners, people installing software without knowing anything about it. Sure people get nailed with the holes in the OS, but most people get nailed with a lazy attitude about security. Indeed, its one of the things that amazes me; most people lock their cars, homes, avoid "bad areas of town", etc.; then, they hop on the internet, throw all caution to the wind, and hand their computers off to every shady character they come across; insane no?

I guess I don't quite understand the "kernel" the way you do. What I am thinking is that the source for any said "kernel" is available to anyone who want's to use it, recompile it, change it, etc.

Wouldn't someone be able to use the source code to find, exploit, or make security holes?

Wouldn't someone be able to use the source code to find, exploit, or make security holes?

Yes. And this is precisely what you want! The more security experts with their eyes on the code, the more exploits are found -- and fixed.

Yes. And this is precisely what you want! The more security experts with their eyes on the code, the more exploits are found -- and fixed.

Which leads me to my first statement, if Linux was more mainstream, do you think more people would be helpful or malicious?

Which leads me to my first statement, if Linux was more mainstream, do you think more people would be helpful or malicious?
Both.

The good folks would be more helpful to Linux.

And the bad folks would target their energies toward Linux.

And then the two would cancel each other out. So the availability of source code does not make Linux more vulnerable to attacks.

As others have stated numerous times in this thread, though, Linux probably would see just as much malware in the form of trojans, because social engineering takes advantage of flaws in the user, not flaws in the OS code.

I guess I don't quite understand the "kernel" the way you do. What I am thinking is that the source for any said "kernel" is available to anyone who want's to use it, recompile it, change it, etc.

Wouldn't someone be able to use the source code to find, exploit, or make security holes?
Yes a person can look at the source code to find, and possibly exploit existing security holes. As for creating new ones, I doubt seriously that the Kernel team would accept a Kernel with new security holes punched in it, so the probability of a custom brewed Kernel whose sole purpose is to create security problems is as close to "never gonna happen" as one can get, unless of course one were to install the kernel from some unknown, untrusted website, which again comes down to socially engineered problems.

Keep in mind, that there are a host of people looking at the Kernel source for security holes with the intention of making them known so they can be fixed; this, is the beauty of Open Source.

Which leads me to my first statement, if Linux was more mainstream, do you think more people would be helpful or malicious?


Helpful. Hackers, whether they be developers or malicious black-hats, have large egos. If you don't believe that, then read the kernel mailing list sometime. (Even worse are the security mailing lists and the fights over LSM, Selinux and the like). If some black-hat found some major kernel exploit, he would have a very hard time not making it known for recognition. And recognition helps a lot in that field -- it could mean a high paying job. Of course, it's possible some eastern European criminal enterprise would offer him 6 digits for the code before he made it public, but even if that happened on rare occasions the benefits of open-source outweigh rare instances like this.

Look at it this way, Windows is closed-source, yet that doesn't stop it from having an inordinate amount of major security flaws does it? Open-source code is not a security risk.

cinestar


Re: Does Linux have the potential to be worse than Windows?
Its a simple matter of numbers.
Windows is the most popular system and most widely used, so it has more vulnerabilities due to the sheer number of people using it.

If i had 1000 apples, and 10 oranges. Both are fruit so they are both equally as likely to get worms. But in which crate do you think youd find the most worms?

If Linux ever became more popular and widly used than Windows then Linux will be the most vulnerable to any type of attack. Its just a matter of numbers.


GNU/Linux has about 60% of the webserver market; Windows has about 20%. Guess which one has more malware built for it? (Right the latter.)

Both.

The good folks would be more helpful to Linux.

And the bad folks would target their energies toward Linux.

And then the two would cancel each other out. So the availability of source code does not make Linux more vulnerable to attacks.

As others have stated numerous times in this thread, though, Linux probably would see just as much malware in the form of trojans, because social engineering takes advantage of flaws in the user, not flaws in the OS code.

I gotcha, It just seemed that Microsoft and OSX's source code is locked up, and not readily available. So exploits in those OS's would take a lot more work to find.

MS and OSX's vaults are locked, and in a hidden location. Linux hands out the blueprints. It's a strange analogy, I know, but it seems plausible.

I gotcha, It just seemed that Microsoft and OSX's source code is locked up, and not readily available. So exploits in those OS's would take a lot more work to find. Well, as you can see from the malware scene in Windows, closing the source doesn't close up the vulnerabilities.

Well, as you can see from the malware scene in Windows, closing the source doesn't close up the vulnerabilities.

I see. But that's probably because Windows is in more machines.

I see. But that's probably because Windows is in more machines.
The issue is whether opening up the source makes it easy to find vulnerabilities. My point was simply that closing the source doesn't prevent people from finding vulnerabilities to exploit. If having a large marketshare adds an incentive to find vulnerabilities, that's fine.

The issue was about closed v. open, and the point is that closed does not protect you.

But as has already been established, Linux has plenty of marketshare on servers and is compromised still less than Windows.

If Linux is going to be compromised in the consumer space (laptop / desktop / netbook), it will most likely be through social engineering and not through trying to exploit vulnerabilities in the code. Why bother looking at source code if you can trick a gullible user into installing your .deb file?

The issue is whether opening up the source makes it easy to find vulnerabilities. My point was simply that closing the source doesn't prevent people from finding vulnerabilities to exploit. If having a large marketshare adds an incentive to find vulnerabilities, that's fine.

Yep, not having a car means you can't have it stolen.

The issue was about closed v. open, and the point is that closed does not protect you.

Sure doesn't. Windows has WAY more viruses, trojans, worms, etc. Than Mac OSX and Linux combined.

But as has already been established, Linux has plenty of marketshare on servers and is compromised still less than Windows.

Yeah, thanks for that. I didn't really think about how many servers out there run on Linux.

If Linux is going to be compromised in the consumer space (laptop / desktop / netbook), it will most likely be through social engineering and not through trying to exploit vulnerabilities in the code. Why bother looking at source code if you can trick a gullible user into installing your .deb file?

Back to the ol' back door. Seems to work the best for most hackers. Speaking of gullible... It's amazing to me how many people click on pop-up windows that say "Your system is at risk, click here to save it from certain doooooooooooom!"

Back to the ol' back door. Seems to work the best for most hackers. Speaking of gullible... It's amazing to me how many people click on pop-up windows that say "Your system is at risk, click here to save it from certain doooooooooooom!" Well, if Linux does become popular without computer users becoming more educated, then you'll see those same kinds of attacks on Linux, too.

And don't forget that Linux usually has sensible security defaults, but it's very possible to create insecure Linux distros, and if one of those gets popular, it could invite all sorts of malware that does not depend on social engineering.

Linux is just a kernel. At this point, most operating systems (what we know of as "distros) using the Linux kernel use sensible security defaults and tend to favor security over convenience when the two are at odds. But as more of the "How do I turn off UAC?" crowd migrates to Linux, you'll see more pressure to make distros that chip away at the separation between user and system.

I guess I don't quite understand the "kernel" the way you do. What I am thinking is that the source for any said "kernel" is available to anyone who want's to use it, recompile it, change it, etc.

Wouldn't someone be able to use the source code to find, exploit, or make security holes?
Yes just as (more commonly) people find holes and patch them. Closed source vulnerabilities are clearly still found despite the source not being available but cannot be seen and quickly patched by thousands of people around the world.

Back to the ol' back door. Seems to work the best for most hackers. Speaking of gullible... It's amazing to me how many people click on pop-up windows that say "Your system is at risk, click here to save it from certain doooooooooooom!"
Hacker != cracker && A back door != social engineering.

The pop up example is a drive by (http://en.wikipedia.org/wiki/Drive-by_download) this, although having an element of social engineering, needn't do and is often exploiting activex vulnerabilities.

Which leads me to my first statement, if Linux was more mainstream, do you think more people would be helpful or malicious?
Which assumes that an equal number of new users are capable of finding and exploiting or patching bugs.

Which leads me to my first statement, if Linux was more mainstream, do you think more people would be helpful or malicious?

Yes and yes. If more people used linux, more people would be helpful and malicious.
However, I bet the ratio would be more helpful and less malicious.

If a city has millions of people, they have more crime then a small town. However, the per capita maybe much lower.

As has been noted, server security isn't analogous to desktop security.

The single most important security element of any desktop system is the USER/ADMINISTRATOR

Enterprise systems tend to have professional administrators managing their desktop fleet.

However, in consumer units (home), an inept or uninterested user will find a way to compromise any system they run.

Therefore, as has been shown with Windows, these users make the cyber landscape dangerous for all of us.

Since we're NOT going to change the people, we can provide features that might help these users avoid attack.

I think linux's basic structure is an advantage, but it's not invulnerable.

this whould only happen if some of the main distros banded together but yes it is verry possable all that is needed is to have some errors in the code (large glitchy ones not small ones that linux alredy has) and a way to hack the sudo password with out being root (ubuntu point of view)

this whould only happen if some of the main distros banded together but yes it is verry possable all that is needed is to have some errors in the code (large glitchy ones not small ones that linux alredy has) and a way to hack the sudo password with out being root (ubuntu point of view)
Not everyone has commit access to any old branch and those of us that do don't just commit patches without checking.

With the exception of the ssh bug, which was a big bug and shouldn't have happened - even that didn't exactly see widespread compromises.

One of the reasons Linux users are safer from viruses and even trojans is because of the package managers. Most users do not need to find a random deb file some place on the internet. That's the Windows way of installing software, and it is horribly misused and abused. The stuff that isn't in the main repositories, usually if it's any good, will have a PPA somewhere (Gnote, for instance), and if not then, then it will have a big fancy website with a large community which suggests credibility (Songbird for instance). And if not then, then the app will be hosted on a place such as Sourceforge, where one imagines that if the software is indeed a virus, it will be discovered pretty quickly. I have never had to look beyond this point to get my software, and I consider myself a pretty knowledgeable power-user. The only people who will be logging on to some obscure server to grab the source or a deb of some package or other will have the smarts to know what they're doing. 99% of users, however, will never have to go beyond the repositories for their stuff.

That won't stop complete idiots from running a deb file spammed to them from an email, but it will stop a lot of people from doing that.