Hello there,

This is a rather intriguing question I must say. I have have been a devout Windows Vista until I made the switch to Linux. And its been along time I logged back into the OS. And seems like the way the things are going...I m not planning to either.

Any ways coming back to the point.

As a windows users, people suffer from usual hacks or scripts,viruses etc.
One the major reason of these attacks could be that Windows is one of the most widely used operating.Thus making it more prone to attacks
The other reason would Windows is easy to manipulate, always provides root access etc.

As I have seen and understood in the last few months as a Linux/Ubuntu user, Linux/Ubuntu has not been "until now" right up Windows nose But is now taking away market share little by little.

So at this point, Outsider's could well say
"You guys are not the majority so you haven't had to suffer." or " Wait and watch when you come upto that level"

Considering this attitude and not currently being in majority tells us that we have not been target for that very reasons.We could well end with the same fate of Windows users but slightly less suffering..


So the question I ask is

" Will Anti-virus be a need of the hour as we see Ubuntu/Linux grow?"



P-S
*We already have ClamAV putting up a strong hold but I have heard it is more effective in shutting down windows viruses.(CSorry cant confirm my source on that I may be wrong is saying that)
*Also we are looking at a different breed of viruses scripts which could cause havoc.

Perhaps - though it isn't a need yet for Mac OS.

On the other hand - what is starting to worry me is the following: what if someone hacked the repositories and a malicious update was sent to nearly all ubuntu machines - I think it could bring them all down.

It would be a disaster.

Thoughts? Are my worries silly?

:rolleyes:

How many times will this be asked? And how many times will the "market share" argument have to be debunked before people get it? No, Linux does not need AV software and never will if people follow basic precautions such as never running as root and always using the software repositories.

AV software is not even that effective on Windows anyway. The reason so many people use it is because the AV companies tell them they need it.

:rolleyes:



AV software is not even that effective on Windows anyway. The reason so many people use it is because the AV companies tell them they need it.


And thats why I always used to use AVG Free and zone alarm, if I can get a free version, I will, why spend money on AV software when you can get it for free? if you know where to look.

:rolleyes:

How many times will this be asked? And how many times will the "market share" argument have to be debunked before people get it? No, Linux does not need AV software and never will if people follow basic precautions such as never running as root and always using the software repositories.

AV software is not even that effective on Windows anyway. The reason so many people use it is because the AV companies tell them they need it.

I have been a Windows user and I have had a AV installed and trust me it works. So many times my friend bought is usb-stick loaded with a few of them.
The reason I say this I have already once suffered the trauma losing data to a "virus".

I must say you have point there though.

But I really want to say is for a average new user who does not know much. It could be a difficult task.

Per say, "My mom she would have no clue how to give root access and may be she did manage somehow to give it. How is gods name is she going to know that the file she is about to run is Virus."


Also bout the popularity issue. "Its like saying we are perfect in everything we do and we certainly know that not the case eg Ubuntu jaunty Xorg fiasco"

bout repositories infection, i like to think they have enough protection there...

I don't really know why linux cannot be infected by viruses. Windows Vista tried to have similar protection than linux asking for permissions to run almost avery program, but it wasn't enough.

I trust ubuntu, don't missunderstand me, it's just that when i trie to convince family & friends to migrate to ubuntu, i can't really answer the question "why ubuntu wouldn't get attacked by viruses/worms/troyans etc..."

Per say, "My mom she would have no clue how to give root access and may be she did manage somehow to give it. How is gods name is she going to know that the file she is about to run is Virus.
If the mom in this case wasn't part of the admin group on the computer, it would be impossible to give root access. That's one of the strengths of Linux.

On the other hand - what is starting to worry me is the following: what if someone hacked the repositories and a malicious update was sent to nearly all ubuntu machines - I think it could bring them all down.
Assuming they even managed to hack the server holding the updates, they'd need to also digitally sign everything with one of the trusted Ubuntu repository keys, which don't exist on the server holding the updates. I'd be surprised if the key didn't only exist on a few specific computers owned by some of the Ubuntu devs - so the key would have to be stolen from one of them.

:rolleyes:

How many times will this be asked? And how many times will the "market share" argument have to be debunked before people get it? No, Linux does not need AV software and never will if people follow basic precautions such as never running as root and always using the software repositories.

AV software is not even that effective on Windows anyway. The reason so many people use it is because the AV companies tell them they need it.

Oh misguided Linux folks, thinking that not running as root will save you.

NEWSFLASH: Malware runs just as well under a user account as it does under root. It has access to the internet, it can access your data, it can record your keystrokes, etc. Malware doesn't need root access.

[QUOTE]Per say, "My mom she would have no clue how to give root access and may be she did manage somehow to give it. How is gods name is she going to know that the file she is about to run is Virus."

That's the whole point. Without root access she can't install anything to begin with.

Also bout the popularity issue. "Its like saying we are perfect in everything we do and we certainly know that not the case eg Ubuntu jaunty Xorg fiasco"

Never said Linux was perfect. The issues you raise have nothing to do with the subject at hand.

Oh misguided Linux folks, thinking that not running as root will save you.

NEWSFLASH: Malware runs just as well under a user account as it does under root. It has access to the internet, it can access your data, it can record your keystrokes, etc. Malware doesn't need root access.

How do you propose this malware execute itself in the first place?

If the mom in this case wasn't part of the admin group on the computer, it would be impossible to give root access. That's one of the strengths of Linux.

That's not a strength of Linux...the same thing is true of Windows. If your account doesn't have administrator permissions, you can't do anything. The difference is that manufacturers ship their PC's with the default user given admin access...in fact, this is true no matter what OS you use. Ubuntu, Mac OS, and Windows all, by default, give admin access to their users, albeit with rights elevation. The only way a user won't have admin access is if another admin user configures it that way...and that holds the same for all OS's.

The Linux security argument is old and tired.

[QUOTE=sukhiaatma;7522657]




That's the whole point. Without root access she can't install anything to begin with.



Never said Linux was perfect. The issues you raise have nothing to do with the subject at hand.


I am sorry What I really meant to say by quoting you at that moment was that you seem hell bent on saying that Linux will never need a AV. And I was talking in the near future.

Any ways this is just a discussion So I guess I will apologize if you have taken me in the wrong sense.

Peace..V

That's the whole point. Without root access she can't install anything to begin with.

She doesn't need to install anything on the system to be compromised. Programs run just fine in user space.

How do you propose this malware execute itself in the first place?

A) Exploits. You don't think those security updates you get through the Update Manager are for fun, do you?

B) Social Engineering. This is how most malware gets on Windows systems. You trick the user into executing the malware. There's nothing any OS can do to prevent this.

:rolleyes:

How many times will this be asked? And how many times will the "market share" argument have to be debunked before people get it?

This has been asked and answered so many times I moved this thread to recurring discussions.

If you wish to know about security, see Ubuntu Security - Ubuntu Forums (http://ubuntuforums.org/showthread.php?t=510812)

The bottom line , Linux is not windows and viruses are a non issue on Linux because of the way the OS is designed. It has nothing to do with market share.

Viruses are for the most part a windows phenomena and windows remains vulnerable to these attack vectors because Microsoft has not patched the core code (and other vulnerabilities).

She doesn't need to install anything on the system to be compromised. Programs run just fine in user space.

Yeah, with limited permissions. And even then, the user would need to make the malicious file executable before it would run.


A) Exploits. You don't think those security updates you get through the Update Manager are for fun, do you?

Let's say there was a browser exploit (the most common kind that affect every day users), the exploit would only be able to deliver a payload that runs with the limited permissions of the browser. And there are simple ways to mitigate this attack vector (noexec mounted partitions and MAC systems to name a couple).

Secondly, where are these viruses that utilize these exploits? Do you have an example of even one? Just one? Considering that Linux has more than 1% share on the desktop now, shouldn't we see even one or two such viruses out there? Even if just 1 out of 1000 virus authors wrote for Linux, we should see a virus presence by now. Yet we don't. And this doesn't even take into consideration the large number of *nix servers out there (if you add all the *nixes together, they make up a larger share of the server market than Windows).

B) Social Engineering. This is how most malware gets on Windows systems. You trick the user into executing the malware. There's nothing any OS can do to prevent this.

I agree nothing can be done to prevent social engineering. However, Linux has the advantage of package managers -- something windows does not have. Will this stop every idiot from giving root privileges to some flashy screensaver .deb package? No. But the package manager makes it a lot simpler to manage software. "sudo apt-get install foobar" sure beats heading out into the wild west of the 'net looking for software (like must be done on Windows).

While I agree that more viruses for linux WILL be made in the future, linux has much better options to defend against them than windows. I've heard hardening your kernel is supposed to make your installation nearly bullet proof.

The number of attacks against Linux has been steadily increasing. The main reason is the number of users switching to Linux is increasing due to it's GUI concept. Linux has become easier to use and a less expensive replacement for Windows. Microsoft has always been a target because any knuckle head can point and click. Meaning more people with below average computing skills were running in this environment. That's why it all boils down to proper configuration and proper security measures. You can't write a virus specifically for Windows and install in Linux and expect it to run. Due to the different architecture. As a programmer one of my biggest challenges is interoperability. This is where cross-platform malware comes into play. I could write a virus that is coded to respond differently depending on the host operating system. If it detects Windows XP it attacks as such. If Ubuntu is detected different commands are run. Don't take that the wrong way, I have better things to do. Then there's platform independent environments. OpenOffice, Firefox, etc... The last time I ran ClamAV I freshclammed to update my definition database. There where over a half a million definitions. So configure properly and secure properly. AntiVirus, RootKitcheckers, Firewalls, BackUps, regular updates. You need them all.

Yeah, with limited permissions. And even then, the user would need to make the malicious file executable before it would run.

Not true. Go download Songbird and extract it. Double click the Songbird icon. What happens? Didn't need to make anything executable, did you? Putting a file in an archive preserves its permissions.

Secondly, where are these viruses that utilize these exploits? Do you have an example of even one? Just one?

Yes, lets just stick our heads in the sand and claim invulnerability.

This is where cross-platform malware comes into play. I could write a virus that is coded to respond differently depending on the host operating system.

There were several of these that made news in the early 2000's (lots of talk from Symantec and McAfee urging Linux users to buy their software). We see how well these viruses have spread haven't we?

The last time I ran ClamAV I freshclammed to update my definition database. There where over a half a million definitions.

The vast majority of those are Windows definitions. You know that, right?

So configure properly and secure properly. AntiVirus, RootKitcheckers, Firewalls, BackUps, regular updates. You need them all.

I agree with the firewalls, backups and updates, but AV and rootkit checkers are worthless. In order for a rootkit to be useful to an attacker, the machine already has to be compromised through some other means. The purpose of a rootkit, by definition, is not to infect a machine but to allow repeated access and to cover tracks. Therefore, any hacker with root access can easily hide his rootkit from such a scanner.

No I didn't know clam AV ran under windows.
And the root kit lets an attacker gain access to your root account which results in your computer or network is no longer in your control.

Not true. Go download Songbird and extract it. Double click the Songbird icon. What happens? Didn't need to make anything executable, did you? Putting a file in an archive preserves its permissions.

That's a Gnome-specific thing, implemented to try and help people out, by automagically allowing binaries to be executable. And yes, some people have made proof-of-concept examples of how this could be abused. Gaining root access, however, can be a little tricky. Not impossible, but it involves a bit of luck. One such way would be to replace one of the launchers in the System>Administration menu with a small script to launch gksudo along with your exploit, before running the application as usual. Some things in the Admin menu require root privileges, others don't, so this attack could affect users who can't remember which ones do.

Yes, lets just stick our heads in the sand and claim invulnerability.

I think Feynmann said it best, "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Viruses and other types of malware can and do exist for Linux. They are as trivial to make as they are for Windows. I could write a pretty kick-*** python script or even a Bash script that would hose your system, and it would take me all of five minutes. I could probably make one to gain access to your important files, which is predominantly how botnets are funded these days. Nobody writes viruses to just destroy systems any more, because getting users' credit card details proves much more lucrative.

But the most important factor in all of this is how such things spread. It is this fact alone that determines how successful any malware can be. Of the thousand or so known pieces of malware created for Linux-based machines, none have been found in the wild, none have managed to spread, none have been known to cause any great amount of damage at all. More than half of the internet runs on Linux, and it has more than a few million desktop users. It would be in the interests of someone, then, to create a successful Linux virus. This hasn't happened. Evidence makes or breaks the claims that Linux can be severely hit with a virus. That evidence is lacking.

No I didn't know clam AV ran under windows.

It does. But that wasn't what I said. I said the virus definitions are overwhelmingly Windows virus definitions. ClamAV was designed to scan for Windows viruses. From the ClamAV website:

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.

As you can see, the main reason ClamAV was written is for mail servers and the like to assure they are not passing on Windows viruses to Windows machines that access the server. It's more of an act of courteousness than anything.

And the root kit lets an attacker gain access to your root account which results in your computer or network is no longer in your control.

The rootkit is not, by definition, a tool to break into a machine. It is a tool used to cover the tracks of an already present attacker and to allow easy remote "administration" of the machine.

Nobody writes viruses to just destroy systems any more, because getting users' credit card details proves much more lucrative.

Well put monsterstack. Attackers just want the high-priced data housed in the computer.


The rootkit is not, by definition, a tool to break into a machine. It is a tool used to cover the tracks of an already present attacker and to allow easy remote "administration" of the machine.

Okay I can agree with that. I see what your saying know.

ok only if someone put a code into an application and exploted su acess somehow

doubt it will ever happen :popcorn:

Hello there,
This is a rather intriguing question I must say. I have have been a devout Windows Vista until I made the switch to Linux. And its been along time I logged back into the OS. And seems like the way the things are going...I m not planning to either.

Any ways coming back to the point.

As a windows users, people suffer from usual hacks or scripts,viruses etc.
One the major reason of these attacks could be that Windows is one of the most widely used operating.Thus making it more prone to attacks
The other reason would Windows is easy to manipulate, always provides root access etc.

As I have seen and understood in the last few months as a Linux/Ubuntu user, Linux/Ubuntu has not been "until now" right up Windows nose But is now taking away market share little by little.

So at this point, Outsider's could well say
"You guys are not the majority so you haven't had to suffer." or " Wait and watch when you come upto that level"

Considering this attitude and not currently being in majority tells us that we have not been target for that very reasons.We could well end with the same fate of Windows users but slightly less suffering..


So the question I ask is

" Will Anti-virus be a need of the hour as we see Ubuntu/Linux grow?"



P-S
*We already have ClamAV putting up a strong hold but I have heard it is more effective in shutting down windows viruses.(CSorry cant confirm my source on that I may be wrong is saying that)
*Also we are looking at a different breed of viruses scripts which could cause havoc.
It really comes down to the End Users habits and personal concern for security.
I'm no MS Windows proponent, but I will say that it can be reasonably secure if people would take time to have limited accounts, not download malware and install it, not be gullible gits who fall for socially engineered viruses, etc... etc...; sure Windows would still have its security holes, but the biggest threat to any computers security, is the person sitting at the keyboard.

I frequently see people asking how to create root accounts, or how to auto start a program with root privileges, how to turn off updates, etc..., these are just not wise things to do. So as more users come to Ubuntu as well as other GNU/Linux Distributions, I think we will see more socially engineered security issues, more hijacking because of poor privilege setups, and more attacks on machines that are not keeping their security updates up to date.

I had a friend mildly complain that every day there was a new update sitting in her update manager, and I told her that while that could be turned down to once a week like is done regularly in other Operating Systems, I recommend being as up to the minute as is practical; she understood the reasoning, and agreed.

Change behaviors and it will greatly reduce security threats, regardless of the OS one is running.

" Will Anti-virus be a need of the hour as we see Ubuntu/Linux grow?"

GNU/Linux has about 2/3 of the web server market and Microsoft has about 20% of it. Guess which os has the problem with viruses and which does not.