Some interesting stuff about the recent explosion of malware (http://news.bbc.co.uk/1/hi/technology/7232752.stm) in the news today. I think the threat of viruses/malware is actually quite a big concern for most of the public. Many non-techy people think "virus!" whenever their machine does something unexpected, by way of example.

I wonder how much of a "push" effect this might generate in terms of Linux migration for home users? And could this make Linux more attractive financially tor businesses? Certainly getting the message out there that Linux is an easy dodge for the malware problem is worth doing.

Sheesh - that graph is going exponential.
Didn't realize the problem was multiplying so quickly.

To me, a LOT of malware comes from ignorant/inexperienced users. Most of these people use windows, click all the shiny boxes, install all the weather buddy programs, open all attachments etc etc. While linux is more secure in its nature, if all users used linux, we'd have linux malware. I, for one, like the fact that in most cases it takes some extent of aptitude to have a linux system.

I agree with woedend. Linux users today have the privilege of using great operating systems with next to zero malware to affect them. If Linux makes a break through, lots of Windows users start coming in, brining Windows practices and attitudes. I bet it would not take very long for them to figure out how to use their root accounts in Sabayon or Mandriva, or how to chmod root directories to remove an annoying permission issue. I think the security paradise of Linux is almost at an end. Here's a good example http://ubuntuforums.org/showthread.php?t=612812&highlight=never+ever

if all users used linux, we'd have linux malware.

True, but for now we've got a window of opportunity.

There's no real understanding of just how good the Linux malware situation is amongst Windows users. Most don't believe it when they hear that there's no need for antivirus software. Pointing the reality of the situation out can only make Linux seem more attractive.

Linux DOES need a bigger user base. Big problems with the system (like the lack of 3rd party drivers) can only be solved with a bigger share of the market.

You know, after years of using Ubuntu I was starting to forget what malware was...

I wonder if one of the reasons why there's really no malware for Linux is because malware developers don't target Linux due to its smaller market share. How quickly would that change with a huge influx of new users?

GNU/Linux is more secure by default, even if we are flooded with newbies the problem wouldnt be as large as it is with Windows imho. All of them cant be dumb enough to run everything as root I mean. Most of them wont even figure out what root is.

GNU/Linux is more secure by default, even if we are flooded with newbies the problem wouldnt be as large as it is with Windows imho. All of them cant be dumb enough to run everything as root I mean. Most of them wont even figure out what root is.

my sister brought a acer computer running linpus, and it was set to auto log in as root by default! not that it maters now because she didnt like it and requested that i install windows xp on it

GNU/Linux is more secure by default, even if we are flooded with newbies the problem wouldnt be as large as it is with Windows imho. All of them cant be dumb enough to run everything as root I mean. Most of them wont even figure out what root is.

Well, it's not really necessary to run everything as root to make your Linux insecure. Just consider how many daemons Ubuntu desktop runs by default. They run at start-up and has root access, and how many of us really have a clue what these daemons do? Linux as a desktop environment has lots of security holes that can be exploited, provided that somebody bothers to write malware/viruses to do it, and all it really takes is installing one program from the wrong source. Luckily, there are so few Linux-users today, that no one much bothers to consider Linux a target for their viruses.

GNU/Linux is more secure by default, even if we are flooded with newbies the problem wouldnt be as large as it is with Windows imho. All of them cant be dumb enough to run everything as root I mean. Most of them wont even figure out what root is.

You are right, they won't, but others will for them. Here's one, freshly backed -->http://ubuntuforums.org/showthread.php?t=692119

The trouble is that Windows users actually *like* getting malware. Constantly tinkering with their machines to repair them and remove malware creates a feeling of empathy, much akin to the love of a clapped out VW Beetle, which also required constant tinkering.

Tinkering with your Beetle on Saturday morning, so you can go surfing with your girlfriend in the afternoon, was The American Way (TM) for 3 happy free-wheeling decades and everybody had to drive very carefully, since many babies were caused by accident.

When a Windows user finally gets his machine to actually work right for 30 minutes, he feels glowing with empathy, so relieved and happy, that there is just no way that a boring Linux setup that Just Works (TM) can compete.

Cheers,

Herman

well, by not affecting root, per se, the actual linux OS cannot be greatly affected, but there are a ton of things one could maliciously do(aware or unaware) without root access.

desktop icons
messing with firefox
deleting home directory
infecting home directory
proliferation of infected email
capturing root password(guessing this would be possible via keystroke logger, but may be wrong)
starting with gnome
etc etc.
how many windows virii really need administrative privilege?
I wish linux would achieve about 1/4 of market share. Good enough to get recognition, but not the malware. And having worked customer support for high speed data, windows is a good first defense against some users...mean as it may sound, trust me.

how many windows virii really need administrative privilege? My guess is about 99% of them. That's why they're such a pain to remove. If all they did was infect one limited user account, all you'd have to do to remove the viruses would be to delete that user account.

As it is now, Windows malware write registry keys and .dll files all over the place, often making it easier to reinstall Windows than clean up the mess made by the malware.

In every instance in which I've seen a Windows user's computer infested with malware, there have been anti-malware (i.e., useless) programs running at the time (anti-virus, anti-spyware, anti-adware) and the administrator account used on a regular basis for everyday tasks (not just installing Windows updates or the newest version of Firefox). The number one piece of advice I'd give any Windows user is do not run as the administrative user on a regular basis.

When a Windows user finally gets his machine to actually work right for 30 minutes, he feels glowing with empathy, so relieved and happy, that there is just no way that a boring Linux setup that Just Works (TM) can compete.


I have never come across such a Linux setup, though. I think it's fair to say that I spend more off-time tweaking Linux and getting 3rd-party software to work, than I ever did removing malware from Windows (the 1st is much funnier than the last though, and doesn't size complete control of my system).

Also, most Windows-users I know are pretty competent users, who has enough sense to use anti-virus and spyscanner software. I think that the whole idea of the "blindly ignorant Windows user" is, these days, more a myth than a reality (and a myth that doesn't even exist anywhere but in Linux-land - guess it's how we make ourself seem superior to them). Before removing Windows from my system, I had certainly ran it for many years without having everything flooded by viruses.

That being said, there is a peace of mind with using Linux, in the sense that you don't have to be careful. If you want to keep Windows virus-free, you need to treat the net with cautions and be constantly distrustful of software sources. With Linux, there's no need for that - I can click every link that catches my eye and not need to worry what might happen to my system.

My guess is about 99% of them. That's why they're such a pain to remove. If all they did was infect one limited user account, all you'd have to do to remove the viruses would be to delete that user account.

As it is now, Windows malware write registry keys and .dll files all over the place, often making it easier to reinstall Windows than clean up the mess made by the malware.


This is simply not true. Sorry, your second paragraph is very true. In a way the first one is too...so i don't mean to sound brash. Many windows malware do use admin rights, but are not necessary to their functionality. A new user would most likely store all documents in /home, making them fair game. And one could compare the registry to gconf or to gnome sessions, neither of which require root access. Granted, removing them in linux would be easier, but their functionality would be about equal even without root.

Also, most Windows-users I know are pretty competent users, who has enough sense to use anti-virus and spyscanner software. I think that the whole idea of the "blindly ignorant Windows user" is, these days, more a myth than a reality (and a myth that doesn't even exist anywhere but in Linux-land - guess it's how we make ourself seem superior to them). Before removing Windows from my system, I had certainly ran it for many years without having everything flooded by viruses. Maybe that's how it is over in Denmark, but I can assure you in the US, there are plenty of blindly ignorant Windows users. I've worked with them in every job that I've had (I don't work in the tech industry, by the way; I work in schools).

Malware will only be an opportunity for Linux when it is easier to do the following than to deal with the infections
1) Install Linux
2) Learn how to use it
3) Make it do all the stuff you liked doing in MSW.

On the other hand, growth of the Linux user base will definitely be an opportunity for Linux users to attract more malware in addition to the usual spam, phishing, etc attacks which are OS independent. Gullible people are OS independent too.

This is simply not true. Sorry, your second paragraph is very true. In a way the first one is too...so i don't mean to sound brash. Many windows malware do use admin rights, but are not necessary to their functionality. A new user would most likely store all documents in /home, making them fair game. And one could compare the registry to gconf or to gnome sessions, neither of which require root access. Granted, removing them in linux would be easier, but their functionality would be about equal even without root.
The problem is that the registry behaves very much like the root configuration files of a *nix system. In other words, a default Windows setup doesn't have the same level of privilege separation that the default *nix setup usually does.

With gconf, each system user has a separate setup. The Windows registry affects all accounts, and access to it therefore is essentially equivalent to root access in a *nix system.

This is simply not true. Sorry, your second paragraph is very true. In a way the first one is too...so i don't mean to sound brash. Many windows malware do use admin rights, but are not necessary to their functionality. A new user would most likely store all documents in /home, making them fair game. And one could compare the registry to gconf or to gnome sessions, neither of which require root access. Granted, removing them in linux would be easier, but their functionality would be about equal even without root.
I'm sorry. What did I say that wasn't true? The vast majority (I'm willing to guess all) of Windows malware rely on infesting your entire system so that it's too much of a pain to clean up.

If some Linux malware were developed to corrupt your gconf-editor, then all you'd have to do to clean it up is log into another account and
sudo rm -r /home/infectedaccount/.gconf
sudo rm -r /home/infectedaccount/.gconfd My point is not that malware cannot be created for a limited account or it cannot do damage to a limited account. My point is that one of the major annoyances with Windows malware is how hard it is to get rid of--mainly because it infests system and not just user files. Running as a limited user in Windows saves you from malware, because most malware is designed to write to system files.

sorry aysiu, i didn't mean to come off as an ahole so edited it down some since quote. I didn't mean it was false, I meant that in function(ie what the virus actually DOES that is harmful) usually doesnt require admin. Its infection ability does, correct. As you state, its easier to clean up, but the malware can just the same cause similar damages...agree?

sorry aysiu, i didn't mean to come off as an ahole so edited it down some since quote. I didn't mean it was false, I meant that in function(ie what the virus actually DOES that is harmful) usually doesnt require admin. Its infection ability does, correct. As you state, its easier to clean up, but the malware can just the same cause similar damages...agree?
Definitely agree.

But I'm always good friends with the tech support people in the schools I've worked in, and as long as data is backed up, they don't really care about what happens to a user account. The real headache for them is "Is it worth me trying to clean up this malware... or should I just reinstall Windows for this user? Which will take less time?"

Maybe that's how it is over in Denmark, but I can assure you in the US, there are plenty of blindly ignorant Windows users. I've worked with them in every job that I've had (I don't work in the tech industry, by the way; I work in schools).

Oh, maybe it is a cultural thing. I can't speak for the entire Danish nation here, but in the crowds I've circulated in, anti-virus and caution is the standard agenda. Not all my friends or family are "technically" oriented at all, but it has been ages since I've seen any Window's system hooked up to the net, that didn't have anti-virus on it.

Obviously, there are still pitfalls, like downloading to many torrents from shady sites or what not. But again, Windows users here are well aware of these pitfalls, and if they do it any way, it's not because they're ignorant, it's because they're willing to run the risk.

I, for one, like the fact that in most cases it takes some extent of aptitude to have a linux system.

I think you have a very good point. I would appreciate wider support, ie. mobile phone sync, 3rd party drivers, ect... and for that we need a wider and larger user base. BUT, i don't think we need to make Linux easier to use. Having to learn how your pc and OS actually works and why bad things can happen to it is essential to keeping your system safe.

maybe posts like these;
http://ubuntuforums.org/showthread.php?t=612812
http://ubuntuforums.org/showthread.php?t=692119

indicate that maybe Ubuntu is already bordering on the line of making linux idiot friendly - thus inviting idiots. Idiots in turn go and download crud and get ticked off when crap happens to their computer and so give most of the blame to an insecure/unstable/crap OS.

A safe has never been invented that could not be cracked - and i think if you put the might of the American Marketing Dollar behind it, your linux system might not be as safe as you presume.


Security software testing organisation AV Test reported that it saw 5.49 million unique samples of malicious software in 2007 - five times more than the 972,606 it saw in 2006.

Even a fraction of that number can be problematic to the linux user base.

Maybe, just as XP had the "Whats new in XP movie" that played on the first boot up, we need something like this for Ubuntu as more and more new users are neither IT literate nor care for their ignorance, they may become a danger for them selves and the growth of linux in general? Even a pdf document written for complete noobs that at least explains the reason for the root password i think is necessary.

If you look at one of the users, idi0t, that bloke actually had to go read up on the gksu dialog, decide it sucked, gave root a password and figured out how to log root in. He may be no brain surgeon, but clearly some thought went into that action, and maybe the guy is a dolt and ignored the warnings, but i don't think that anywhere along that little journey anything shouted out "DON'T DO THIS YOU SCHMUCK!!".

I never had crap om my XP machine after I installed 4 seperate applications to protect it - I just use Linux because it's stable and it confuses the noobs in my class. ;) I just think that if you invite those noobs over to linux, uneducated, and companies start dedicating funding towards finding and targeting linux exploits to sell those noobs ******, funky cursors, granny sex, ect... we are going to have a couple of problems on our hands.

As long as linux requires a little more than common sense to run it, the common user won't run it. Is that ultimately bad thing?

The trouble is that Windows users actually *like* getting malware. Constantly tinkering with their machines to repair them and remove malware creates a feeling of empathy, much akin to the love of a clapped out VW Beetle, which also required constant tinkering.

Tinkering with your Beetle on Saturday morning, so you can go surfing with your girlfriend in the afternoon, was The American Way (TM) for 3 happy free-wheeling decades and everybody had to drive very carefully, since many babies were caused by accident.

When a Windows user finally gets his machine to actually work right for 30 minutes, he feels glowing with empathy, so relieved and happy, that there is just no way that a boring Linux setup that Just Works (TM) can compete.

Cheers,

Herman

Oh my, that's just scary, seems like you can read my mind. That's exactly what my "problem" was when I used Windows. Always running virus and spyware scans. Keeping every single program up to date, cleaning out massive amounts of junk files, the list goes on and on.

When I started using Linux I was amazed at the huge amounts of time I had to actually "use" my computer. :grin:

Oh my, that's just scary, seems like you can read my mind. That's exactly what my "problem" was when I used Windows. Always running virus and spyware scans. Keeping every single program up to date, cleaning out massive amounts of junk files, the list goes on and on.

When I started using Linux I was amazed at the huge amounts of time I had to actually "use" my computer. :grin:

Same here, though I managed to avoid infection (as far as I know). I found myself playing with all sorts of unnecessary or marginally necessary software on Ubuntu, simply to give me something to do with my computer!

On the original topic: there are distros, such as Puppy (which I play with) which run as root by default. Is there evidence that they or their users are having more trouble than, say, regular Ubuntu users? And that it's specifically caused by running as root, not something else?

On the original topic: there are distros, such as Puppy (which I play with) which run as root by default. Is there evidence that they or their users are having more trouble than, say, regular Ubuntu users? And that it's specifically caused by running as root, not something else?

Not yet I suppose, but should there be any malware for Puppy Linux, it would have been in trouble finding a Puppy machine to infect. Obviously, there is no such obstacle to overcome with Windows. I also think Ubuntu is quite safe for now, but that changes if, say, every third computer in the world runs Ubuntu.

Actually, the meantality that the OP mentioned that "if something goes wrong it's a virus" could _definitely_ work against us.
For example, what if a former MSW user switched over to Ubuntu, and had a blacklisted card?


Anyways, Add/Remove should be better promoted because it could definitely help users stay away from "shady" sites.

"I have never come across such a Linux setup, though. I think it's fair to say that I spend more off-time tweaking Linux and getting 3rd-party software to work, than I ever did removing malware from Windows"

Oh, goodness, what kind of Linux are you running? Not any of the mainstream ones I'm sure. Slackware maybe?
;)

Oh, goodness, what kind of Linux are you running? Not any of the mainstream ones I'm sure. Slackware maybe?
;)

Nah, regular Ubuntu. I'm just a big fan of the whole "tweak it 'til it breaks" ethos. Windows lack of tweaking made it impossible to break that way, though, so now that I have free hands I'm giving it all I got :)

I also think Ubuntu is quite safe for now, but that changes if, say, every third computer in the world runs Ubuntu.


This is a common fallacy.

If every third vehicle is a Volvo, do they become less reliable? If everybody drives Mac trucks, will the engines suddenly give out after 100,000 km instead of 1,000,000?

Note that Linux runs on far more computers than Windows - about 1.5 billion Linux, vs 600 million Windows. Granted, those Linux machines are mostly servers, cell-phones, telephone exchanges and routers, while the Windows machines are mostly desktops, but when last have you heard of a virus infection in a phone system?

The difference is in the design.

Cheers,

Herman

This is a common fallacy.

If every third vehicle is a Volvo, do they become less reliable? If everybody drives Mac trucks, will the engines suddenly give out after 100,000 km instead of 1,000,000?

Note that Linux runs on far more computers than Windows - about 1.5 billion Linux, vs 600 million Windows. Granted, those Linux machines are mostly servers, cell-phones, telephone exchanges and routers, while the Windows machines are mostly desktops, but when last have you heard of a virus infection in a phone system?

The difference is in the design. No, this is a common fallacy. Volvo drivers are not better or safer drivers than non-Volvo drivers, so the design of the car matters most. However, Linux users (especially those who are administering servers) tend to be more savvy about security than Windows users.

The user is what matters most, even in cars. Someone who knows to lock a car, not leave valuables in it, not exceed the speed limit, not drive aggressively, etc. is far less likely (regardless of the design of the car) to get into an accident or have the car get broken into than someone who is careless and reckless.

Same for computers and security. Having a good security design is not enough. Bring over more users, especially more ignorant users, and "secure design" means nothing:
Without education, it doesn’t matter which OS is “more secure” (http://ubuntucat.wordpress.com/2008/01/22/without-education-it-doesnt-matter-which-os-is-more-secure/)

I dont think flooding of the linux market will create new linux viruses. Apple has been around a looooong time and they are still very safe. For a linux user to get a virus you would have to manually install it and enter your password. Who on earth would do such a thing. The only way i can see this happening is if a .deb virus is made out to be some fancy new piece of software that everyone wants. I highly doubt this though, with synaptic I have not had to search the web for fancy new programs. I know I can trust the list of software that the repository has to offer. Its also just easier to do that. I think linux (especially ubuntu) is the safest OS out there.

As it is now, Windows malware write registry keys and .dll files all over the place, often making it easier to reinstall Windows than clean up the mess made by the malware.

Windows software in general writes all over the registry and puts .dll files all over the place. :)

I think the main advantage of linux is helping the tech savvy users stay malware free, while limiting the malware on the dumb users machines. Windows, so it seems, opens its arms wide open to a wide variety of junk, while linux has a closed gate, that must be opened on purpose to allow the malware in. With windows, we're battling to keep the software out, with linux, we just have to make smart decisions about what to let in.

This is a common fallacy.

If every third vehicle is a Volvo, do they become less reliable? If everybody drives Mac trucks, will the engines suddenly give out after 100,000 km instead of 1,000,000?


That parallel in thought is a little flawed. Remember that virusus are one thing, but Malware, Spyware and Adware are a deifferent monster all together.

It is illegal in the auto motive industry for BMW topay people to try and find week points in a Volvo, and then while the user is parked at the "adult shop", take a grinder to the weak spot and watch the car crash 20mins later.

In the IT industry, there are entire companies dedicated to try and find a hole in your system. All they need is motivation and money. As soon as 1 third of the world runs Ubuntu, do you really think these a$$holes are going to give up 1/3rd market share?

add in the dolt-factor:

Same for computers and security. Having a good security design is not enough. Bring over more users, especially more ignorant users, and "secure design" means nothing:
and you have an open killing field.

But - saying that, the very fact that Linux is open-source(a Volvo design) leads to a very nice couple of spin offs: Where you download 95%-100% of your software is controlled by the guys that manage your distro's Repo. You are not tempted to go find crackz and serial generators or faulty parts on dodgy sites. And then even if you do need something extra, I have never heard of something bad coming out of sourceforge or any other major OpenSource "vendors".

I think it's a little arrogant to assume that the entire pool of Windows users are a liability. Almost all current Linux users were Windows users once (and a lot still are!)

I think there are plenty of people currently using Windows who would be more than capable of running a distro like Ubuntu perfectly well. after all, it's not actually that hard. We're not superhuman!

These reasonably tech-savvy people are the ones who would probably find Linux attractive from a security point of view. And it's these people that I think we should make a bit of an effort to get the message to. Given accurate information about the state of play I think a lot of them will at least have their curiosity piqued.

I think the main advantage of linux is helping the tech savvy users stay malware free, while limiting the malware on the dumb users machines. Windows, so it seems, opens its arms wide open to a wide variety of junk, while linux has a closed gate, that must be opened on purpose to allow the malware in. With windows, we're battling to keep the software out, with linux, we just have to make smart decisions about what to let in.

I agree with this guy. To get a virus, it would have to be disguised as something entirely different and it would only be a matter of time before it is caught and destroyed.

I agree with this guy. To get a virus, it would have to be disguised as something entirely different

To be fair, that's true for Windows as well. I don't care how incompetent a user is, no one would download a virus if it wasn't disguised as something other than a virus.

I think it's a little arrogant to assume that the entire pool of Windows users are a liability. Which is why no one in this thread has said the entire pool of Windows users is a liability.

Which is why no one in this thread has said the entire pool of Windows users is a liability.

No, but the subject of numpty users does tend to take over such conversations. If Linux really was as demanding as some people make out, then these dullards wouldn't be an issue, since they simply wouldn't be able to use it. And yet we keep gaining (and keeping) more users, which makes me think that the adaptability of new users isn't a problem.

Desktop Linux is still something of a boutique OS, and thus converts are likely to be highly motivated to learn. They've chosen Linux very deliberately, and many are very keen to make it work.

I think we've got a loooooooooong way to go before we exhaust the supply of tech-savvy computer users. In fact i'd be inclined to argue that it's entirely possible that the pool of highly computer literate people is growing at a faster rate than the desktop Linux community is.

No, but the subject of numpty users does tend to take over such conversations. If Linux really was as demanding as some people make out, then these dullards wouldn't be an issue, since they simply wouldn't be able to use it. And yet we keep gaining (and keeping) more users, which makes me think that the adaptability of new users isn't a problem.

Desktop Linux is still something of a boutique OS, and thus converts are likely to be highly motivated to learn. They've chosen Linux very deliberately, and many are very keen to make it work.

I think we've got a loooooooooong way to go before we exhaust the supply of tech-savvy computer users. In fact i'd be inclined to argue that it's entirely possible that the pool of highly computer literate people is growing at a faster rate than the desktop Linux community is.
Again, I think you're arguing against a point no one is making. Or perhaps I'm not understanding the point you're trying to make.

In discussions about numbers of Linux users affecting malware proliferation, I believe people are talking about a hypothetical scenario completely different from the growth we're experiencing now. No one is saying "Oh, yeah, now that these additional Windows power users that are installing Linux themselves are adding to our numbers in the next five months, Linux is going to be the target of all these crazy trojans."

The idea is that once the masses (i.e., a larger minority than even Mac has for desktop users) start using Linux, then that group includes a large enough group of non-savvy users who will click on anything or install any "cool" program that comes at them. This is not already-savvy-Windows-power-users saying, "Hey, I've heard about this Linux and have downloaded the .ISO. What do I do now?" This would be already-not-savvy-Windows-regular-users being able to walk into a store and wonder "Should I get this Mac, Linux, or Windows computer?" When we get to that point, rest assured there will be fake "plugins" to download "in order to view a website" that will install malicious software in Linux, and all sorts of spyware-infested .deb files all over the internet.

It sort of feels as if we are drifting away from the main topic of this thread. Growing Malware cases. I would quite like to see how Linux would respond to the threat of malware against it. I do believe that Linux would see malware written for it should it ever experience a critical mass to be noticed by malware programmers.

From what I've seen in these forums we have some users coming from windows with a great deal of expertise and also some who come with very little. I'm basing that just on my experience in reading through various threads, don't ask me for hard proof of this.

Malware and virus infested windows computers that I've worked on over the years have almost exclusively been from very click happy, in-experienced users. I guess if we ever have a large pool of in-experienced users we'll get to see what happens with Ubuntu. In the short term Linux would help in the prevention of malware and virus' long term I think it would be better off than windows but I don't know how much better.