The Simpleton 2 Report post Posted November 15, 2009 Linux is almost virus-proof Linux won't get viruses 99% of the time These are some of the dialogues that I use while suggesting someone to use Linux. I've heard others use them too. No one ever says Linux is completely virus-proof, because there are some threats existing for Linux too. But I never bothered to think what they were. I'm preparing for an exam right now and coincidentally the subject is UNIX, and just as I was reading about the security features, I began to wonder, what are the threats that exist for Linux? Could someone please give some examples regarding this? Share this post Link to post Share on other sites
Baniboy 3 Report post Posted November 15, 2009 Sure there are threats for Linux.There are viruses and worms for Linux too, but no widespread ones. Read this: https://en.wikipedia.org/wiki/Linux_malware Share this post Link to post Share on other sites
mahesh2k 0 Report post Posted November 15, 2009 There are some viruses written for linux as well. I think the saying of "whichever operating system dominates the world gets virus is true. Besides companies like norton are not sitting still as they want to keep in business. So they'll surely create something with which they can create business model on linux OS. Script kiddies on linux are famous and they do cause some damage. There are some anti-virus software written for linux as well. But better security is when you don't login as root and only use root to do stuff that requires admin privileges. To some extent ubuntu and other debian based OS avoid login from root. If you want to know more about linux viruses then linuxquestions.org is good place to ask for top 5 viruses in linux. Share this post Link to post Share on other sites
rvalkass 5 Report post Posted November 15, 2009 Windows has tens of thousands of widespread viruses, trojans, etc. Mac and Linux have a few hundred known pieces of malware, and most of those stay within laboratory test - nothing really affects Mac and Linux on a worldwide scale in the same way Windows gets affected. Linux developers are also generally much faster at developing fixes to any security problems, a process that can take months with Microsoft. Also, how many people use XP with an Administrator account rather than a Limited one? On most Linux distributions you need to specifically switch to root or give special permission for a program to do anything major or possibly damaging. On Windows that was such a hindrance to everyday use that people were forced to use Administrator accounts as their usual accounts. The problem was worse in Vista with UAC, and has supposedly improved with Windows 7. Share this post Link to post Share on other sites
rob86 2 Report post Posted November 15, 2009 Don't forget the benefits of the file system Linux uses. It requires very little, possibly no defragging whereas Windows needs a LOT of defragging. If you don't know how file systems work, read up about it, it's interesting. Just another thing about linux that rocks! Share this post Link to post Share on other sites
truefusion 3 Report post Posted November 15, 2009 Here is a built-in, self-inflicting command found in Linux: CONSOLE sudo rm -rf / Of course, the "virus" in this case would merely be the user running this command.I think the GNU website had a "tutorial" on how to install malware, but i can't remember. The web page, i think, was trying to argue that Linux isn't completely safe, nor that open-source programs are inherently safe. Generally, you can only harm your own files. Protecting the system is only really beneficial to servers, as losing the server is not the same as losing a few user files. But for desktop users, losing your personal files will always be more of a problem than losing system files.It requires very little, possibly no defragging whereas Windows needs a LOT of defragging.It should be noted that what they mean by "little to no defragging" is merely concerning performance. In Windows you defrag for performance mostly. But in Linux you don't need to defrag for performance. Share this post Link to post Share on other sites
rpgsearcherz 5 Report post Posted November 15, 2009 Wouldn't it be possible to easily write viruses in Java that work on both systems though? Based on my early Java programming learning it was stated that the best feature of the Java language is that it's the same on every operating system because it translates directly into machine code. Would this not mean that a Java virus written for Windows would also run the same on the Linux platform? Share this post Link to post Share on other sites
The Simpleton 2 Report post Posted November 16, 2009 All this discussion is very interesting and only strengthens the fact that unless the user is really careless, there's no real chance of getting attacked/infected, unlike on Windows where a smart cracker can overtake a system even if the user is very cautious... Share this post Link to post Share on other sites
rpgsearcherz 5 Report post Posted November 16, 2009 That's true to a point. There are many "hidden" ways to get viruses out though.There was a USB drive (1 GB) a while back that was recalled because when it was plugged into your PC it launched a virus automatically that would crash your PC and corrupt drivers and stuff. Someone got the virus onto the firmware before production started. Share this post Link to post Share on other sites
truefusion 3 Report post Posted November 16, 2009 Wouldn't it be possible to easily write viruses in Java that work on both systems though? Based on my early Java programming learning it was stated that the best feature of the Java language is that it's the same on every operating system because it translates directly into machine code. Would this not mean that a Java virus written for Windows would also run the same on the Linux platform?Java doesn't compile to machine code (if it did, i would have probably never considered C++). The chances of getting your Java program to run on a random computer are slim. The reason why Java can "compile once, run everywhere" is because Java is cross-platform—it was designed to work on multiple platforms, and therefore is available for multiple platforms. The program will run if executed if you have Java installed on the machine it is being executed in. Otherwise, no, it will not run. For a Windows program, since all basic Windows installations are the same, and because of the backwards compatibility that Microsoft tries to attain, if you build your program to use nothing more than what is provided in Windows, you wouldn't need to recompile your program or have the user install anything extra. However, this is only concerning dynamically-linked programs. A statically-linked program should be able to run on without anything extra being installed; albeit, statically linking your program may increase the file size of the program to an undesirable size. Share this post Link to post Share on other sites
rpgsearcherz 5 Report post Posted November 16, 2009 Java doesn't compile to machine code (if it did, i would have probably never considered C++). The chances of getting your Java program to run on a random computer are slim. The reason why Java can "compile once, run everywhere" is because Java is cross-platformit was designed to work on multiple platforms, and therefore is available for multiple platforms. The program will run if executed if you have Java installed on the machine it is being executed in. Otherwise, no, it will not run. For a Windows program, since all basic Windows installations are the same, and because of the backwards compatibility that Microsoft tries to attain, if you build your program to use nothing more than what is provided in Windows, you wouldn't need to recompile your program or have the user install anything extra. However, this is only concerning dynamically-linked programs. A statically-linked program should be able to run on without anything extra being installed; albeit, statically linking your program may increase the file size of the program to an undesirable size. I see what you mean now. So by cross platform it means it requires the Java platform to be installed but you are able to install Java on a broad range of mediums, not that the program itself is run on a broad range. Share this post Link to post Share on other sites
rvalkass 5 Report post Posted November 16, 2009 On a related topic. if you really want to get your favourite malware running under Linux then you can use WINE and it will run http://forums.xisto.com/no_longer_exists/http://forums.xisto.com/no_longer_exists/However, remember that in Linux and WINE it will only affect the WINE setup, and it can easily be stopped by killing the WINE process. They're generally not that easy to stop in Windows. You also have to go to the effort of specifically downloading the virus, running it through WINE and making it run, rather than the 'drive-by' attacks that work on Windows. Again, it requires huge user intervention and a desire to actually run the virus Share this post Link to post Share on other sites
The Simpleton 2 Report post Posted November 16, 2009 On a related topic. if you really want to get your favourite malware running under Linux then you can use WINE and it will run tongue.gifhttp://forums.xisto.com/no_longer_exists/http://forums.xisto.com/no_longer_exists/However, remember that in Linux and WINE it will only affect the WINE setup, and it can easily be stopped by killing the WINE process. They're generally not that easy to stop in Windows. You also have to go to the effort of specifically downloading the virus, running it through WINE and making it run, rather than the 'drive-by' attacks that work on Windows. Again, it requires huge user intervention and a desire to actually run the virus tongue.gifLol that's very interesting - I think I will try it for "research purposes" Share this post Link to post Share on other sites