[JVincent08]

I was talking to my grandfather online a few minutes ago. He has been using computers for the past 40 years and is the one who introduced me to Linux, and he said something that completely shocked me: "the more ppl that use linux, the worse the world will get"
O.o
We debated for an hour. His argument was that if Windows had 20% of the market share and Linux had 80% all the worms, viruses, etc would be targeted at Linux. I asked him if that means he's against encouraging more people to use Linux, and he said yes. We debated some more and I finally asked him why he convinced me to switch. His reply? "If I were a fisherman, I might tell you where the fish are biting, but I wouldn't tell everyone I met."

Somehow this never occurred to me. Are there other people out there who love Linux yet discourage spreading the word?

[ls354]

I find it difficult to recommend Linux to somebody who knows nothing related to IT, they ask too many questions. It's not Linux fault just people who don't care to do some research.

Regarding your question Linux is built on security, some of the most common flaws found on Windows would have a hard time in Linux. However the more users the more interesting it becomes to crackers.

The operating system is not the only target, think about applications they have vulnerabilities too. I made some research a couple of months ago about high profile break ins on Windows and most of the time it was some critical application that was responsible.

Too many variables to come up with one conclusion.

[SagaciousKJB]

Well, the problem I forsee with GNU and Linux being open source is that, as more and more malicious intent focuses in on Linux, the contributors that do a good job to address all of this simply wont be able to keep up. In the mean time, while they are well intentioned in making everything open source, they're basically providing a catalog of possible exploits and weaknesses to anyone paying attention. This arguably adds strength, because then well-intentioned Linux users can openly scrutinize the same vulerabilityes, and they will never be exploited before they were patched. This is often what happens now, but in an environment where there are far more users, and far more attacks, I'm not exactly sure that it will fare that well.

Linux has a lot of personality security measures, and in fact there are a good amount of malicious attacks out there that have been nipped in the bud by good security practices and the contributors of GNU/Linux keeping a sharp eye on them. The majority of virus software will not run on Linux even if it is developed for it given the strict permission systems involved, and even if it managed to run, it probably wouldn't do much damage given those same permissions. rootkits are a real threat that might be a serious problem should Linux's popularity increase, but even now there are pretty good means to protect oneself against those.


One of my biggest fears is that if it became as popular was Windows how well the open source principle would hold up. I think after a while, the developers that contribute code to it now may not be enthused to do so. Even more dismaying to think of, what if Linus Torvalds himself decided that Linux would no longer be licensed under the GPL. Sure, the current contributors could continue developing the current kernel and maybe make a branch, but if the Linux brand was a house-hold name, then wouldn't that basically just create another obscure offspring of the *nix family. I don't know how likely that is to really happen, but it would really suck.

[MikeTbob]

Quote:

Originally Posted by SagaciousKJB

Well, the problem I forsee with GNU and Linux being open source is that, as more and more malicious intent focuses in on Linux, the contributors that do a good job to address all of this simply wont be able to keep up. In the mean time, while they are well intentioned in making everything open source, they're basically providing a catalog of possible exploits and weaknesses to anyone paying attention. This arguably adds strength, because then well-intentioned Linux users can openly scrutinize the same vulerabilityes, and they will never be exploited before they were patched. This is often what happens now, but in an environment where there are far more users, and far more attacks, I'm not exactly sure that it will fare that well.

Linux has a lot of personality security measures, and in fact there are a good amount of malicious attacks out there that have been nipped in the bud by good security practices and the contributors of GNU/Linux keeping a sharp eye on them. The majority of virus software will not run on Linux even if it is developed for it given the strict permission systems involved, and even if it managed to run, it probably wouldn't do much damage given those same permissions. rootkits are a real threat that might be a serious problem should Linux's popularity increase, but even now there are pretty good means to protect oneself against those.


One of my biggest fears is that if it became as popular was Windows how well the open source principle would hold up. I think after a while, the developers that contribute code to it now may not be enthused to do so. Even more dismaying to think of, what if Linus Torvalds himself decided that Linux would no longer be licensed under the GPL. Sure, the current contributors could continue developing the current kernel and maybe make a branch, but if the Linux brand was a house-hold name, then wouldn't that basically just create another obscure offspring of the *nix family. I don't know how likely that is to really happen, but it would really suck.

I agree that Linux is far more superior as far as security measures go, plus I can run 3 or 4 different security programs in Linux with less memory/CPU than only running one anti-virus program on Windows. I'd have to do something *really* dumb (running root) to cause as much Damage to a Linux system compared to Windows. Even if you wrote a Virus specifically for Linux, you'd have to convince me to run it as root for it to do any real damage, and that's just not gonna happen in this lifetime.

I don't think we need to worry about Torvalds disrupting the Linux community, I'm inclined to believe he is in a very happy place in relations to Linux. I think I would be anyhow.

[elija]

It's a strange thing. People keep saying that a Linux virus
would have to be run as root to do any real damage.

I beg to differ.

I do agree that it would be harder to be zombied as spam
or porn server, but as to the damage consider this...

What is more valuable, the system and software which
can easily be reloaded or your data?

Would the virus need to run as root to delete your data?

Now. Go and do a backup!

[bigtomrodney]

I agree elija that with all of the identity theft and fraud we see online these days that personal data is worth more...but we are still in a situation where someone would have to explicitly execute the code or grant it permission to be executable. There is still the factor that human intervention is required.

[SagaciousKJB]

Quote:

Originally Posted by elija

It's a strange thing. People keep saying that a Linux virus
would have to be run as root to do any real damage.

I beg to differ.

I do agree that it would be harder to be zombied as spam
or porn server, but as to the damage consider this...

What is more valuable, the system and software which
can easily be reloaded or your data?

Would the virus need to run as root to delete your data?

Now. Go and do a backup!

Well, I think that's a good example of how some of the best features of Linux to protect against things like that goes wrong when users don't really adopt good practices to protect against it. For example, if you have a lot of data that you need to be sure isn't at risk, then chown it to root, and make a group you have permissions to that cannot write to it so you don't damage it without needing root access, deny all global permissions, and sticky it so that it's not deleted.

Aside from this, your umask is very important as well, if you create files that other users have access to it doesn't really help too much. Aside from this, whether the files you save are executable by default makes a pretty good difference too.

I don't think that a lot of systems really implement the permission systems by default in ways that are geared toward protecting against malicious attacks, and that's kind of what I was speaking of. The developers of the Linux kernel itself have done a good job at making sure that these vulnerabilities can be addressed, but specific distributions, and sometimes users themselves, fail to properly use these functions.


The biggest problem is that there are not a lot of malicious attacks geared toward Linux. I think that there are a lot of possible exploits, but given the type that generally use Linux and the earnest attempts of developers, these possible exploits typically don't make much headway. However, the first time someone hacks into a Ubuntu repository, replaces a Linux kernel with their own custom write, and then changes the checksum, who knows how many people could be effected by that. I think that truly malicious programs and scripts will have a much tougher time in a well tuned Linux environment, though. After all, you have the choice to use the tools available in Linux to protect your personal data and the system data, you just have to use them.

To answer your question, on my system, yes, the virus would need to run as root to delete most of my data. Sure I leave some cruft around that I don't typically care about that's still owned by me, but I usually change the ownership of everything important I have to root, and give myself only read and execute permissions, and sticky the file to prevent it from being deleted.

I understand not everyone is going to think about that, and I think that's also part of the problem. I mean, it would be extremely easy to go to Ubuntu forums, find some newbie with a problem, and say, "Okay, it's simple, do this:

Code:

sudo find /home/ -type f | while read file; do dd if=/dev/null of="$file"; done

" and if even if they did have good permissions set, the fact that they would be suckered into using sudo would defeat it. Theoretically, every file on their data would be overwritten by /dev/null. Not a nice thing to do at all, but I've seen it. In the same way, there could be way more sophisticated scripts that work in much more subtle ways than this that are in "trusted" sources.

People often praise open source as being the key to Linux's security, but how many people actually read the source for their programs, and know every single thing that they do? In one respect, with so much beta software that is trusted simply under the guise of being open source and for Linux, there could be malicious code in "trusted" programs.

However, there are things like SELinux. I don't know a terrible amount about it, but I know it does solve many problems with the exploitation of root.

[elija]

SagaciousKJB, I suspect that you are in a minority with the security measures
you take with your data, certainly doing that had never even occurred to me.
I'll have to look into it and see if it more trouble than it is worth.

bigtomrodney, I have recently downloaded and installed software from the
internet on Ubuntu (and it's derivatives) which was executable by default. Until
I read the post above, I didn't even know I could change this... I will have to
go and Google umask and see what I find out.

Remember though that the kind of person who the Linux community needs
to attract if it is to become a truly mainstream operating system is the kind
of person who opens an email from a complete stranger just because it says
"I love you" in the subject line.

The security measure that can protect these people from themselves probably
doesn't exist and they are allowed to drive cars!

Sleep well

[fingal]

I think many OSes are only as good as their end users.

[SagaciousKJB]

Quote:

Originally Posted by elija

SagaciousKJB, I suspect that you are in a minority with the security measures
you take with your data, certainly doing that had never even occurred to me.
I'll have to look into it and see if it more trouble than it is worth.

Changing the ownership to root is a little meddlesome if you don't add write permissions for the group. A lot of programs like FireFox won't function correctly otherwise, so it does get kind of bothersome after a while actually. Although, a simple fix would be to just fix the permissions to .firefox in your home directory, or only applying these permissions to special files. I do it to my whole home directory and just run trusted programs with root.