Replies

Question to those that know from someone that does not know.

I often hear that Linux does not have a virus problem

Is this because Linux is not wide spread enough for virus writers to bother with, or is there a built in protection from viruses?

I often hear that Linux does not have a virus problem Is this because Linux is not wide spread enough for virus writers to bother with, or is there a built in protection from viruses?

At a fundamental level, the operating system is more secure because of the way it handles access rights and privileges. That said, there are still vectors of attack open, but they generally require more work and the assistance (conscious or not) of someone with access to the "root" password (or other user account elevated to system-wide admin rights).

There are elements of both situations in the answer to your question.

The biggest obstacle to virus writers, though, is it's structure and built in security. The smallest variable is the popularity of it. Linux actually runs on more (and more important) machines than Windows does. It's just the desktop where the "market share" is lower.

The straight forward answer to both questions is yes.

It’s less of a target because there are fewer units out there (that the world knows about ... places like google’s search engines are entirely Linux based, i.e. likely a million instances right there.)

It also has design features that make it less of a target. It is derived from a model that was inherently more secure than where Windows came from historically. It doesn’t have a central registry. It’s email clients, and browsers don’t execute codes that can typically get root access. (It can be done -but we’re back to the top paragraph, fewer people bother.) Note - root access means GOD mode - you can mess up anything of choice as root.

So you don’t find virus protection utilities, etc. being necessary for Linux.

I’ve had a couple of systems “rooted” over the 17+ years I’ve been using Linux. This was on systems that were 24/7 and had typical uptimes measured in years. They were rooted because they were older distributions that over time got hacked, and people found my boxes. So the simplest way to stay protected is to upgrade your OS environment about once a year. Usually this is painless under Suse or Ubuntu. This tends to keep in front of the idiots that do aim for Linux based systems. Following this simple expedient I haven’t had troubles for 8-9 years.

The old addage of Linux/Unix being more secure from the ground up isn't really true as it once was. Microsoft has worked diligently to improve security to the point where while each has it's strengths and weaknesses, neither is significantly more secure. Conversely, Linux distributions have been suffering from the same bloat that they used to mock Windows about, and the more crap you have on your computer, the more likely it is that you will have software with a vulnerability in it.

Obviously more malware writers tend to target the biggest pool of users. However, a lot of malware is delivered by fooling users into running software on their own systems and giving it permission to run.

While Linux is attracting more users that are less technically knowledgeable, the biggest pool of security oblivious users is by far still on Windows.

Even well designed security doesn't help if the malware writer can confuse the user into thinking that they are installing an important patch from a trusted source.