Are Linux and it's variants "Malware Proof"?

Discussion in 'other security issues & news' started by Mr. Y, Dec 31, 2007.

Thread Status:
Not open for further replies.
  1. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    Am thinking of switching over to Linux
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    What do you mean as "malware proof"? Nothing is malware-proof, but there are code and philosophies which are more secure and robust than others.
     
  3. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    632
    tell me about it :) i just recently discovered this thread while searching for something totally different (talk about luck). post #6 by sukarof links to an incredible page that shows you how to set up a limited user account (i knew how to do that :D) BUT it also shows you how to set up SRP (i didn't know this existed in my version of WINXP). apparently you can combine limited user account with software restriction policy and the results are incredible. it took me (who has never touched SRP) all of 45 seconds to set up the LUA with SRP. this is almost like having windows in linux mode! :)
     
  4. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    I know Linux and its structure pretty well and it is very secure in that structure....but I tend to view it as Windows (XP in particular) being a real big target and Linux as a real small target. Coders are a very talented lot and should they ever turn their attention toward Linux I can't help but feel we'll be a lot less secure.

    Later...
     
  5. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    :blink: hmm... the way i see it (frm a user's point of view) with regards to the main topic, were these-

    Linux (any variants), DOES NOT allow the notion that any 'modifications, add/delete/install' that touches the core (even its fringes) system should be allow FULL access without informing the operator real-time. Nonetheless, a verification via 'pwd'. That's one major substantiative difference in comparison with Windows prior to its Vista. And since Linux+variants were borned out of users' communities. This particular 'security-conciousness' evidentially EXIST throughout every Linux distros (whether running on terminal or GUI modes).

    Linux Communities help build its current distro varieties with further major concern for plain-jane users... make it EZ - via inclusions of every possible drivers needed (including restricted OEMs), but users' got its options still. Hence a new-installer does NOT NEED to "worry (with possible exception of a few, & mostly advance rig designs) about having his/her drivers-CD available or not. That's why newbies were pleasantly surprised (again with exception of a minor few) when they just did their 1st time Linux-install.

    Linux up till now, thus still was considered pretty 'exotic' (until being tried out), hence few 'pranks' were being targetted on it. As its user population grows to a considerable mass, there maybe a leap on 'critical-attacks' against Linux-based systems! But IMO... it shall never 'surpass' what Windows perenially had experienced. maybe a small fractions of Window's percentage! Why?? Coz the programming language it was base on, is not as simple as what a VBS or winScripts was... the learning curve on Linux (as a programming tool) was more steep than most "script-Kids" can handle.

    "Linux = Malware Proofed" is very much a wrong notion. Nothing is 'malware-proofed' in the digital realm! Things that can be modified, re-engineered, reverse-engineered... can therefore be 'victimized'. Again IMO, Linux and its various variants were build on a hugh communties of users' contribution. And in this perspective, LINUX was several steps ahead in being "well-secured" than Windows, or even Mac. And that's the KEY in spreading the mantra that Linux is More Secure than its Redmond creation.
     
    Last edited: Jan 1, 2008
  6. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    Btw, 'Infecting' Linux users by designing a malware and set it out in the wild? As a programmer of the 'old' school generations, i don't buy this logic at all, unless you got motive of 'hatred' with you.

    Foremost among them was - We Linux users got this distro FREE of charge... 'Libre'. It seems to be handed to users on a 'silver platter' without the worry of buying other options for additional bolt-ons. Right?

    Then why 'maim or kill' a Golden Goose when it was given (including updates & widgets) to you Libre? You benefitted from it, got joy from it and also helps advance your knowledge of the WWW, see?

    In every cultures of the world, we are NEVER raised to treat someone who gave you somethiing (much less something that's free) as enemy.. or even thinking of 'whacking' them when they had their back turned. Right??

    But we are always taught to be 'Gratefull', give something back to the communties which gave something to you Free. Ain't that the American Way? Ain't that what the Freedom mantra of USA always had in essence? And same does it goes with other cultures, be it Muslims, Buddhists, Zens & Hindus.

    Therefore IMO, there shall always be hubristic cowardly bozos and criminals who will try to sent 'mischief' against the Linux world users. But never as serious as Redmond got on its hand ever since.
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    clambermatic,

    I've never used Linux. Would you be so helpful as to give a brief rundown on the differences between Linux and Windows XP LUA?

    Thanks.
     
  8. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  9. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
  10. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
  11. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    My personal experiences and those of the people I've setup a LUA for have been positive so far, and to be honest that's all that matters as far as I'm concerned.

    Not to mention there's always a "Run as" option. And if Linux is really that restrictive towards malware activities as its proponents claim, then I have no problems imagining it faces the same problems as Windows' LUA as well.

    Once you've tried LUA, the claims of MS-bashers that Windows is insecure just seem childish at best.
     
  12. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    That´s not M$ fault, that´s bad design/coding from the application developer, a so called LUA bug, and therefore the developers should be blamed for this. But there´s a workaround for this where you can permit full user access for each problematic program file/folder and reg. keys by using Filemon and Regmon for tracing these.

    /C.
     
  13. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    I've got new's for you .... I'm not here to argue this bs, and could care less an individual's choice of os. It was posted as an fyi to bring awareness, nothing more. Work with what you're happy to work with and let the card's fall where they may.

    GF
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,693
    Hello,
    Nothing can save you from intentional harm.
    But by default, Linux is far far more secure. Besides, there is no reason whatsoever for you to encounter any malware - even if such were to be easily found.
    Mrk
     
  15. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    By default, yes, but as soon as you create an user account with restricted rights and also applies software restriction policies, then IMO I don´t see any differences regarding security.

    /C.
     
  16. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,693
    Hello,

    Don't forget:

    Stability
    Tweakability
    Beauty
    Price

    Mrk
     
  17. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    When it comes to those features that you mention, I totally agree. Especially regarding stability there´s no competition and therefore I´m using Solaris as a server OS.

    /C.
     
  18. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,510
    Location:
    USA - Back in a real State in time for a real Pres
    Selfishly I say don't use Linux. You won't like it. ;)
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,719
    Location:
    Texas
    One off topic post removed. Just a reminder to discuss the software all you want but leave opinions of each other off the forums.
     
  20. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Linux's LUA is a bit more robust than Windows' LUA and also add the fact that operating in LUA is standard in the Unix world, but it took more than a decade for Microsoft to adopt LUA as the default mode of operation.
    suDown tries to bring the Linux LUA experience to Windows systems.
     
  21. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257

    Thanks for the post- Just finished implementing it!
     
  22. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I had problems installing suDown about a month ago- I think they solved the problems by removing some of the later versions and releasing the one that had a good track record.

    How does it compare to a LUA?
     
    Last edited: Jan 1, 2008
  23. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I checked out your link and I will follow your advice of trying out different Linux flavors on VM's
     
  24. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Just a general comment, if you're looking for freedom from malware concerns, I don't think it really gets much better than running Linux... for all practical purposes, you can kiss that stuff goodbye... I suppose it's possible to set Win up in a secure manner too, but I'd have to rate Linux best in that regard, as malware is simply not a concern.
     
  25. clambermatic

    clambermatic Registered Member

    Joined:
    Oct 10, 2007
    Posts:
    216
    With respect to " solCroft's " previous request below and the benefits of everyone's discussion posted within and...

    "LUA" (aka: Least User Access) - Let's make it plain jane and comprehensible under laymen's (or Linux nebies' ) term.

    When talking about LUA, then it is specifically pointing to a unitary system's 'SECURITIES'. And in operating systems, that concerns the OS in which he/she was currently using at this moment. As the original poster of this topic we're on with had come to the basic discussions that delves into LUA, here is a plain jane (albeit not fully authoritative, but generally considered 'referencial' enough [sans OS bashings] ) posted references, for a start...

    a)
    http://en.wikipedia.org/wiki/Comparison_of_Windows_and_Linux#Security
    (note: Pls scroll down to page's Content, highlight/click #10-Security which itself has 2 subheadings. Read it, and... )

    b)
    http://www.theregister.co.uk/2005/07/11/longhorn_security/
    (note: microSoft's 'Longhorn' (aka: Vista), it's gravitation with concern on system security. Submitted in summer of 2005 by G. Clarke from MN-USA)


    c)... then another (bit more technical, concerning 'command shells' ) reference;

    http://en.wikipedia.org/wiki/Comparison_of_computer_shells
    (note: Tabulated comparisons of 'shells' between winSys/Posix & some major prog-lingos)


    d) And lastly, an independent extrapolations between 2 dominant OS in our computing realm

    http://www.theregister.co.uk/security/security_report_windows_vs_linux/#myth1
    (note: Penned by N. Petreley, dated 2004. Roughly a year after Ubuntu came into being)

    So... happy reading, folks ;)
     
Loading...
Thread Status:
Not open for further replies.