Linked by David Adams on Tue 22nd Jun 2010 16:14 UTC, submitted by sjvn
Privacy, Security, Encryption A Computerworld editorial takes note of some interesting changes Dell made to the Linux page we linked to last week. They watered down some of their pro-Linux claims, but not as far as you might think.
Permalink for comment 431174
To read all comments associated with this story, please click here.
RE[3]: From the article ...
by lemur2 on Wed 23rd Jun 2010 05:56 UTC in reply to "RE[2]: From the article ..."
lemur2
Member since:
2007-02-17

"And even if they were...? Linux still has far fewer pieces of malware written for it than Windows ever did.
Well, Linux doesn't have that much malware written for it for the EXACT reason that these kinds of users largely don't exist on the Linux platform. Why write malware for dumb users to install, if dumb users aren't using the platform? By and large, dumb users don't run servers, so the popularity of Linux as a server platform is irrelevant when comparing how much malware exists for Linux vs Windows. I have little doubt that if Linux / Windows had an equal amount of dumb users behind the wheel and an equal amount of malware written for them, there'd probably still be more exploits on Windows, but Linux wouldn't exactly be immune either. "

Depends on what you mean by a "Linux platform". Linux is dominant in embedded system (e.g. TVs, media players), in mobile devices (e.g. phones, tablets), on many types of server (e.g. NAS, web server, mail server), on netwrok infrastructure devices and on supuercomputers. Linux does not however have a significant presence on desktops (although the exact installed base of Linux here is very difficult to determine). In any event, many of the machines on which Linux does run are high-value targets. For example, Google runs a million Linux servers, and Linux runs the London Stock Exchange.

Yet there exists very little malware which targets Linux, despite the high value of many of the target machines.

So ... how to eveluate? Perhaps the best method is to do a rough "risk assessment" type of approach. Factor in the diversity of Linux systems (versus the monoculture of Windows), the relative scarcity of desktop Linux, the relative difficulty of targetting Linux, the relative lack of threats against Linux compared to the superabundance of threats against Windows, the normal practice on Linux of running as a restricted users, the security of the repository/package manager system of software distribution vs the Windows practice of downloading & installing unsigned binary packages, execute permissions within the filesystem, no media autorun, SELinux, etc, etc ...

A rough estimate could perhaps be calculated that the system of an ordinary user on the Internet running Windows in typical usage patterns would perhaps be 10 million times (10^7) more likely to get a malware infection than the same user running Linux.

Something like that.

Reply Parent Score: -1