Linked by Amjith Ramanujam on Sat 19th Jul 2008 19:01 UTC, submitted by cypress
Linux Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood.
Thread beginning with comment 323761
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Wrong assumptions...
by abraxas on Sun 20th Jul 2008 13:57 UTC in reply to "Wrong assumptions..."
abraxas
Member since:
2005-07-07

first, the most serious misconception is that "root" account is somewhat more important for desktop OS than user account and that virus needs to access this root account. That is total nonsense. Reinstalling OS on the desktop is simple. Recovering deleted user data usually impossible. And virus does not need root to spread, all it needs is some form of internet connection. As long as user can display pages and sent emails, virus can spread.

I hear this argument all the time and it makes no sense. First of all reinstalling an OS is no simple task for the ordinary user (nevermind the plethora of third party apps most likely installed). Second data loss has nothing to do with viruses. Most viruses don't delete data and a simple hard drive failure is much more likely. The security of having a separate root account is to eliminate propogation of viruses and to keep system level processes secure. User level access doesn't allow you to take over an entire system and turn it into a spambot.

second, the idea that malware cannot hide in sources is flawed as well. All it needs is to put its scripts somewhere in ~/.gtk/desktop/myapps. Moreover, these scripts are platform independent - they will run on any unix and any CPU. And then can be written in dozen of languages linux distro usually supports. Moreover, mutating sources to make them hard to detect by antivirus software might be even easier than mutating binary

This is unlikely on most distributions because most software is installed from a central repository that uses some kind of hashing algorithm to ensure package reliability. An average user doesn't install from source. Source level malware would actually be a lot easier to detect. Just use grep.

Reply Parent Score: 5

RE[2]: Wrong assumptions...
by luzr on Sun 20th Jul 2008 15:06 in reply to "RE: Wrong assumptions..."
luzr Member since:
2005-11-20


I hear this argument all the time and it makes no sense. First of all reinstalling an OS is no simple task for the ordinary user (nevermind the plethora of third party apps most likely installed).


Come on. In recent Linux distros it is very simple task. My last ubuntu install took about 20 minutes and zero intervention on my side.


The security of having a separate root account is to eliminate propogation of viruses


How does separate root account eliminate the propagation of malware to another machine?

As long as user is able to use internet, malware can spread.


User level access doesn't allow you to take over an entire system and turn it into a spambot.


The problem you do not see is that you do not to take over the entire system to turn it into spambot. All you need is the ability to send emails, which is something usually allowed on user level access.


This is unlikely on most distributions because most software is installed from a central repository that uses some kind of hashing algorithm to ensure package reliability. An average user doesn't install from source.


Average user can get "security update by email from his distro vendor" and install it. This is how malware really works these days.


Source level malware would actually be a lot easier to detect. Just use grep.


What are you going to grep?

BTW, I am speaking from my experience. The only computer I ever had infected was my Fedora base house server. And it worked just like this....

Edited 2008-07-20 15:11 UTC

Reply Parent Score: 5

RE[3]: Wrong assumptions...
by abraxas on Sun 20th Jul 2008 16:37 in reply to "RE[2]: Wrong assumptions..."
abraxas Member since:
2005-07-07

Come on. In recent Linux distros it is very simple task. My last ubuntu install took about 20 minutes and zero intervention on my side.

Personally I think it is pretty easy to set up a Linux install, certainly easier than Windows but the average user thinks otherwise and won't even touch a Windows install.

How does separate root account eliminate the propagation of malware to another machine?

As long as user is able to use internet, malware can spread.


True but you aren't really talking about viruses anymore then. Without root privileges they can't infect binaries and take over the system. A separate root account alone doesn't eliminate all malware vectors but saying it doesn't help stop the spread of viruses is naive.

The problem you do not see is that you do not to take over the entire system to turn it into spambot. All you need is the ability to send emails, which is something usually allowed on user level access.

Tell me how you can change smtpd settings without being root? Tell me why you would have a smtpd server with ports open to the outside running on your desktop in the first place. Like I said before privilege separation is one piece to security but it doesn't solve everything. Opening up your machine to the outside with unneccessary services is your own fault and cannot be mitigated with simple privilege separation.

Average user can get "security update by email from his distro vendor" and install it. This is how malware really works these days.

Again I admit this can happen but there is nothing that can really mitigate this kind of attack although to really have any kind of affect you would have to have a spambot already to send these emails. It's a pretty tricky attack on Linux in the first place though considering all updates are through a central repository and packages are in different formats for different distributions.

What are you going to grep?

Antivirus software uses signatures to detect viruses. Virus writers use all kinds of techniques to circumvent detection. It's a lot harder to circumvent detection when the exploit is in plain text format.

I don't think it is difficult to see why Windows is so easily owned compared to other operating systems. The necessecity of running as administrator because of backwards compatibility makes it low hanging fruit for crackers. Just visiting a web page with a Windows XP machine can lead to the entire operating system being taken over because a single flaw in the client is turned in root access without any privilege escalation necessary. Tricking users into installing software is one thing but automated root access is something only Windows gives up so easily. A lot more user interaction is required in Linux to install and propogate malware. I will say that Vista has gotten a lot better in this regard but the fact that Vista is a dud and many people and organizations are avoiding it altogether isn't making Window's problems a thing of the past any time soon.

Reply Parent Score: 3