nomko wrote: . . .The reason for it is not that hackers don't see money in it. The reason for it the more secure rights management system of Linux. . . .
If that were indeed the case, then Mac OSX would also be more secure by design. But, Mac is almost always the first to fall to the hackers. Why is this? The winning hackers and competitors have told us quite clearly - there is more money in the real world for hacking exploits that break into Windows - so they don't even use their best Windows exploits, according to them. The Mac exploits get more prestige and name recognition. They also win money from the contest. However, the amount of prize money ~$10K as I recall (update, 15K in 2012), is less than what their best Windows exploits will earn them in the real world (~$50K or more, according to them). Look up pwn2own.
Hiero2 wrote: For this reason I highly encourage anyone I have influence with to use programs like no-script for FF. Chrome has a similar program. A properly patched system is also pretty important - but at the annual breakage fests, the hackers still always manage to get in!
nomko wrote: . . .Best to do is keep your system up-to-dated! Any add-on for Firefox sounds good, but it only protects Firefox and not your whole system! Add-on's such as no-script aren't firewalls or anti-malware or ant-virus tools. Keep that in mind.
We agree that keeping the system up-to-date is important.
But, forbidding scripts protects the whole system. Rights are gained by exploiting vulnerabilities in software. No password needed. Then malware is installed, and bingo, you're a bot. Using scripts are often how malware gains admittance to these higher security levels. They don't need your password with all the exploits available. Follow something like the CERTStation newsletter (http://www.certstation.com/#tma-tab)
, and you'll see. Check out the exploits from pwn2own that have been released. People get in through the browser. Up-to-date patches are only one aspect of good security.
And, you might like to think linux is invulnerable, but it is not. There isn't any money in breaking it - we are still too small a percentage of the computer population to bother with. Denying this does not change that linux is not unbreakable. The fact that the design makes it inherently more secure does not mean as much as people would like it to. Again, if it were the design of rights and passwords, Macs would be the last to fall, not the first.
As for existing examples, check wikipedia - if I recall, they have some linux viruses listed. But, again, viruses are NOT the primary threat today. Malware is, and malware gets in through email and browsers.
The second lesson from Pwn2Own is that the browser is the new Achilles heel of security regardless of the hardware or software platform.