Is Linux Secure or Vulnerable?

Chat about Linux in general
wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Is Linux Secure or Vulnerable?

Post by wywer »

Hi all,
Ever since i have shifted to Linux, i was peppered by my old friends in the Windows world"are you feeling safe?,are you actually safe? kind of dark sarcasms!

They lowered their verbal pitch,when i told them,in so far as my PC is concerned i am safe and if anything happens it's at the server level,don't blame me since i have a configured firewall, a native ClamAV with the GUI ClamTK,updated at regular intevals and once a week scanning and explained to them the concept of "Kernel" and how to secure it with native applications!
This got me thinking -was i telling them the truth ,the whole truth and nothing but the truth?To openly confess,i have posted this new topic. Kindly give it a read!

The start was in 1996.A Blackday in Linux history pages! .To kick off,the main reasons Linux sites are breached are:A) inadequately configured security settings, B)vulnerabilities in their Internet service and C)flaws in their Web servers.For general PC users like me "A" applies! B & C are not due to my/your fault. I will have my say at the end about "Rootkits"
1996: The first recognized piece of Linux malware was Staog . It was a rudimentary virus that tried to attach itself to running executables and gain root accessThe concept of "we linux users are safe was a given rude wakeup call"!
1997: Bliss
2001: Ramen/Cheese This was a server level attack targeting web server homepages!
2002 : Slapper. It went about infecting servers via an SSL bug in Apache.
2007 : Badbunny. It was an OpenOffice macro worm that carries a sophisticated script payload.
2013 : Hand of Theif - This was a "commercially sold" Russian origin Linux Trojan creator.
2014 : Windigo. Windigo is a complex, large-scale cybercrime operation that targeted tens of thousands of Linux servers, causing them to produce spam and serve drive-by malware and redirect links. It’s still out there, according to ESET security, so admins should tread carefully.
2014 : Heartbleed.Link : http://heartbleed.com/ , http://www.linuxfoundation.org/news-med ... tbleed-bug , http://www.hak9.com/fix-heart-bleed-bug-centos-ubuntu/ - Three links and the last one explaining that the exploit affected CentOS and Ubuntu and how to fix.
2014 : Shellshock Flaw left the Linux world reeling! I quote Akamai security researcher Stephane Chazelas " well this just ain't good. This is a devastating flaw in the Unix Bash shell, leaving Linux machines, OS X machines, routers, older IoT devices,more vulnerable to attack than ever before.This allows attackers to run deep-level shell commands on your machine after exploiting the flaw, but the true danger here lies in just how old Shell Shock is—this vulnerability has apparently been lurking in the Bash shell for years"unquote.Later, it was found that the Shellshock exploit was doing the rounds 5 years before 2014! Why was 2014 so bad for us? Two reasons,A) The mobile explosion has meant that Android (which is Linux-based) is among the most attractive targets for BlackHats and B) The rapid increase in use of Linux as a server OS for and in the data centers and that's the price of popularity

Lastly, Rootkits.If a Rootkit BlackHat "creator" is smart and a Sadist to boot,the script is so good that none of us would know until it is too late!Just forget the propaganda, especially in the Windows world, various commercial rootkit detectors claiming "if no one can, we will"! I have enough experience as a"Guru" in Windows seven forums, i used to feel "helpless & worthless", when regular members wrote to me(i was considered the cyber-security in-charge and i was asked to respond first). I, remember telling them"why did you click on that dubious link, why did you open that adult site, why have you not installed "WOT",etc!All of that applies to Linux and more so! The savage fact is"the false-positive detection rate is so high that we will scrubbing our HDDs post-haste,to no purpose !! If, a rootkit is "really" found, i can assure you that it's what we call KIDDIE ROOTKIT,that fella wants some recognition!.Sorry for the long post, but if the Admin. and Mods.,feel it should rather be a"tutorial" than a warning "new topic :wink: ,there is no copyright as i am a true Linuxian and anyone can create one and post it! As an ego-maniac would say in many forums-don't PM me, don't waste my time, i am busier than the President,i beg to differ-if he/she had no time to help others, why is/was he in the forum in the first place?Peace.
Warm regards,
wywerjet :(
PS: A few tips would not be out of place.1)Secure the Web browser.Firefox,Waterfox are the best out there and have the all important security add-ons to install.That's the first wall to breach!
2) Be blunt. Tell your friends, "i will not open any attachments sent via email by you"That precaution has served me well! If the attachment is really vital,it's your call!
3) IF you unexpectedly get "re-directed",the browser is compromised.
4) Just installing a Firewall is plain useless, configure it!
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

User avatar
kukamuumuka
Level 16
Level 16
Posts: 6586
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Is Linux Secure or Vulnerable?

Post by kukamuumuka »

You need to install Common Sense .. :lol:
Attachments
The best AV program
The best AV program

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

administrollaattori wrote:You need to install Common Sense .. :lol:

I fully agree :lol: ! I did not mention it,because it already was a long one and why don't you(i mean it), convert this into a tutorial sort of thing! No copyright,sir!Peace.
regards--wywerjet
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

wywerjet wrote:
administrollaattori wrote:You need to install Common Sense .. :lol:

I fully agree :lol: ! I did not mention it,because it already was a long one and why don't you(i mean it), convert this into a tutorial sort of thing! No copyright,sir!Peace.
regards--wywerjet
Hey,wait! That's adware you are showing! Shall i report :lol: ?Peace!
regards,
wywerjet :wink:
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

User avatar
M Wood
Level 3
Level 3
Posts: 116
Joined: Tue Dec 23, 2014 11:46 pm

Re: Is Linux Secure or Vulnerable?

Post by M Wood »

wywerjet, you bring up some valid points.

I've never tried to give anyone the impression that Linux is perfectly secure. Usually, the conversation is about its security relative to Windows. In that case, yes, Linux wins.

There are a couple of ways to look at this. For the computer-illiterate user, Linux is more secure, out of the box. This type of user will click popups, open unexpected attachments, etc. They will have a Windows box loaded with malware within a week. I do not have this problem with my Linux users.

At the other end of the scale, the guru user will probably never get an infection on a Windows box. But he'll still need to be more vigilant than he would with Linux.

As to when vulnerabilities do happen, it seems that the OSS community is able to react faster -- partly because the source is open, and therefore vulnerabilities get quickly patched and pushed out, and partly because there are more eyes on the Linux code base than MS has employees.

Also, as you point out, don't count on your OS for 100% of your security. Everyone needs a firewall -- a real one; a separate piece of hardware -- not the bit of software that comes in their OS, or the built-in software in a DSL modem. It's not enough. Nowadays, you need to be looking at UTM (Unified Threat Management) and SPI (Stateful Packet Inspection). There are little boxes from the likes of Netgear, D-Link, etc. Or, if you have a spare old PC with two NICs laying around, you can install any of a number of free Linux-based firewall distros, such as Endian.

When you get your firewall, learn how to configure it, or with the simpler ones, set the security as high as you can without interfering with your work.

We can head off 99% of vulnerabilities with a well-configured firewall.


All that said, back to the point -- I'll take Linux for security any day. It's not perfect, but I have vastly more power over it. 8)
Desktop: MSI 970A-G43 | AMD FX-8350 | 16GB | GT 740 + triple head | SSD + 3TB ZFS raidz1 | Mint 17.1 Cinnamon x64

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

Dear M Wood,
Thanks for the fine post :) ! I have a sonicwall NSA5xx in place,so that takes care of the hardware firewall.As you said the OSS community is more alert,except when Shellshock hit us,as it was compromising systems 5 years before it was discovered! You were right about Linux winning hands down compared to Win.. I happened to read a signature of one member here"Windows says i am intelligent,but Linux demands proof"(excellent,imo)!
regards--Wywerjet
PS: I once got blown away,despite my best practices in Windows :( ! Way back,i was presented a DVD edition of Harrison's Text Book of Medicine(?15th edition)in a sealed pack and when i inserted it into the Win.XP Desktop,PC went "kaboom"! Many fellow doctors too were affected similarly!Only later we found out that these were expertly R&W and printed from an original DVD using a compromised computer.
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

Linus MacWinfrey
Level 2
Level 2
Posts: 88
Joined: Tue Sep 02, 2014 2:49 pm

Re: Is Linux Secure or Vulnerable?

Post by Linus MacWinfrey »

M Wood wrote:At the other end of the scale, the guru user will probably never get an infection on a Windows box. But he'll still need to be more vigilant than he would with Linux.
I could be that Windows guru you are referring to. A tad optimistic, perhaps, but I do get your point. my point is that there most likely is not a single Windows box out there (connected, networked) that does NOT have some infection or the other on it. The only reason why the box is reported as clean is because no ant-malware can ever identify all threats/infections. "Having HIV does not make you negative just because a thermometer and a blood glucose meter did not pick up the AIDS in your body."

And aspirin will help neither.

As for Linux: at user level and I emphasize: at user level: Not even Mac comes close to being as secure as Linux. There are scares that do more than ruffle feathers, like the latest Grinch. And it turned out to be a non-issue; scaremongering by a dubious journalist. When I write such drivel, I get moderated or, as happened on Christmas, I get thrown off a forum forever. When a journo writes it, he gets paid well and experts comment for three years and fill 575 pages of yet more drivel. Bias?


Now, Linux security will see you scan your devices with ClamAV, a little tool that was quite good years ago. As of late, it performed pathetically in lab tests and I only have it on my Linux box because I know how to install it. I really don't need any of the Linux anti-malware packages that fall in tow categories: the inefficient and the crashware. Neither really offer real benefits BUT we are at at user level, remember?

Harden the browser and configure GUFW, have a good router and that is about as much as you can do at at user level.


I have also updated myself with that box of software I found on this link and shamelessly pirated it. Every bit of added Common Sense won't harm anyone!


Last night, my family and I drove through the better suburbs of my city with its 4 million dwellers. We came across a serious accident scene and also counted well over twenty vehicles sans headlights, well after dark. Since Apartheid was ended, we started having blackouts and that somehow seems to affect motorists as well. Twenty or more per hour, perfectly obscured and well after sunset, this is how many vehicles you will count on our roads. Perhaps we need to fix that kind of bug before we worry about (virtually) non-existent computer evilware. Perhaps Mr Darwin's plagiarized theories now get disproved by the rather obvious devolution of mankind.

We, as contemplatives, should be worrying about real issues that affect our existence instead of expending our energies fighting phantoms, myths and legends cast by the holographic minds we have. Been there, done that. Tried each and every anti-malware trick and secured my Petra, my Qiana and my Rebecca to the point of non-functionality. All I earned myself was less time with my family, the need to take more enalapril and mental exhaustion. Oh, did I mention the many false positives?

Linux severs may have been compromised for years but, when compared to the world of Windows, less damage was done to the global community ever since Linux came into existence than Windows manage to achieve on any chosen day of the year.
Mint 17.1 Rebecca with Cinnamon tastes nga!

User avatar
M Wood
Level 3
Level 3
Posts: 116
Joined: Tue Dec 23, 2014 11:46 pm

Re: Is Linux Secure or Vulnerable?

Post by M Wood »

wywerjet wrote:except when Shellshock hit us,as it was compromising systems 5 years before it was discovered!
Much ado about nothing, as far as I'm concerned.

First, any machine that's not a server should, out of the box, have been immune behind a firewall.

On web servers, even though the Bash vulnerability was there, it could only compromise a system if the rest of the system wasn't properly configured, and if it were running quite old code (CGI/PHP/etc) that long ago was known to be insecure. Web devs who care about security left PHP behind years ago, generally. Second, it was failure on the part of web developers to sanitize input.

So... Shellshock, nasty as it sounds, didn't affect anyone who was paying attention. Any sysadmin worth his salt will keep up to date with software, technology, and patches. That's also true of Windows admins, of course.

And one more point: if any vulnerability escapes attention for 5 years, it's probably not doing much harm... anything that affects important systems will be noticed very quickly.
Desktop: MSI 970A-G43 | AMD FX-8350 | 16GB | GT 740 + triple head | SSD + 3TB ZFS raidz1 | Mint 17.1 Cinnamon x64

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

Dear Linus & M Wood,
Hi there! 1) Clam AV is awarded a lower grade,but at user level may suffice with all the precautions afore discussed! We have a Linux BitDefender Scanner for Linux which comes as a Deb. package. How can one update a pirated AV(CommonSense) is the question uppermost :? !

2) Securing the "Web Browser" is vital :!: along with all the "hardening" we talked about! The reason ,among many,as to why the OS browser FF is still shining is because of it's security add-ons(yes, i will unravel the mystique of NoScript later)!

3) Shellshock got a lot of attention,simply because it affected the average Linux users too and alerted us that we are not immune,after all!That was possibly the motive behind it all!

4)What percentage of Linuxians have stopped using Google and shifted their preference to safer ones like duckduckgo?Therein,lies the rub! Thanks,to both of you,for the really analytical,educative and (thanks to Linus :wink: ) fun filled posts!
regards -- Wywerjet
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

Linus MacWinfrey
Level 2
Level 2
Posts: 88
Joined: Tue Sep 02, 2014 2:49 pm

Re: Is Linux Secure or Vulnerable?

Post by Linus MacWinfrey »

wywerjet wrote:Dear Linus & M Wood,
Hi there! 1) Clam AV is awarded a lower grade,but at user level may suffice with all the precautions afore discussed! We have a Linux BitDefender Scanner for Linux which comes as a Deb. package. How can one update a pirated AV(CommonSense) is the question uppermost :? !

2) Securing the "Web Browser" is vital :!: along with all the "hardening" we talked about! The reason ,among many,as to why the OS browser FF is still shining is because of it's security add-ons(yes, i will unravel the mystique of NoScript later)!

3) Shellshock got a lot of attention,simply because it affected the average Linux users too and alerted us that we are not immune,after all!That was possibly the motive behind it all!

4)What percentage of Linuxians have stopped using Google and shifted their preference to safer ones like duckduckgo?Therein,lies the rub! Thanks,to both of you,for the really analytical,educative and (thanks to Linus :wink: ) fun filled posts!
regards -- Wywerjet
Hi Wywerjet & M Wood - and all the welcome ghosties reading here as well :wink:

I have tried Bitdefender, AVG, Avast!, Comodo and Eset's NOD32 on Linux. All were quirky, some hogged the system down and all reported false positives. Then they crashed or just became unresponsive on their GUI's while apparently still working on the background. All round, a horrid bunch of (anti-)malware that only gave me satisfaction when they were deleted. Shellshock was not discovered by any of these and it also existed nicely for five years without having been discovered by any of these.

Never did any good Linux user claim to be immune, just to have been much, much safer than either Mac or Windows. I place on record that the very worst infections on any computer I had ever seen, was on a Mac in my household. The hapless little Mac was infected no less than 41 times, requiring formatting and clean install. Similar to Linux, the AV suites were 100% ineffective when it came to removing the infections.

These infections are distributed repeatedly by a large client of his, someone in the Audiovisual entertainment industry. The client visits sites where poor young ladies are displayed to solicit donations from viewers as they apparently are so indigent that they cannot afford a single thread of clothing. There are rude people who infect these hapless naked paupers with virii that also infect Mac. Mac seems to have a strong metabolism but his immune system somehow welcomes this one particular malware in. Choices we make in choosing our friends can sometimes go viral.

ClamAV is worse than any malware as it will scare the average user into uninstalling wireless, sound, USB & other drivers due to false positives.
https://forum.videolan.org/viewtopic.php?f=14&t=120193
http://www.linuxquestions.org/questions ... 175503902/
http://forums.linuxmint.com/viewtopic.p ... 89#p962589

Google I do need as my own domain was taken down locally because I said something my democratically elected atheist communist Marxist govt and their damnocratic opposition disapproved of. I don't mind the NSA but the threat is local. My data is much safer with Google where my account is encrypted, I have 2-step verification and my phone and computer are so booby-trapped by access control, that they would find it easier to hack into solid rock and retrieve data from there. The servers are replicated globally yet far out of the reaches of my local govt. If the NSA read my posts, they may even send military help to my country so I don't mind them hacking me. Locals wanting to strip my assets and counting my chickens before grabbing my land......that's a different story and I don't see how NoScript is going to benefit me.

ClamAV pointed a stern finger at Rebecca for having dragged in falseware into my system and she recommended putting almost all my hardware peripheral drivers into quarantine. maybe Clam should be sent into solitary confinement in a typical British concentration camp as were used in my country just over a century ago. Clam won't escape from that and most like not scare the kids any more.

Firefox and security......I reserve my opinion but I have to say that Chrome, by design, is much, much safer and this is well documented, go do some research on the Internet and you will see why this is. This comes from some of the top five cyber security experts on this globe. Because we interact with Google users, that company does have much of our activities on record, regardless.

We all send and receive emails, regardless of ISP, that are open and unencrypted. We share secrets on open postcards that won't even yellow over time. We can only encrypt securely when our mates can be convinced to also use encryption. This far, all except me have used encryption, in my circle of friends. An occasional acquaintance sends mail via Salusafe and text via Telegram.

FF and NoScript I call the Ridiculous Twins because they will end up having your system so sabotaged that nothing works. One has to learn through experience and then set NS accordingly, same as Scriptsafe on Chrome. The average user simply does not know what to block and what to allow. Unlike FF, Chrome runs every process sandboxed in its own VM and it cannot crosstalk to infect thy neighbour. FF is slow and cannot multithread, so processing is a serial killer of CPU power and RAM. Jurassic.

DuckDuckgo has been known for forever and a day and I dragged it across the Windows and Mac continents for very long and it was my trusted ally for years on Linux as well, until I discovered startpage.com and its https sibling suffering from acute amnesia, called ixquick.com.

Neither the NSA :idea: , Mossad, KGB, ISIL, North Korea, FBI, DEA, DIA. CIA, NI, KGB or Burger King :idea: :idea: could benefit from tracking my browsing. If they did, their staff would become neurotic and bored to insanity as there is nothing worth hiding in the first place. As I am a tad less wealthy than Gates or Buffet, chances of damage done to my bank account is minimal. In fact, out of compassion, they might even send me a few dollars! But it has to be via Western Union as I do not have banking details stored anywhere in Tomboy even, let alone banking online. That friendly blonde down at the branch is too attractive to ignore, so I go there and be charmed instead of letting my hand pet a USB rodent to woo a website.

Where does this take me? I must rely on NS & Scriptsafe as these are the two socially incompatible, a-social introverts that get the silent sabotage trantrums unless they get locked out of the room. Give them a chance to particpiate in fornicating with the www, they start throwing spanners into the works. As I have said, the average user does not know what to allow and what to block.

WOT, Ghostery, Dr Web, AdGuard AdBlocker & WebfilterPRO are more compliant and these are the ones I personally pay most attention to.

Then there is Common Sense. I ONLY need to visit Mint Forums, nothing else. So I have trimmed my WANTS down to safe(r) surfing to a few news and wikipedia, the latter done on my Android phone because my cellular provider allows me free access there.

Nobody NEEDS to watch those poor, unclad girls. Send them clothes and leave them alone. It is rude to stare. :mrgreen:

[On this note, dearest friends, I am signing off and wishing you a wonderful Saturday. In some cultures it is a day of rest whereas in others, out come paint, lawnmowers and ladders, :roll: prompting some to take a bags of sticks 'n balls, fleeing of to vast prairies, waterholes, sand dunes and woody forests to flee from demanding wifery. :lol: ]
Mint 17.1 Rebecca with Cinnamon tastes nga!

1.618
Level 5
Level 5
Posts: 588
Joined: Fri Jun 06, 2014 9:22 am
Location: Surfing a multidimensional wave of celestial intent
Contact:

Re: Is Linux Secure or Vulnerable?

Post by 1.618 »

Nobody NEEDS to watch those poor, unclad girls. Send them clothes and leave them alone. It is rude to stare. :mrgreen:
Carrot for the donkey..... carrot for the donkey


On the subject of pc hacking, it's now the 21st century, hacking and viral infections are so last century...'1980's and mathew broderrick playing war games' why oh why when humanity is in such a state can't these obviously highly intelligent people put their efforts and energy into something creative that benefits the WHOLE of humanity instead of getting off on how much misery and discoradance they bring to society with their antics?

Linus MacWinfrey
Level 2
Level 2
Posts: 88
Joined: Tue Sep 02, 2014 2:49 pm

Re: Is Linux Secure or Vulnerable?

Post by Linus MacWinfrey »

My son's 41 times infected Mac deserves attention here. His system has been infected more times by one single virus type than there are virii for Mac in total. Bitdefender could identify but not remove, ClamAV never even saw what was transpiring. It was much worse than any Windows or MS-DOS infection I had ever seen.

Malware has a source and also a means to communicate. Just do not communicate with the forms of life that allow malware to communicate. If we don't do sneaky networking and if we do not get lured by carrots for donkeys (thanks for the excellent analogy, Wywerjet) we will most likely never even get any serious malware infection into Windows. I minded the gap in the days of Windows and never experienced any malicious infection other than Melissa. I cut her short minutes after she had infected my Windows. I don't hang out with bad, dubious or questionable people in life and I therefore limit social issues in the real world to the bare minimum. The few friends I have are top quality people with solid character.


If one handles your computer in the same way, you will be very safe regardless of which OS you are using. Linux just works better than any of the others I had tried and it is safer by design, yet I cannot say it is better than mac or Windows. It is lightning fast, light, lithe and free - so why should I bother with stuff that aren't?

And that is my point, entirely.
Mint 17.1 Rebecca with Cinnamon tastes nga!

User avatar
M Wood
Level 3
Level 3
Posts: 116
Joined: Tue Dec 23, 2014 11:46 pm

Re: Is Linux Secure or Vulnerable?

Post by M Wood »

Oops... double posted.
Last edited by M Wood on Sat Dec 27, 2014 5:09 pm, edited 1 time in total.
Desktop: MSI 970A-G43 | AMD FX-8350 | 16GB | GT 740 + triple head | SSD + 3TB ZFS raidz1 | Mint 17.1 Cinnamon x64

User avatar
M Wood
Level 3
Level 3
Posts: 116
Joined: Tue Dec 23, 2014 11:46 pm

Re: Is Linux Secure or Vulnerable?

Post by M Wood »

MacWinfrey, you are a wonderful writer! :D
Linus MacWinfrey wrote: I have tried Bitdefender, AVG, Avast!, Comodo and Eset's NOD32 on Linux. All were quirky, some hogged the system down and all reported false positives. Then they crashed or just became unresponsive on their GUI's while apparently still working on the background. All round, a horrid bunch of (anti-)malware that only gave me satisfaction when they were deleted.
So-called "anti-virus" software has been the bane of my IT existence for many years. I have NEVER installed one on my own computer, EVER. Even when I did use Windows, back in the day. I never needed one. I refer to friends, family, and paying customers for whom I've pulled much hair out in the process of desktop support.

By far, Norton is the worst of them, followed closely by McAfee. How these companies are still in business baffles me. They are worse than any imaginable virus for how much computing resources they suck up. So the very first thing I would do for a slow, clogged Windoze system was to remove the AV software. (I tried to clean up the problems with the AV software before that -- that's NEVER worked. Waste of time.)

But folks would insist on having AV. So I put them on the least intrusive freeware one I could find at a given time. For a while, it was AVG, then Avast!, but each in turn grew into a bloated "freemium" monster. At this point, it's Microsoft Security Essentials -- who should know better how to protect Windows than MS? -- and for the time being, it's minding its manners.

Several years ago, I spent several hours cleaning up a friend's Windows box, including removing the Norton virus. I told him to never install that, or any commercial AV product, ever again, or I'd charge him for all future support. The next time he came to me with a problem, he had the Norton AND the McAfee viruses! What? Apparently someone told him to install both... in case one of them missed something...! You're on your own now, I said... you ignore my advice at your peril.

The reality is, AV software is a triumph of marketing over substance, Dilbert-style. It really can only protect the truly incompetent, and only part of the time. 99.8% of all computer infections are avoided by having a good firewall in your home, and not visiting the overseas pr0n sites. Another 0.1% is not opening untrusted email attachments.

In my years in the field, I have seen many Windows boxen with viruses. All of them had AV software, functioning as designed. That is a 100% effective failure rate! The reason is simple: AV relies on finding infections after they've occurred. They do not close attack vectors, or override a user's incompetence.

I grew weary at some point of fixing computers for friends and family -- the people you can't charge. (I'll happily charge obscene hourly rates to other people for supporting Windows, however!) Friends and family are all getting introduced to Mint or Ubuntu, depending on whether they're more comfortable with a Windows or Mac-like type of interface. Out of dozens of people I've done this for, I've had one support call -- Ubuntu's bug reporting tool was acting up (it shouldn't have been on). No viruses. No malware.

So, assuming equal levels of user competence, Linux without AV is safer than Windows with AV. I have many years, and many customers' experiences, behind that statement. You may all take my word for it. :lol:
Desktop: MSI 970A-G43 | AMD FX-8350 | 16GB | GT 740 + triple head | SSD + 3TB ZFS raidz1 | Mint 17.1 Cinnamon x64

Linus MacWinfrey
Level 2
Level 2
Posts: 88
Joined: Tue Sep 02, 2014 2:49 pm

Re: Is Linux Secure or Vulnerable?

Post by Linus MacWinfrey »

M Wood wrote:
So, assuming equal levels of user competence, Linux without AV is safer than Windows with AV. I have many years, and many customers' experiences, behind that statement. You may all take my word for it. :lol:
M Wood, thanks for the complement. On anti-malware, we are on the same page. Interestingly, some of the first "widespread" infections were on Apple II systems. It is argued that 1 out of 5 Macs are infected with malware presently, but that is a position held by Sophos's NakedSecurity folks.

"Freemium." What a lovely term! :mrgreen:
Mint 17.1 Rebecca with Cinnamon tastes nga!

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

Hi friends,
The common adage is "out of chaos comes order"!What is less known is a phenomenon called"order in chaos"!

1) Linux appeals to people who have provided proof of intelligence to "Linux", as is evident in this thread!These are birds whose feathers are too bright and wings too powerful that they broke the Windows and flew right out !They differ-that's chaos,but differ from the rest of the pack consistently-that's order!
2) There is the (so-called) Fourth law of Thermodynamics also known as Murphy's law which states " "If anything can go wrong, it will "! This one law can succintly describe why we differ so regularly,still respecting each others opinion and yet furrowing his/her own lonely path!
3) Dr. John Stapp, a U.S. Air Force colonel and Flight Surgeon detailed in a four part article published in 2003 (Annals of Improbable Research (AIR) titled: Why Everything You Know About Murphy's Law is Wrong,proving the point that we Linuxians will never fear to pelt stones at thrones! What else is there to say except that planet Earth revolves around the Star Sun at a speed of 1,00,000 miles per hour and we don't even feel a whiff! My thanks to all the "vibrant"guys in this thread.Peace.
regards--wywerjet
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

User avatar
caf4926
Level 7
Level 7
Posts: 1875
Joined: Mon Mar 22, 2010 3:21 pm
Location: UK Lake District

Re: Is Linux Secure or Vulnerable?

Post by caf4926 »

Most routers already provide a hardware firewall that is far better and basically makes redundant a software firewall.
Linux Mint 19.3 Cinnamon

Linus MacWinfrey
Level 2
Level 2
Posts: 88
Joined: Tue Sep 02, 2014 2:49 pm

Re: Is Linux Secure or Vulnerable?

Post by Linus MacWinfrey »

caf4926 wrote:Most routers already provide a hardware firewall that is far better and basically makes redundant a software firewall.
Kudo's to you, caf4926, for your spot-on wisdom here.

Once again, the superior intellect of the Linuxian shines through, as so correctly termed by the cyber sage Wywerjet.

I tested my computer's firewall with the basic Shields-up and found that it had passed every test with flying colours, but then remembered it was my router being tested, no my notebook. The most excellent test results gave credence to the very cheap Huawei USB-tethered phone, running Android (Linux) that had cost US$89 and that had replaced the idiotic iPhone 5 that had cost 11 times that much and that could not do half the little flimsy plastic Y300 could!

The firewall test results were just another token of the Huawei's superiority in yet another area. My Android 4.1.1 Jelly Bean is non-rooted and I won't change that. Although not a single Android virus exists, I do have a security suite installed to protect against malware that can enter by virtue of updates to once-clean free apps, that could exploit permissions given by the user.

Android, being an ARM port of x86 Linux (as I understand it) runs every programme sandboxed into its own virtual machine and, therefore, no anti-malware can access programs that are running. It can only scan & detect apps while being installed and also the static code but never the running programme. If Linux also works like this, it is clear why it is so safe!

Furthermore, Linux runs in RAM in read-only mode and any possible infection should be wiped upon reboot anyhow. Even if I have this wrong, it is miles ahead of Windows. I was thrown off another forum because I said that Linux is an OS for smart, savvy and progressive people, not for apathetic reactionary types.

It is freely available to all but in reality only suited to just over 1% of global computer user base, at it requires acceptance and faith, just like a parallel belief system rejected by most. It is no fault of the program but rather the unbelief of the user that makes it unwanted.

Some still insist to pass through the hell of gates, after all!
Mint 17.1 Rebecca with Cinnamon tastes nga!

wywer
Level 3
Level 3
Posts: 151
Joined: Fri Sep 19, 2014 8:10 pm
Location: Nix

Re: Is Linux Secure or Vulnerable?

Post by wywer »

caf4926 wrote:Most routers already provide a hardware firewall that is far better and basically makes redundant a software firewall.
Dear caf4926,
I will give my take on the two firewalls with the proviso--network, a router is a firewall,but it sits between the PC and the internet,thus giving protection from the "www"! A software firewall is located between the PC and the network and protects the PC from any incoming malware within the network plus the internet. On the surface this may appear peculiar,but that's the defiing difference between these Two!Peace and best wishes,
warm regards--Wywerjet
LM MATE 64 bit Rebecca
ASUS X550LC NoteBook
MoBo ASUSTek
Bios American Megatrends Ver:X550LC.303
Dual core Intel Core i5-4200U
Graphics Intel Haswell-ULT Integrated
X.org 1.15.1
Audio Intel Lynx HD + Intel Haswell HD
Sound ALSA
HDD 750.2GB

User avatar
JohnBobSmith
Level 4
Level 4
Posts: 338
Joined: Wed Nov 06, 2013 5:42 pm
Location: Canada

Re: Is Linux Secure or Vulnerable?

Post by JohnBobSmith »

This is an interesting topic for me. I'm not a security guru nor do I even know much about networking/hacking/security/etc along those lines, but heres my 2 cents...

Long post, so heres a short version:
Basically, the web browser, certain online games/services (that probably wont run on Linux anyways), and the user himself (or his friends) are the top 3 reasons for getting an infection on any system in my opinion. I feel like the security of an OS depends less on the OS itself and more on other things.

Long version:
Let me break the above statement about web browsers, games/services/ and the user down...

The web browser..,
-First, the web browser is most vulnerable because it is probably the single most commonly used piece of software on any desktop PC. This makes it a high priority target
-Second, it is network facing (or at the very least, has networking capabilities) and as such makes it a much easier target than brute forcing a firewall.
-Third, web browsers can run code (javascript mostly) that can be used for exploits. Without malicious code being run, you dont really have malware, but a MITM attack or something different than malware.
-Fourth, you can get a lot of information from a user by his browsing habbits and history. This makes social engineering much easier.
-Fifth, the user requires minimal interaction. Connecting to a server that has malicious javascript is enough to (potentially) get hacked. If you dont have noScript, the javascript will, in most cases, run automatically. And you will not know the difference until its too late.
-Sixth, web browsers are cross platform (firefox) and as such, one snippet of code can, in theory, be run on multiple OS's.

Certain online games and services...
This may not be as applicable to Linux, but certain online games and services are a common point of infection. Some games or services can be viruses themselves, and once installed, can wreak havock on ones system. Or, some online games and services require open ports, and if one has UPnP enabled, the ports will automatically open (I think thats how UPnP works). So, if an attacker knows your IP address, and that you play this game/use this service regularly, and he assumes you have UPnP enabled, he just got an almost free ticket into your PC. Services in this context are things like skype, ventrillo, teamviewer, and stuff like that.

The user himself...
This is another big reason as to why infections occur. The user is responsible for everything he does. So, if the user connects to a website, but it needs The1337VirusPlugin v2.0 to be installed, and he installed it... Well, your browser is now hijacked. But, the user had to actually install it. If the user said no, this should have, in most cases, avoided a browser hijack. Same goes for installing software. Linux has dedicated repositories full of all the latest greatest software one could possibly need. Downloading random junk off the internet is a good way to get a broken PC in a hurry. Another common point of attack on the user is social engineering. Things like scams are most common here. Scams can take form in seemingly inocent ways, like this one: Someone you know posts on facebook that they have cancer, shows you a picture of a bald head, and asks for donations. Even though you don't know the person really well, you feel awful and donate $100 (or more, in worse case scenarios). Later, your geeky friend discovers that it was a scam, and that you lost your money. Now this can for sure be legitimate too, but in our example it was a scam. A really, really obvious scam for us using Linux is this one: "Hello, we have discovered that your Microsoft Windows computer has a problem. We will fix the problem for you at no charge. Please hold..." These call centers are a very common way to get scammed. My parents almost fell for it once...

So, to directly address the question of "Is Linux Secure or Vulnerable?", the answer is this: It depends less on the OS and more on other factors. For instance, Windows is a much higher target because it has the biggest market share of any OS by far. And, since more users are using Windows, more people are attacking it. Windows OS is not bad in its own self (mostly...) However, because more people are attacking Windows, more flaws have been found and exploited. If Linux was the dominant OS, I'm sure we'd have found way more flaws with Linux and as such Linux would now be considered bad. Thankfully not the case for us Linux users though.

Another big factor of OS security is indeed the user himself. I mentioned how the user can be attacked. However, theres more. A competent user, without even being a network admin or working in IT, will do what he can at the basic level to stop intrusion. This is 95% of the time enough to stop an infection from happening. This competent user will have a firewall running at some level in the network, avoid suspicious websites and downloads, and be moderately weary of online advertising and potential scams. He will also avoid using the administrator (root) account, and use different, strong passwords for every website, application, and important encrypted folders/file he has.

Final thoughts to the question is this: I strongly feel that the OS security is more dependant on other factors than the OS itself, one of which is the user.

By the way, should you ever get a call from any call center/scammer guys, and he asks what OS you use, tell him you use Gentoo Linux or some other hardcore *nix and record the reaction. :lol:

Peace and best wishes for the holidays and new years,
JohnBobSmith
Image
If you want to change the world, start by changing yourself.
Success is often 1% inspiration and 99% perspiration.
You get one shot at life, so live to the maximum, not the minimum.

Post Reply

Return to “Chat about Linux”