How is Linux not prone to viruses, malware and those kinds of things?

security linux malware

Solution 1:

Well, it factually is not... it's just less subject to hackers developing viruses that target Linux systems. Consumer grade computers usually run on Windows and thus, when targeting a wide audience, Windows is the way to go.

Don't misunderstand Linux and viruses, there definitely ARE Linux viruses.

Some distros have additional protection layers such as SELinux (See here) in Ubuntu for example. Then there's the default firewall and the fact that alien files don't automatically have permission to be executed. Specific execution permission has to be granted before execution is possible. (See here)

Then there are several other factors that make Linux a hard place to be for viruses usually non-root users on linux systems have no to little executable files at their disposal that would allow for viruses to stay undetected and propagate. Some programs just require you to be logged in as root (or by use of sudo) before they run or to access/modify directories other than your home. It's just a lot harder to develop a viable virus that would spread as well as it would in Windows.

UPDATE:

As mentioned below, most machines that run Linux are either servers that are run by people who know a thing or two about what they're doing. People that run Linux for desktop use usually choose to and also do know what they're doing. Almost all computer illiterate run Windows and therefore it's much easier to get those computers infected. "Hey, this machine tells me that I have I virus and I have to purchase this Anti-Virus program called 'FAKETrojanHunter' to get rid of it... Okay, let's do it!"

Because no Linux distribution/installation is equal per se, it's harder to develop malware that would infect them all as efficiently as possible. Furthermore, almost all software run on Linux is Open Source, making malware much more easily detectable since its source is open to the public.

Solution 2:

One of the reasons are user privileges.

GNU/Linux systems are Unix-like systems and that means that they are built to be multi-user systems from ground up. That means that there is a strong separation of responsibilities among users. As a result, a normal user cannot actually damage the system because he doesn't have needed privileges. While there are limited accounts now available on Windows systems too, on GNU/Linux systems it is naturally expected from user to use a limited account for day today use and keep root account only for changing settings (some distributions by default won't even allow users to log as root because there are other safer mechanisms to use root account to modify settings).

On the other hand many Windows users were brought up in Windows 9x era or that era made a big influence on them. Back then only user account was administrator and everything was allowed to that user. Even today on Windows systems which are descended from multi-user Windows NT, it is often required (or at least expected) for user to use account with administrative privileges and use of limited accounts is pretty low among home users.

Solution 3:

One advantage that Linux has over Windows is that in order for file to be executable, you have to specifically set its permissions.

This means that the double extension trick (eg "brittany_spears_naked.jpg.exe") won't work because the user will need to make it executable before it'll infect them - and hopefully they'll think its odd that a picture needs to be executable.

Solution 4:

Linux is protected, but not invulnerable.

Contrasting Linux/Unix with Windows at a high level, from a security standpoint:

  • The Linux kernel (where system permissions are examined and enforced) is much smaller than the Windows equivalent. Smaller means simpler; simpler means easier to examine, with fewer unexpected system interactions. "Smaller" and "simpler" are good things in security analysis. The Windows kernel keeps growing at a high rate.

  • Linux users tend to run at lower permission levels than Windows, making it more difficult to affect the entire system.

  • Linux started with a simple, flexible, security model. Windows started with requirements for backwards compatibility with systems that had no security model.

  • Linux has always had functions (e.g, chroot(2)) to ease the tasks of security conscious programmers.

None of this makes Linux invulnerable to malware. It does mean that attacking a properly configured Linux host is even more difficult than attacking a properly configured Windows host.

Solution 5:

The answer to your question depends on what you consider a "virus".

If you use the correct definition of a virus--that is to say, code which modifies an existing executable--then the reason why Linux is not virus-prone is because it isn't a viable mechanism for spreading malicous code on Linux. The reason is that Linux executables are rarely transferred directly from one computer to another. Instead, programs are transferred using package-management software or by distributing source code. The fact that most Linux software is available for free from the source means that people have almost no intensive at all to copy programs from one computer to another.

If by "virus" you mean "worm" -- a program that replicates itself across the Internet, then Linux is not at all immune from that attack. In fact, the original Internet worm, the "Morris Worm", replicated using Sendmail, a program that still comes pre-installed on many Linux systems. Nearly all successful attacks against Linux machines target vulnerable Internet-facing applications, such as a mail server or a web application.

Finally, if you're referring to malicious code in general -- usually a "Trojan Horse", then what protects Linux is primarily the culture. Linux is a seldom-used operating system, which already limits its value as a target. But when you add to that the fact that Linux users are often exceptionally savvy and security conscious, it lowers the likelihood of a successful attack even further. If, for example, your attack plan relies on convincing a user to download and run a program to infect himself, you're dramatically less likely to convince your average Linux user to do so than your average Windows user. Therefore, malware authors when picking a platform to target, go with the obviously more fruitful target.

Related

How to stop animated gifs in Google Chrome?
How to use X11 forwarding with PuTTY
How to copy-paste files to Hyper-V VMs
Getting the bundle identifier of an OS X application in a shell script
Disable auto-refresh tabs in Chrome Desktop
Keeping local windows folder in sync with remote ftp folder in real time [closed]
Can Mozilla Thunderbird show sent replies in threaded view?
How to get back a declined Outlook invitation
What's the difference between stereo and hands free?
What is the default username and password for SonarQube?
How do I tell what syntax file is being used?
How can I clean up my MacPorts installation?