Linux viruses: are you immune?
Many times you’ve probably heard this: “Linux is secure”, “Linux can’t be infected by viruses” and phrases like that, but are they really true? Are there Linux viruses? Or is it really impenetrable?
Viruses and Linux
Many people, including myself will tell you that Linux is secure and that you won’t need an antivirus, and many will say “Linux has no viruses”, but is that really true? Let me tell you the truth: Linux viruses exist, however they’re not as common or as dangerous as their Windows cousins. You can find two lists here and here to take a quick look at the possible menaces. So how come they say Linux is secure? Well, Linux is secure but that’s not because there are no viruses, but because you’re less likely to encounter and get infected by them. Also, Linux has got a great control over privileges and file permissions.
Viruses and software
On Windows the typical software installation involves:
- searching on the Internet
- downloading files from a site
- installing the software.
This is BAD. Inexperienced users may download files from the wrong site mistaking it for their software. Even if they manage to download the file they need, the setup process may trick them in installing annoying software like toolbars. On top of that, pirated software has higher chances of containing malicious software. This kind of software usually requires administration privileges, essentially forcing the user to trust the pirated software to get results. It’s meaningless to say that this is extremely dangerous. Windows uses UAC (User Account Control) to limit administration privileges, however this system is considered by many users annoying and usually get turned off during the first 10 minutes of life of a fresh install. This also enables malicious email attachments to be run without control. All threats described can be alleviated by the use of an antivirus, this however is a third-party software that require resources and has essentially control over all your data and may spy on you effortlessly.
On Linux, software can be installed through trusted repositories by a package manager. Many programs are already inside the repositories and don’t require the user to step out of the operating system to be found. Pirated software isn’t necessary on Linux and thus all the risks associated with it are voided. Linux is built around the concept of privilege: users are not administrators by default, and each time they are required to become one authentication is needed. Also, Linux has much less market share in the desktop scene than Windows, and so less viruses are present. To add more, Window viruses won’t work on Linux since they are specific to Windows (except if you use something like Wine or Mono).
Avoiding Linux threats
Although Linux is more secure than Windows, there are several ways that can affect your computer if you aren’t well-informed:
- Outdated software: Just like in Windows, updates are meant to enhance and to fix security issues. Always keep your system up-to-date in order to avoid threats.
- Ubuntu’s PPA: Personal Package Archives are really useful in many cases and can contain nifty useful stuffs. However this useful tool isn’t as secure as normal repositories and can potentially harm your operating system. PPAs are mostly harmless in most cases, they however require you to trust the developer, and that’s for a reason.
- External Repositories: Repositories are the reasons Linux based operating systems (with repositories) are more secure, but allowing the installation from an external repository might harm you if it is crafted specifically to inject malicious software in your systems. This kind of threat isn’t really widespread.
- External software: If you happen not to find a program inside the default repositories, you might be tempted to search for packages/software on the Internet. That’s a potential threat. Installing software from untrusted sources voids all the security provided by trusted repositories and package managers.
- Phishing: Crafted websites identical to the original ones with the intent to steal sensible information. Phishing is as dangerous on Linux as it is on Windows.
- Malicious mail: Just like in Windows, opening a malicious attachment can case your system to get infected. Remember Windows viruses won’t harm Linux.
- Executing scripts: Some applications not included in the repository may require you to paste a command inside terminal. Mimicking that procedure a fake site may trick you into pasting a command which downloads and executes a malicious script. Never run scripts you don’t understand/from a site you don’t trust.
- Weak passwords: This one is exactly like Windows, if you have a weak password, anyone could potentially sit in front of your computer and be in control of your files. Choose well your passwords!
- Bad configuration: This one is for advanced uses. Let’s say you leave Teamviewer listening. Or worse: ssh with root enabled and with a weak password. If you don’t configure your software properly (or follow misleading guides) you will have home-made holes in your system.
Linux is more secure than Windows, it isn’t however invulnerable and has a few viruses around. There are threats like phising that work well independently on the operating system. The best way to prevent is to know about the threats. If you find yourself in the need of an antivirus I suggest you Sophos. And whenever you are asked for your password think twice.
Image thanks to Yuri Samoilov.