How is Linux not prone to viruses, malware and those kinds of things?

71

21

How is Linux protected against viruses?


This question was a Super User Question of the Week.
Read the blog entry for more details or contribute to the blog yourself

ykombinator

Posted 2010-10-03T15:38:56.077

Reputation: 954

I think it has something to do with the file structure in windows and the like that make the susceptible to viruses as most viruses attack the structure of a file and the registry and the like. however in Linux the filing system and the structure all together is a lot more stable and cant be manipulated as easy. I heard once of a Trojan virus just sitting on a Linux desktop doing nothing as it could not attack any files... – ThunderToes – 2014-08-18T15:29:29.423

2

See also http://superuser.com/questions/11969/should-i-worry-about-malware-on-linux

– Robert Munteanu – 2010-10-03T19:27:26.687

1

I think you mean cracker. See: http://www.cs.utah.edu/~elb/folklore/afs-paper/node9.html Hacker is a non-specific term.

– jnewman – 2010-12-11T04:26:50.053

1For Linux many softwares are open source so if the virus writer go with open source then community will help to repair this beautiful mind. And if the writer want to choose the close source proprietary way then he/she should label the program as "proprietary malicious software". – kaykay – 2011-04-17T00:02:27.907

Answers

104

Well, it factually is not... it's just less subject to hackers developing viruses that target Linux systems. Consumer grade computers usually run on Windows and thus, when targeting a wide audience, Windows is the way to go.

Don't misunderstand Linux and viruses, there definitely ARE Linux viruses.

Some distros have additional protection layers such as SELinux (See here) in Ubuntu for example. Then there's the default firewall and the fact that alien files don't automatically have permission to be executed. Specific execution permission has to be granted before execution is possible. (See here)

Then there are several other factors that make Linux a hard place to be for viruses usually non-root users on linux systems have no to little executable files at their disposal that would allow for viruses to stay undetected and propagate. Some programs just require you to be logged in as root (or by use of sudo) before they run or to access/modify directories other than your home. It's just a lot harder to develop a viable virus that would spread as well as it would in Windows.

UPDATE:

As mentioned below, most machines that run Linux are either servers that are run by people who know a thing or two about what they're doing. People that run Linux for desktop use usually choose to and also do know what they're doing. Almost all computer illiterate run Windows and therefore it's much easier to get those computers infected. "Hey, this machine tells me that I have I virus and I have to purchase this Anti-Virus program called 'FAKETrojanHunter' to get rid of it... Okay, let's do it!"

Because no Linux distribution/installation is equal per se, it's harder to develop malware that would infect them all as efficiently as possible. Furthermore, almost all software run on Linux is Open Source, making malware much more easily detectable since its source is open to the public.

BloodPhilia

Posted 2010-10-03T15:38:56.077

Reputation: 27 374

@Sathya sure makes sense that no OS is 100% protected, however while searching the interwebs, I didn't find any record of a successful big attack on linux systems that did heavy damage. I found this which is something kaspersky found 17 years ago but not about real attack. Would any one know of successful attacks the link for gnu/linux posted in an earlier comment is dead.

– gideon – 2017-12-06T15:34:31.483

47+1 for there definitely ARE Linux viruses – Sathyajith Bhat – 2010-10-03T16:06:25.997

13Remember that most (well, lots...) of servers run Linux so there is in fact a huge install base that is worth attacking. Most of these servers run no antivirus and have no problems. There are exploits in packages, but typically they don't allow arbitrary remote code execution. – Rich Bradshaw – 2010-10-03T16:14:47.610

2@Richbradshaw Of course there are, yet most malware developers will choose the easy way of spreading their "work" instead of using servers. These servers are usually fairly well protected and if kept up to date, very hard to take from the outside. – BloodPhilia – 2010-10-03T18:30:14.463

5Actually, linux is no more secure against virus attacks than Windows for the vast majority of exploits. Some classes, linux improves (for example, executable files sent via email are harder to infect users.. but not impossible). The same attack vectors work for Linux (buffer overflows in programs that access the internet mostly). And stupid.. er i mean inexperienced users are just as likely to take the extra steps to make an email attachment executable if it's something they want (nudie pictures, cute screen saver, etc..) – Erik Funkenbusch – 2010-10-03T23:29:44.547

There are viruses that infect GNU/Linux Operating Systems. http://vx.netlux.org/vl.php?dir=stat shows the statistics of the viruses in their collection. Of those 426 i.e 0.15% are GNU/Linux viruses.

– None – 2010-10-04T09:43:15.833

@jase21 I urge you to reread my post ("Don't misunderstand Linux and viruses, there definitely ARE Linux viruses.") and the first comment to this answer... – BloodPhilia – 2010-10-04T09:59:58.337

@BloodPhilia Yes, I was supporting that, with those statistics. And how its more secure is due to the fact that the operating system architecture is entirely different from that on Windows. Access controls mechanisms, open code, better coding practices are the main reason. Again to modify critical components, user permission is required. Things don't get installed automatically at the back. Also the people who uses them are more intelligent by nature. Heh! – None – 2010-10-04T10:09:18.117

@jase21 Then I misunderstood, sorry! – BloodPhilia – 2010-10-04T13:07:20.253

4@Rich: Sure. There's also a lot of Windows servers. However, servers are typically run by people with a clue about computers and security, and therefore are much harder to attack. There's plenty of computers around maintained by people who don't understand computers. The vast majority of those are Microsoft Windows, the remainder is mostly Mac OSX, and Linux is almost not there, since almost all personal Linux users run it because they understand computers and have chosen Linux. – David Thornley – 2010-10-05T14:01:14.280

4@Jase21: I don't understand how you can say Linux has "better coding practices" unless you have worked on both platforms, and have seen the source code for both platforms. @BloodPhilia: +1 for the answer here that most directly points to the root of the problem rather than FUD trumpeting. – Billy ONeal – 2010-10-09T17:59:15.990

1@Billy ONeal That reflects from the APIs that they provide us. Just see how complex the win32 API, DirectX is when compared to OpenGL and Unix code. My general assumption is that since GNU/Linux is being done as a collaboration it will be done by the best people around. See how fast Compiz is rendering and Aero is bloated. – None – 2010-10-11T02:07:30.990

1@jase21: OpenGL and DirectX aren't really comparable libraries, because they have different goals. OpenGL is a general rendering platform, while DirectX seeks to expose the underlying hardware for application developers. Given that the underlying hardware is more complicated than general graphics primitives, it makes sense that DirectX would be more complicated. Also, even if Compiz was faster than Aero (which I think is debatable), the execution speed has nothing to do with quality of code, which is the result of the code itself, not anything a user is able observe. – Billy ONeal – 2010-10-11T02:19:51.690

@Billy Hehe.. okay. Settled. – None – 2010-10-11T03:53:49.667

"...making malware much more easily detectable since it's source is open to the public." Is the author stating that the malware source code is open to the public as well. This would not be the case... – Jonathan – 2010-10-15T12:27:05.270

@Jonathan no, just stating it would be more easily detectable – BloodPhilia – 2010-10-15T22:52:44.727

1A couple corrections, Ubuntu supports SELinux but it's disabled by default, Ubuntu and most distributions now use AppArmor for mandatory access control. The firewall is supported in all Linux kernels but Ubuntu, along with most of the major Linux distro's, don't have any firewall rules configured by default. Also, developing malware/viruses/rootkits that works in 1 distribution would work in any of the other major distributions. They all use the same kernel and core libraries. – None – 2011-03-14T22:08:54.587

37

One of the reasons are user privileges.

GNU/Linux systems are Unix-like systems and that means that they are built to be multi-user systems from ground up. That means that there is a strong separation of responsibilities among users. As a result, a normal user cannot actually damage the system because he doesn't have needed privileges. While there are limited accounts now available on Windows systems too, on GNU/Linux systems it is naturally expected from user to use a limited account for day today use and keep root account only for changing settings (some distributions by default won't even allow users to log as root because there are other safer mechanisms to use root account to modify settings).

On the other hand many Windows users were brought up in Windows 9x era or that era made a big influence on them. Back then only user account was administrator and everything was allowed to that user. Even today on Windows systems which are descended from multi-user Windows NT, it is often required (or at least expected) for user to use account with administrative privileges and use of limited accounts is pretty low among home users.

AndrejaKo

Posted 2010-10-03T15:38:56.077

Reputation: 16 459

4+1 for mentioning permissions - sudo is my friend. – Thomas O – 2010-10-03T18:19:37.840

6You can get the same protection on Windows by running as a limited user and elevating via UAC when required. Just saying. :) – badp – 2010-10-03T20:47:19.007

2UAC is annoying and as far as I know, many users turn it off. Then again I use Ubuntu so maybe I'm biased. – Thomas O – 2010-10-03T21:03:04.573

@Thomas O That's waht I was aiming at when I wrote my answer. On Windows UAC is annoying and elevated privileges are often required. On GNU/Linux elevated privileges aren't required so often. Also on many distributions changing user settings is easier because they will "remember" password for some time, while UAC prompt will show for every action. – AndrejaKo – 2010-10-03T21:13:58.983

Yes. And with UAC, you can just click "allow" in many cases, you don't even need a password. I can't think how that is secure, what if a virus was able to move the mouse to click OK? – Thomas O – 2010-10-03T21:18:53.877

@Thomas: http://www.google.com/search?q=uac+secure+desktop

– Hello71 – 2010-10-03T22:18:11.687

5@Thomas - what Hello71 is saying is that UAC works in a protected desktop and isn't allowed to interact with the interactive users desktop, so any app running there cannot "move the mouse" and click it. It seems that UAC is often misunderstood this way by people who don't know anything about it. – Erik Funkenbusch – 2010-10-03T23:24:09.523

^That makes more sense, thanks. I don't know much about it, because I try to avoid Vista... and I haven't got around to using 7 yet. I still use XP for when I need to run Windows apps and I honestly haven't found a convincing reason to upgrade. – Thomas O – 2010-10-04T06:30:00.010

Any reason for the downvote? – AndrejaKo – 2010-10-10T19:26:24.787

@AndrejaKo: I realize this is half a year after you posted your comment, but I just saw this thread today and wondered... what do you mean by "On Windows UAC is annoying and elevated privileges are often required. On GNU/Linux elevated privileges aren't required so often."? Every little thing I do on Ubuntu needs permissions just like it does in Windows 7 (except that it gets on my nerves because I can't turn it off)... what is there that you need permissions for in Windows that you don't in Linux? – user541686 – 2011-05-15T08:47:08.830

@Mehrdad They may have changed the policy in Ubuntu, but back when I was using it, it (and many other distributions) would "save" root password (or your own, if you're using sudo) for say 5 minutes after it was used last time. This would allow you to enter password once and then make many changes without having to confirm each and every change, which is good when you're setting up system. After several minutes with no settings, you'd have to enter password again in order to change something that is allowed only to root. That's what I meant. – AndrejaKo – 2011-05-15T10:25:23.060

@Mehrdad You should be able to enable root log-in on Ubuntu with sudo passwd root, but many many many and once again many Ubuntu fans will say that it's unsafe, un-Ubuntu and generally bad thing to do and claim that sudo in the one true way to administer system. I never trashed my system by being irresponsible root, but many have, so be careful if you enable root account log-in. – AndrejaKo – 2011-05-15T10:30:09.047

@Mehrdad I just noticed the what is there that you need permissions for in Windows that you don't in Linux?. In Windows many programs will still tell you that you need to have administrative privileges to run them and leave it at that. On the other hand, many GNU/Linux programs expect to be run by a non-root user (and some may even need to be compiled with special options enabled to be run by root). Also on GNU/Linux systems, you (as far as I've seen) don't need to enter password to change things your own user can access, while on Windows (IIRC), you need to pass UAC for local settings too. – AndrejaKo – 2011-05-15T10:35:38.293

@Andreja: (1) Yeah, that password-saving thing is definitely useful. (2) I've tried logging in as root once, but that's equivalent to logging in as Administrator on Windows, which I never do, because it's only a single special account that I don't want to mess up... I'd love it if there was a way to give permissions to other users to be root. (3) Hm... that seems to be more of a program issue rather than a Windows issue, although admittedly I'm going to have to turn on UAC again in order to do a fair comparison (haven't done that in a while, haha). – user541686 – 2011-05-15T17:43:00.953

22

One advantage that Linux has over Windows is that in order for file to be executable, you have to specifically set its permissions.

This means that the double extension trick (eg "brittany_spears_naked.jpg.exe") won't work because the user will need to make it executable before it'll infect them - and hopefully they'll think its odd that a picture needs to be executable.

Richard

Posted 2010-10-03T15:38:56.077

Reputation: 4 197

14Linux does not use file name extensions at all. – AndrejaKo – 2010-10-03T16:06:40.350

9Technically it doesn't, but gnome and kde will use them to determine whether something is, for example, a picture or a music file and pass it to the appropriate program. – Richard – 2010-10-03T16:21:44.787

6Indeed, but neither GNOME nor KDE nor any other desktop environment will assume that a file is ok to execute based on a file extension. – Ryan C. Thompson – 2010-10-03T18:02:45.513

A file cannot be executed without the permissions. That would mean your file manager would have to change the permissions to even attempt to execute it. – Thomas O – 2010-10-03T18:18:39.597

@Ryan Actually look at .desktop extension files, they provide some form of executable just from the extension. – Douglas Leeder – 2010-10-03T18:46:48.527

^But whatever they point to must be executable. – Thomas O – 2010-10-03T21:02:10.597

@Thomas: They could, however, "execute" files based on their extension by running them in the appropriate interpreter, which is a slightly different idea than executing them directly. – Arafangion – 2010-10-05T14:00:58.013

1Actually, I meant that linux desktop environments will not launch a desktop file unless the desktop file itself is marked executable. So you can't just download a .desktop file that contains Exec=rm -rf / and accidentally run it without first marking the desktop file as executable. – Ryan C. Thompson – 2010-10-06T02:25:08.503

@Ryan, unless it came in the install script of a program you just downloaded in an archive that preserves the execute bit, like tgz. – Cees Timmerman – 2012-11-26T15:22:17.790

But then the install script itself has to be executable, or the user must choose to run it. – Ryan C. Thompson – 2013-01-11T05:20:51.183

19

Linux is protected, but not invulnerable.

Contrasting Linux/Unix with Windows at a high level, from a security standpoint:

  • The Linux kernel (where system permissions are examined and enforced) is much smaller than the Windows equivalent. Smaller means simpler; simpler means easier to examine, with fewer unexpected system interactions. "Smaller" and "simpler" are good things in security analysis. The Windows kernel keeps growing at a high rate.

  • Linux users tend to run at lower permission levels than Windows, making it more difficult to affect the entire system.

  • Linux started with a simple, flexible, security model. Windows started with requirements for backwards compatibility with systems that had no security model.

  • Linux has always had functions (e.g, chroot(2)) to ease the tasks of security conscious programmers.

None of this makes Linux invulnerable to malware. It does mean that attacking a properly configured Linux host is even more difficult than attacking a properly configured Windows host.

mpez0

Posted 2010-10-03T15:38:56.077

Reputation: 2 578

11>

  • Actually, Windows NT started as competition to OS/2. Everything runs on top of the DACL security model, which is more flexible than POSIX permissions. 2. Most of the arguments here apply to the Win9x era of operating systems, not for Windows NT. 3. Actually, Linux mainline has grown much more rapidly than Windows' kernel. The only additional thing the NT kernel does is provide the Windowing subsystem -- which isn't anywhere near security code anyway. 4. The assertion that size has an effect on security only applies to security code. Adding btrfs to Linux doesn't make it less secure.
  • < – Billy ONeal – 2010-10-09T17:53:41.323

    13

    The answer to your question depends on what you consider a "virus".

    If you use the correct definition of a virus--that is to say, code which modifies an existing executable--then the reason why Linux is not virus-prone is because it isn't a viable mechanism for spreading malicous code on Linux. The reason is that Linux executables are rarely transferred directly from one computer to another. Instead, programs are transferred using package-management software or by distributing source code. The fact that most Linux software is available for free from the source means that people have almost no intensive at all to copy programs from one computer to another.

    If by "virus" you mean "worm" -- a program that replicates itself across the Internet, then Linux is not at all immune from that attack. In fact, the original Internet worm, the "Morris Worm", replicated using Sendmail, a program that still comes pre-installed on many Linux systems. Nearly all successful attacks against Linux machines target vulnerable Internet-facing applications, such as a mail server or a web application.

    Finally, if you're referring to malicious code in general -- usually a "Trojan Horse", then what protects Linux is primarily the culture. Linux is a seldom-used operating system, which already limits its value as a target. But when you add to that the fact that Linux users are often exceptionally savvy and security conscious, it lowers the likelihood of a successful attack even further. If, for example, your attack plan relies on convincing a user to download and run a program to infect himself, you're dramatically less likely to convince your average Linux user to do so than your average Windows user. Therefore, malware authors when picking a platform to target, go with the obviously more fruitful target.

    tylerl

    Posted 2010-10-03T15:38:56.077

    Reputation: 2 064

    12

    Linux has a highly-dedicated geeky community working for it, Even if some malware is written, there is always a solution to it.

    ykombinator

    Posted 2010-10-03T15:38:56.077

    Reputation: 954

    5If antivirus companies set their eyes on this platform then same set of geeks can be employed to work for virus development. Afterall, virus and antivirus industry is moved by money and not by REAL crackers/hacker people. – Mahesh – 2010-12-11T05:09:48.013

    @Mahesh Ahh, I knew there would be a conspiracy theory in here. (Not saying it ain't true, just calling it what it is.) – jnewman – 2010-12-11T05:17:33.277

    1@Josh, LOL. Maybe you'll feel like this as conspiracy theory but people who are working for catcom, ePC and many other antivirus companies will give you better idea. ;) – Mahesh – 2010-12-11T05:24:53.220

    12

    There are many aspects that contribute towards this:

    1. Heterogeneous environment
      • There are many different flavours and many different configurations;
      • Even in the same distribution, the range of different possibilities is huge;
      • Each distribution provides multiple kernels, supports extra patches;
      • Each big company usually rolls out their own flavour of the kernel.
    2. Approach to users and history of strong right enforcement
      • Linux is naturally ahead in this area due to very long history of server-oriented development.
    3. Viruses are ineffective
      • Linux is the most installed system worldwide, but there aren't many PC/desktops with Linux;
      • attacks on servers are much more efficient when directed;
      • attacks on embedded systems (routers, televisions, etc...) are usually not worth the effort due to limited system functionality.
    4. Current focus of virus creators just doesn't meat with the Linux ecosystem
      • Creators go for what is easiest.
    5. Viruses are much harder to hide in Linux
      • Linux is an open system that exposes all information, its not that easy to hide something.
    6. Open Source
      • Although Microsoft might claim the opposite, having thousands of reviewers for each line of code and even more people capable of patching a security flaw in several seconds does definitely affect the code quality and security positively.

    Let_Me_Be

    Posted 2010-10-03T15:38:56.077

    Reputation: 1 364

    3"Linux is the most installed system worldwide"? – GeneQ – 2010-10-05T05:44:41.320

    @GeneQ Of course, what other system would it be? OK, in all fairness, I'm not considering those super specific OS systems that are used for mass produced embeded chips (yes, some do come with an actual OS). – Let_Me_Be – 2010-10-06T11:17:17.500

    2That's factually incorrect. Most embedded chips don't run any form of operating system at all. POSIX operating systems are common for servers and for some types of cell phones, but not for things like cars and television sets, which is where the staggering statistics of small computers being much more common than desktop-sized computers comes from. – Billy ONeal – 2010-10-09T17:55:43.560

    5

    I think the fact that Linux runs mainly open-source software is a big bonus here. It's much more difficult for someone to do malicious things to your system when anyone can read the code.

    If you only install software from your Linux distributions official package repositories then you're probably a lot safer than you are under Windows where you have to download random executables and installers off the web to get your software.

    There are of course other ways that people could get malicious code to execute on your system, but I think this point is worth mentioning anyway.

    Jacob Stanley

    Posted 2010-10-03T15:38:56.077

    Reputation: 159

    2Just because software is open source doesn't inherently make it secure. Open source can help determine whether a design is secure or not, but open source doesn't do anything to cause security by itself. – Billy ONeal – 2010-10-09T17:57:10.283

    +1 Yes of course, software can't be secure purely because it is open source, but having many people able to scrutinize the code certainly helps. On the flip-side, I would say that proprietary software is inherently insecure because it is easy for a developer to include malware in their software without the knowledge of the user. – Jacob Stanley – 2010-10-19T18:22:03.787

    5

    The main reason is that Linux geeks do not make rich targets.

    Organized crime aims at the people who buy a simpler system with a desktop and all their applications already installed and well known. And currently the vast majority of such people are using Windows, which makes Windows a much more profitable target.

    If there was as much money to make by going after Linux, I'm sure that the massive effort that is today generating thousands of new virus variants and dummy websites per day would have soon also brought Linux to its knees. And with Linux being open-source, the hackers wouldn't even need to decompile anything.

    For every clever programmer there is a cleverer one, only that one is a pirate ...

    harrymc

    Posted 2010-10-03T15:38:56.077

    Reputation: 306 093

    3I kind of disagree with this one. Back in the 90's, Windows had a huge difference in number of viruses over the Mac, but there was no money to be made from viruses yet. This may exist, but as a main reason, it's not valid. – Rich Homolka – 2010-10-11T17:29:01.417

    @Rich Homolka: According to statistics, Windows doesn't have today more known vulnerabilities than other OS. The only difference that is logically left is then the fact that the hackers aren't concentrating on it. – harrymc – 2010-10-11T17:44:25.857

    2I see your point harry, but i disagree with your conclusion. The scary thing about (early) Outlook viruses is that Outlook worked exactly as Microsoft had designed it. There was no 'vulnerability' in the normal sense of that term. The design was simply an efficient virus propagator. – Rich Homolka – 2010-10-12T15:03:58.630

    1@Rich Homolka: You are right about the past, and you can also list ActiveX, BHO, Web DAV and other stupidities of Microsoft. However, an effort of quite a few years has much improved the situation today to a point that security is comparable with Linux. Most of the attacks today are browser-oriented and require patching in all major browsers. The new attacks on routers are actually Linux exploits. – harrymc – 2010-10-12T16:51:02.300

    5

    • multiuser, multitask OS
    • built to live in the network world (no RFC ports wide open for convenience)
    • there is no such thing as ActiveX (nice vector for contamination)
    • there is also a nice separation of code from data from configuration files
    • all applications and OS programs are up to date thanks to a central repository
    • no incentive to visit unknown sites and download software from there
    • updates occur when there is an issue to patch, not "black Thursday"
    • file extension doesn't mean anything for OS
    • No hidden mess, like the registry
    • thanks to privilege separations - even if you get "something", is very hard to survive a reboot (as per definitions for a Virus)

    jet

    Posted 2010-10-03T15:38:56.077

    Reputation: 2 675

    It's trivial to make an application, malicious or otherwise, "survive a reboot" in Linux. If you gain root you can insert modules, modify the kernel and add or modify an init script. Hell, even if someone just compromises your user account they can just add something to ~/.bashrc that would execute every time you log in. – None – 2011-03-14T23:44:47.767

    it's trivial, but you said "if", right? And good luck with that – jet – 2011-03-15T00:00:03.853

    You said 'even if you get "something", (sic)is very hard to survive a reboot', which implies you already got it. Then your already screwed. Game over. – None – 2011-03-15T00:23:28.653

    yep for example hijacked flash plug-in (Adobe anyone) and yes game is not over unless you browse as root – jet – 2011-03-16T19:15:38.290

    3

    There is growing number of people who do not know much about computers (or who migrated from Windows) to modern distros like Ubuntu, LinuxMint or Fedora.

    They will read any guide or how-to and happily download any script or program and run it as root or sudo. These can be easy targets of trojans. In effect I feel desktop security is difficult unless you restrict what users can do with their computers.

    Xolve

    Posted 2010-10-03T15:38:56.077

    Reputation: 450

    2

    Malware writers want a bigger target market. A lot more people run Mac or Windows than they do Linux. It's like building a website - you want to make sure it works in the major browsers before going to the less popular ones.

    Joshua

    Posted 2010-10-03T15:38:56.077

    Reputation: 4 290

    I believe @BloodPhilia has an excellent point as well, regarding the many different distributions of Linux. It would be very difficult / time-consuming to develop malware that could effectively adapt and spread itself across the many different Linux distros. – Joshua – 2010-10-16T21:32:50.587

    Linux is Linux. Same kernel, same core libraries. Malicious code is distribution agnostic. Finding a way to actually spread it may be more difficult because if one project is compromised and malicious code added to a package that's pushed out to end users, it only effects that distribution. Something as simple as a fork bomb will bring down most Linux distributions. perl -e 'while(1){fork();}' – None – 2011-03-14T23:53:55.340

    2

    One thing I think people always ignore with Linux/Windows comparisons is the users, who they are, and how they think, act and react. You may find the paper Folk Models of Computer Security interesting.

    Linux is (almost) never pre-installed. As a corollary, it means that (almost) all installations are installed by choice, by someone who thought enough to chose Linux over something else, and by someone who at least knows enough to use the installer. Having a filter of minimum computer knowledge before using the computer helps.

    By contrast, Windows is the default install on most computers purchased. You can have zero skills and buy a Windows computer and hook it to the Internet and not know anything about viruses, worms, trojans, etc, and become a zombie very quickly.

    I would like to also say I'm not "blaming the victim". Computers are complicated infinite state machines. Security is hard. But design also matters. Mac OS X doesn't really have any compelling security features that make it safer than Windows. It is also pre-installed on systems, meaning anyone who can buy a Mac will get it running no matter their skill level. But it was designed as a system, with an idea of how the user thinks and will interact with the system. This cuts down not on security holes, but how likely a user will allow them to be exploited.

    Rich Homolka

    Posted 2010-10-03T15:38:56.077

    Reputation: 27 121