Most Linux malware/viruses target corporate servers.
It’s not that there isn’t Linux malware or viruses, there’s plenty.
It’s rather that you and me as individuals just aren’t that important nor do we likely have enough assets to justify us as a target to begin with.
Corporate servers are more likely to have a large combination of technologies that allow hackers to infilatrate to begin with, whereas the average home user might not have many programs installed, especially not a large number that need network access and thus complex access control rules.
Also there is a lot less focus on targeting GUI components for social engineering. Most Linux systems are headless
I do wonder, hypothetically, if free Linux distros had 80% of the consumer market, would we see just as many dangerous exploits and malware as we do on Windows today? It seems to me that the consumer community is so small that it’s hard to say if it’s secure or just obscure.
I understand in theory Linux is more secure… But are individual users really not opening themselves up to attacks, downloading foss software right and left? Using built in stores? Wine emulation?
The Linux software you can get as a regular user from your typical Linux distributions is absolutely not any more secure on average than your typical Windows software.
I say this as someone who writes application programs on both systems.
I think it’s really debatable whether the Linux kernel is really any more secure than the Windows NT kernel. Linux advocates have pushed the “many eyes, shallow bugs” line for a long time, but high profile lapses seem to really have put the lie to that.
The software itself may or may not be more secure, but acquiring software is absolutely more secure. There’s so much Windows malware people unwittingly download from the internet. Downloading from a distro’s software repository simply doesn’t have that problem.
Also, when not using repositories it is much more common to go to the source, like GitHub releases, etc.
Parts of it seem to be inherently more secure, but there are some pretty glaring holes. At least software distribution is much more secure than the Windows approach.
I’d say the biggest, most glaring hole is that, much like in Windows, most users don’t really understand the file system and user and group permissions.
Linux, as an OS, requires a lot more on the users part in understanding basic security right out of the gate.
A lot of folks out here dropping
chmod 777all over the place just because they haven’t had any education on how any of it works.Source: Years ago, being a newb without knowledge or education, dropping
chmod 777all over the placeHopefully you only chmod’d your own systems. Early in my career, I worked on a project wherein we gave a contracting company root access to a computer they could use to test the software they were writing for us. One morning, they sent us a message saying they couldn’t log in. We looked at the computer and discovered it wouldn’t boot. Turned out someone on the remote team had chmod 777’d the entire filesystem. Of course we locked down their access after that.
