Linux Doomed to Virus Plague. (Again.)
As sure as spam levels rise so does the misinformation about computer security. Regular readers are probably tired of me griping at news stories that say "Computer virus" instead of Windows virus, and even worse articles that pretend to be fair and balanced by claiming that Linux and Mac are just as prone to compromise too, except their tiny market shares make them unattractive targets. And neener neener, when Linux market share climbs above 1% then haha we'll be drafted into the World Wide Botnet too.
That's dumb and wrong on several levels, which we already know. But it always pays to be cautious-- what will happen as Linux continues to grow, and especially as it reaches increasing numbers of unsophisticated users? Doesn't common sense dictate that it will suffer increasing levels of attack and compromise?
Before we get to that, let's pass a law that sentences everyone who parrots the 1% figure, especially so-called journalists, to a lifetime of cleaning public restrooms. Sentence to be paroled when they learn to fact-check and do basic research.
Now, getting back on topic. It is understandable to worry about presenting an increasingly tempting target as consumer Linux grows. After all, we've been listening to Redmond successfully shift the blame for their fantastically porous malware-friendly software for years-- it's always the user's fault. If that is true, then more Linux popularity equals more unsophisticated users which equals more malware.
Not only that, but Linux permeates every possible segment of tech-- routers and networking devices, home and business automation, security and surveillance systems, phones, netbooks and other consumer mobile devices, desktops, vehicles, media servers and settop boxes; it's already a major player in the datacenter, server room, mainframes, clusters, and supercomputing. Linux runs on multiple CPU architectures. So a Windows-type Trojan horse or worm on Linux should have a much more catastrophic effect because of Linux' much greater reach.
It sounds good, but it's baloney, plain old erroneous Windows-think. Linux is not Windows. Windows PCs are trivially easily captured into the World Wide Botnet, but not because all those millions of PCs carry valuable payloads. Who cares about millions of Minesweeper scores and inane chatlogs? They're just launching points for spam, malware, phishes and attacks on high-value Linux and Unix systems, all those datacenters and database servers containing terabytes of valuable business and customer data.
That's the best attackers can do because direct attacks on Linux (and all Unix-type systems) are rarely fruitful. Sure, users are always the weakest links, and we must never let our guard down, and never violate basic security principles. I'm just not seeing some future turning point where malware authors are going to get serious about attacking Linux in significant numbers, which has been predicted for going on ten years now. Not unless a pandemic of sanity overwhelms the planet and everyone unplugs their Windows machines from the Internet, so the only available targets are Linux/Unix machines. I suspect that if something like that did happen we still wouldn't see a surge in remote attacks, but rather more social engineering and inside jobs.
Here are some resources that go into more detail on why Linux and Unix are more secure and secure-able.
This Talkback thread on LinuxToday has some interesting comments on possible Linux attack vectors and vulnerable points: