Ubuntu security - spyware, viruses, cache cleaning, etc.

Sat Sep 24 11:45:39 UTC 2005

Paul McNett <p at ulmcnett.com> writes:

> All I can say is that the Windows people are constantly having to
> patch this or that, upgrade this anti-spyware, add this other because
> the first didn't cut it, and they still manage to get infected even
> though they've followed all the supposed best-practices. This comment
> applies to single-user systems as well as corporate networks with
> full-time IT departments. *So* much time and money is invested just to
> keep Windows running smoothly and avoiding the latest malware threat.
> 
> Contrast that with the Mac/Linux people, who don't tend to have any
> antivirus/antispyware software running, and have never had an issue
> that I know about. To some extent, Windows is unfairly targeted
> because it has the most users, but there have been many threats
> against open source software and in my experience the security holes
> get plugged much faster in the open world versus the closed world.
> 
> I've been running Linux as my personal and professional desktop since
> about 2002, and have had no issues even though I've not installed any
> antivirus software. I have a Mac and a Windows machine on my network
> too, and the Mac has never suffered but the Windows one which I hardly
> ever use seems to require constant attention anyway.

Well, until very recently I had a slow and expensive modem connection
that was essentially used for reading and writing email and checking
the news on the web.  I was online for short periods of time and over
a slow connection.  Because the connection was so slow, updating Linux
(debian stable at this time) was a pain and I did it infrequently.

Attacks on Linux systems are rare and who would bother to use my slow
machine anyways, I thought...

But then someone from a server from Netherlands, I later found out,
installed the "suckit" rootkit on my machine and tried to spy out my
passwords.  It took 2 months until I noticed and then half a week
until I had tracked down & eliminated the problem.

What do we learn from that?  Not much, but personal stories are, well,
personal stories.  The fact that you never had any problems might not
tell much.  Conversely, I might just have been very unlucky.  We don't
know.

Predicting the future: As Microsoft is trying to get control over
their security issues and gets fast enough with security updates,
commercial attackers will shift attention to other brands as well.
That is, Linux and Mac OS will become targets.  The latest firefox
example shows us that Linux software seems not inherently more secure
than their windows counterpart.  (It would be different if open source
developers put stronger priority on security than do software
companies, but I don't see much evidence for that.)

That's why I think that telling newcomers they don't have to care
about security is not the right thing to do: The less a security
culture develops in the Linux community, the more attractive it will
be for commercial/criminal attackers once market share is large
enough.

  Matthias