The myth of ‘bulletproof’ Linux

Starry-eyed Linux desktop enthusiasts could become passive conduits for malware, security experts warn.

From a quick perusal of support forums for the Ubuntu Linux distribution, you’ll notice that the necessity of an antivirus program for the OS is one of the touchier subjects. Some users are clearly running their systems under the assumption that Linux is virtually impervious to attack. Why, that’s one of the benefits of Linux, they say: You don’t need antivirus software.

Bad assumption, says Nima Dezhkam, senior security consultant at Security Compass, a Toronto-based security software development firm. It’s something he doesn’t have to explain to his enterprise clients, who already have antivirus software running on their Linux servers.
“They need that. And the very basic reason is, for example, if that server or e-mail server that is running on Linux will be interacting with Windows machines all the time, or in most cases (for example, if your server is transferring files and the client who is accessing the sever might be running a Windows machine) you don’t want to pass along an infected file to the client.”
Dezhkam says if Linux users do neglect to install antivirus software their complacency could be exploited by malware developers.
“That’s irresponsible in the way that you may not get infected with a virus that has been written for a Windows machine, and you can download it on your machine and don’t get infected, but if you send that file via e-mail or instant messaging to another person who is running Windows, he or she will definitely get infected.
“You will be working in favour of the hackers in that case, if you don’t run an antivirus on your Linux machine.” 
As for malware targeting Linux itself, there is a body of folklore that celebrates the operating system as a nearly bulletproof platform, he says. “I think that’s kind of a myth, that Linux cannot be infected by viruses. In theory…you can have the same type of virus that you get on Windows on Linux.”
Generally speaking, he says, Linux is less vulnerable to malware for two reasons. One is that far fewer systems are running a version of it, which makes it a less appealing target to hackers (especially newbie hackers who don’t have access to the plentiful hacking tools they do with Windows).  And the other reason is the way it is built.
“The fundamental reason is the way Linux systems are architectured. They have strong privileges enforced on applications and file systems. That would significantly reduce the risk…of the system being infected, or in case of infection, the impact of the infection.”
However, James Quin at London, Ont.-based Info-Tech Research Group Inc. questions whether even Linux’s own susceptibility to malware is underestimated. He does agree with the first assertion, that Linux is less likely to be subject to malware attack due to its lower profile. “The new kid on the block, the small one, comes along,” he says. “And because it’s small, because no one really pays terribly much attention in terms of user base, guess what? The bad guys don’t pay terribly much attention to it either.”
But at the same time, he suspects we may yet find out the Linux OS is not as bulletproof as once thought. “It is not inherently more secure. A great example of a parallel environment: We can go back and we can look at browsers. For the longest time Internet Explorer was the biggest browser, and then Firefox came along and everyone touted the benefits and the security capabilities of Firefox, and how fabulous and wonderful it was. It was going to solve all the security problems we experienced in the browser world.
“Well, it didn’t take too long before Firefox started to become very popular, and grew in popularity to rival Internet Explorer.  And guess what happened when we started really doing some hardcore testing of security vulnerabilities in browsers?  It was determined that depending on the nature of the test and the version of the browser you were looking at and what month you were testing in, to look at all the patches, there was just as significant a likelihood that Internet Explorer would be more secure than Firefox as it was that Firefox would be more secure than Internet Explorer.”
Meanwhile, Doug O’Flaherty, senior product marketing manager for Red Hat Inc.’s  platform business unit, wrote in an e-mail that although Linux may not be the most popular target for hackers, it certainly remains an attractive one to the more ambitious. 
“Linux is broadly used in secure server applications ranging from the nuclear stockpile to stock exchanges to credit processing on the Web,” he wrote. “This makes Linux a high-value target. Attacks against Linux are no less sophisticated than attacks against Windows–perhaps more so.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now