Starry-eyed Linux desktop enthusiasts could become passive conduits for malware, security experts warn.
From a quick perusal of support forums for the Ubuntu Linux distribution, you’ll notice that the necessity of an antivirus program for the OS is one of the touchier subjects. Some users are clearly running their systems under the assumption that Linux is virtually impervious to attack. Why, that’s one of the benefits of Linux, they say: You don’t need antivirus software.
Bad assumption, says Nima Dezhkam, senior security consultant at Security Compass
, a Toronto-based security software development firm. It’s something he doesn’t have to explain to his enterprise clients, who already have antivirus software running on their Linux servers.
“They need that. And the very basic reason is, for example, if that server or e-mail server that is running on Linux will be interacting with Windows machines all the time, or in most cases (for example, if your server is transferring files and the client who is accessing the sever might be running a Windows machine) you don’t want to pass along an infected file to the client.”
Dezhkam says if Linux users do neglect to install antivirus software their complacency could be exploited by malware developers.
“That’s irresponsible in the way that you may not get infected with a virus that has been written for a Windows machine, and you can download it on your machine and don’t get infected, but if you send that file via e-mail or instant messaging to another person who is running Windows, he or she will definitely get infected.
“You will be working in favour of the hackers in that case, if you don’t run an antivirus on your Linux machine.”
As for malware targeting Linux itself, there is a body of folklore that celebrates the operating system as a nearly bulletproof platform, he says. “I think that’s kind of a myth, that Linux cannot be infected by viruses. In theory…you can have the same type of virus that you get on Windows on Linux.”
Generally speaking, he says, Linux is less vulnerable to malware for two reasons. One is that far fewer systems are running a version of it, which makes it a less appealing target to hackers (especially newbie hackers who don’t have access to the plentiful hacking tools they do with Windows). And the other reason is the way it is built.
“The fundamental reason is the way Linux systems are architectured. They have strong privileges enforced on applications and file systems. That would significantly reduce the risk…of the system being infected, or in case of infection, the impact of the infection.”
However, James Quin at London, Ont.-based Info-Tech Research Group Inc.
But at the same time, he suspects we may yet find out the Linux OS is not as bulletproof as once thought. “It is not inherently more secure. A great example of a parallel environment: We can go back and we can look at browsers. For the longest time Internet Explorer was the biggest browser, and then Firefox came along and everyone touted the benefits and the security capabilities of Firefox, and how fabulous and wonderful it was. It was going to solve all the security problems we experienced in the browser world.
“Well, it didn’t take too long before Firefox started to become very popular, and grew in popularity to rival Internet Explorer. And guess what happened when we started really doing some hardcore testing of security vulnerabilities in browsers? It was determined that depending on the nature of the test and the version of the browser you were looking at and what month you were testing in, to look at all the patches, there was just as significant a likelihood that Internet Explorer would be more secure than Firefox as it was that Firefox would be more secure than Internet Explorer.”
Meanwhile, Doug O’Flaherty, senior product marketing manager for Red Hat Inc
.’s platform business unit, wrote in an e-mail that although Linux may not be the most popular target for hackers, it certainly remains an attractive one to the more ambitious.
“Linux is broadly used in secure server applications ranging from the nuclear stockpile to stock exchanges to credit processing on the Web,” he wrote. “This makes Linux a high-value target. Attacks against Linux are no less sophisticated than attacks against Windows–perhaps more so.”