Why Linux does not need an Antivirus Like Windows ?
Your linux system can never get hacked. It does – the whole DynDDOS attack last year was based on Linux system. But the reason for quite totally different from the standard methodology of virus propagation.
Not that your linux system can never get hacked. It does – the whole DynDDOS attack last year was based on Linux system. But the reason for quite totally different from the standard methodology of virus propagation.
Even directly, there are only a few viruses that focus on linux systems – and mostly those are PoCs.
So, why is it that linux isn’t obtaining Viruses ?
- Linux is a minute part of the desktop OS ecosystem.
From the split of OS , you can see 96% of the sites are Windows. 0.81% is Linux.
If you were a hacker and needed to focus on the largest base for your virus to spread, what would you target ? Windows of course. Linux is simply not worth wasting your time on.
- The linux system is all regarding system privileges.
As a user on a linux system you are doing not by default have admin rights – like however it’s in Windows.
If you remember Windows Vista – they had introduced a User Authentication Control system (UAC) that would pop up anytime a program asked for access to the system resources. It faced a large backlash as most of the programs on windows do this. So, that methodology failed.
However, if you begin operating in linux using the root account – you’re doomed. Even if you place in an antivirus, it will not help you.
- Repository management
Add to that, most of the linux binaries are put in through a package manager. Thats basically what the Apple Appstore and Google Playstore is based on. Everyone puts their programs in one place and also the user downloads from there.
So, if there’s a rogue application offered – what would happen ?
- Opensource
Linux has its code offered for everybody to review. Linux is a user regulated system. If anyone finds out a difficulty with any piece of code, it’s fixed immediately. Many times, the fix is also posted by someone who isn’t the owner of the piece of code. The repository management makes certain that you just get the updated package as soon as possible.
Windows is proprietary. So, if there is a flaw found – not many people would know about it. There are bug bounties by Microsoft – however they any vulnerability is kept under the wrap. If there’s a well-known exploit ( because the case of Wannacry) you are doing not know how long it’s going to be open.
I think that the mandatory updates by Windows 10 is a step in the right direction. Again, taking the case of wannacry higher than – even once patches are on the market, people do not update their systems. And the malware can propagate.
So, what kind of problems are offered on the linux systems.
Unpatched systems : This is one of the biggest issues. People do not update their systems. As our machines get additional and additional connected to the internet, so does the attack vector. The base system is just nearly as good as you permit it to be – therefore patch it now. Unlike Windows wherever you have got GBs of patch generally, most of the patches in Linux are very small.
Password management : frankly i believe this is often a much bigger issue than the unpatched system. People keep passwords like “1234567890” or even “password” as their system passwords.
So, however do you get hacked on linux ?
DynDDoS attack was due to both of the above issues. The attack vector was through IoT devices – that weren’t patched. On top of that, these systems were having the default administrator/root passwords hardcoded. I still do not understand how the manufacturers have done this. This was plain laziness on their parts.
