The illusion of invulnerability

[chiawaikian]

On Saturday "Linuxtag 2006" closed in Wiesbaden (Germany). According to the organisers, it?s Europe's biggest Linux Expo.

 

At the Kaspersky stand we talked to a lot of visitors. Pretty soon, it dawned on us exactly what the biggest threat to Linux systems is: the almost overwhelming belief in the invulnerability of Linux.

 

Nearly every visitor accepts the need to protect Windows against malicious code (although even at a Linux fair you find people believing that a firewall is all you need to keep viruses and worms away). But many people we spoke to were unable to think of Linux as potentially vulnerable; after all, they argued, a Linux user would never go online with root rights as typical Windows XP home users do......

 

Source: Kaspersky Analyst's Diary

[Eldmannen]

Well Linux is much more secure. Because Windows is usually run with full administrator previlegies. While Linux is often used on a restricted account except when installing software.

Most software for Linux is open source and tremendously less likely to contain spyware, backdoors, etc. Bugs get fixed faster.

Most people who use Linux know more about computers than others.

 

Linux has more advanced firewall and packet filtering and can be configured more in-depth for greater protection.

Viruses are pretty much non-existant on Linux. Same for adware, spyware, dialers, etc.

You can also run everything in a 'jail' (chroot) or sandbox.

You dont need run any daemons at all, and if you run any you can run them under their own credentials (username) so even if a daemon was exploited it wouldnt do much damage.

There are antivirus software for Linux such as ClamAV (and frontends like ClamTk, KlamAV, etc (also AntiVir, etc)) for those who want antivirus.

 

I would feel very safe and secure with Linux.

[zaphirer]

Virus writers have a choice: infect maybe 10-15% of Mac or Linux users, or nearly 90% infecting Windows computers?

 

Anyway, imagine how vulnerable MacOS users will be once they dual boot their Windows XP O_O

[Eldmannen]

Virus writers have a choice: infect maybe 10-15% of Mac or Linux users, or nearly 90% infecting Windows computers?

 

Anyway, imagine how vulnerable MacOS users will be once they dual boot their Windows XP O_O

 

I suspect that most Mac users might have a little more sense than most Windows users.

And Windows XP cant read the MacOS file system. So even if their Windows partition gets infected with something, it wont affect the Mac partition. So MacOS users arent more vulnerable than Windows XP users so the question is not so interesting.

[1984]

i can tell you that NOTHING you put on your computer is lost indefinately- no matter what you do. and this applies to your cell phone as well. law enforcement can ALWAYS find out what you surfed, where you went on the net, etc. if you dont want your habits being exposed, the best bet is to not go places you dont want others to know about.

[Eldmannen]

i can tell you that NOTHING you put on your computer is lost indefinately- no matter what you do. and this applies to your cell phone as well. law enforcement can ALWAYS find out what you surfed, where you went on the net, etc. if you dont want your habits being exposed, the best bet is to not go places you dont want others to know about.

 

You can get be pretty safe by using a LiveCD with the harddisk not mounted, then use Tor anonymizing proxy. Or use an encrypted file system on a flash drive.

[1984]

you would be surprised what they can find out.

[zaphirer]

I'm sure the FBI/CIA/NSA have very cordial relationships with ISPs.

[1984]

some isps guard their information and require a warrant for every little bit of info, and some are just too happy to turn it over. depends on the company and the jurisdictional legislation.

[Eldmannen]

Yes, it is true. Some ISP suck, as soon as asked about data they willingly turn it over without a blink.

Other ISP are good, they decline and require a warrant.

 

If you run from a LiveCD and have no harddisk on, then no data will be locally written/saved anywhere except for in the RAM which will be (pretty securerly) wiped on restart/power-off.

 

Yes, the ISP have logs and stuff. But that is why you should use encryption (such as SSL (Secure Sockets Layer)). And you can surf more anonymously with Tor because then the data will be routed through other computers, so it will be difficult to trace it.