On Friday 07 April 2006 06:23 am, Chris Jones wrote:
Is it impossible to write Spyware, Viruses, Malicious Software for Linux? Or is just that Microsoft is the favorite target?
I keep my Windows firewall and anit-virus, anti-spyware programs up to date (all free ware) and I haven't had any problems.
Impossible...no. Linux is no less suseptible to buffer overflow exploits or other code-related exploits than any other operating system. However, the difference is this. Linux was designed from the ground up to be a secure OS with multiple users sharing the same space and having to "play nice" with each other. Windows NT was (and still is under the guise of 2K/XP/Vista) a single-user OS with some multi user features hacked in. In order to do pretty much anything of value on a Windows system, you have to run as the administrator equivalent. This is partially a result of the design of windows and a result of programmers insisting on using HKey Local Machine to write settings. To be fair to Windows, if you have everything locked down tight, run proper firewalls, anti-virus, and don't let anyone run as local admin - you should be more or less safe. However, most people just run as admin, since that's the default. This allows virus writers more access to your system and lets them create havoc to the unsuspecting public. Since most linux distros (with the exception of Lindows/Linspire) highly discourage running as root, this sort of thing doesn't happen. Even if a virus were to get on your machine, the worst it could do was to infect your files and not root's. Also it would be very difficult to spread, since your privileges aren't supposed to be sufficient to accomplish such things. This is an article I wrote on the subject last January. I probably should revisit it. http://www.perfectreign.com/modules/articles/article.php?id=2 Also here's a blurb on Windows vs. Linux security. http://www.perfectreign.com/modules/articles/article.php?id=15