How vulnerable is Linux?

I'm considering using Linux on a PC I'm planning on building, however I want to know Linux's limitations, vulnerabilities to spyware, viruses, malware, and things of that nature first. Currently, how many threats does Linux currently have, and what are its disadvantages?

5 Answers

Relevance
  • 7 years ago
    Favorite Answer

    Linux is not vulnerable to any Windows executable malware, which is most of what you see in email.

    It might be vunlerable to Java and browser-based exploits in principle, but the exploits will have been developed and tested on Windows, and when they run, they typically try to download some Windows binary payload (which won't work).

    So as far as reading email and clicking links online, you are almost certainly safe.

    That's not to say Linux is not vulnerable, either to a real exploit or to stupidity. If you get an email

    "type this, don't ask questions: sudo rm -rf /" you are screwed.

    There are a lot of SSH dictionary attacks against root, so if you have passwords enabled for ssh and a server on the internet with a root password of "qazwsxedc" or "comeonin", you will be pwned.

    There have been, and will be, various vulnerabilities that allow privilege escalation or remote attacks. Usually they are not robust - only work against certain Linux versions - but sometimes not. A few years ago there was a privilege escalation attack that let regular users get root and then install malware (like a trojan sshd that collected more user passwords). Before that there was a problem in RealServer that was (contrary to standard practice) running as root and would let an attacker get root just by sending a malformed media request.

    You are also vulnerable to cross-platform threats like SQL injection. But most of these are server threats, not threats against a desktop. Recent distributions ship with services disabled, and recent services run at reduced privilege, so even if someone does get remote access, they then have to get a command line past a firewall and run a second privilege excalation exploit to get root and be able to install rootkits or keyloggers.

    Linux is a robust computing environment used for servers, cloud computing, compute clusters etc. It's not so popular on desktops (though I've been using it for 20 years, and Google I hear tossed out their Windows desktops after they were phished).

    The disadvantages are that oddball or very new hardware may not be supported (yet) (new wifi cards, USB nerf guns), and that some software is unavailable (certified tax prepraration software for one)

    Source(s): http://www.cvedetails.com/vendor/26/Microsoft.html http://www.cvedetails.com/vendor/33/Linux.html - the raw stats don't tell you how risky vulnerabilities are, or whether there are exploits available
  • 7 years ago

    Being that I must be the longest Linux user on answers. I have been using Linux now for over 8 years, I have never had any viruses or problems using Linux what so ever, I download and test every new release, Today I have downloaded the 3 releases that have been released today, I will be running a test on them tomorrow, if you would like to know which Linux distribution would suit you best you can ask me, Forget Ubuntu and Linux Mint, they are not the best by a long way, there are better distributions

    Source(s): Linux latest releases http://distrowatch.com
  • 7 years ago

    All computers are fine as long as you play 'safe', don't go on dodgy websites, get a security scanner like Norton Security- this notifies you if there are any problems and warns you about problems and cleans up malware and things for you. Just don't do anything stupid and it will be fine+depending on what kind of Linux you get, some will be faster than others and etc.

  • 7 years ago

    If you stick to the repositories provided by your distribution, then you have almost no risk, unless you get compromised by something cross-platform like a java vulnerability.

    If you want to install third party software, then you have to either stick to free software so you can either read through the code or have someone else do it. if you install third party non-free software, then you are opening yourself up to anything they want to throw at you.

    The 'linux' mentality at fixing vulnerabilities is generally a lot smarter, fixing root causes rather than blocking individual attacks.

    You can scan things with clamav, but if someone tricks you to enter a bad terminal command, nothing can really save you.

  • How do you think about the answers? You can sign in to vote the answer.
  • 7 years ago

    There are no advantages to using Linux as far as its vulnerabilities. As a matter of fact, the nature of that OS makes it easy to break in to.

Still have questions? Get your answers by asking now.