How can Linux be safe when it is open source?

Terafall June 4, 2012
Pinterest Stumbleupon Whatsapp

How did Linux have better security than Windows when everyone can look at its code? Shouldn’t that mean that Linux is easier to infect with malware, viruses and so on?

  1. Reý Aetar
    June 7, 2012 at 7:25 pm

    Once some one contributes to the source it is reviewed by the officials and one more thing the source is useless for a machine until some one compiles it and once it is compiled its the same as closed source programs just no question of being safe or unsafe ..yes security holes are found and can be misused but also there are others fixing it at the same time..
    and yes not only linux but these applies for all opensource programes out there

  2. Linda Dulin
    June 5, 2012 at 9:54 pm

    Need to find a Parental Control program that is supported by Linux.

  3. Jimbo99
    June 5, 2012 at 4:50 pm

    First, the option to delete everything was hobbled a long time ago-- it is no longer valid. Second, the option to delete everything is not a security issue, it's a stupidity and/or abuse issue.

    The option to delete everything with a single command was hobbled a long time ago -- you can no longer destroy your system with that command in Linux unless you intend to do it. In Windows you can still delete your Windows folder with a single command (using cmd.exe).

    Stating that Linux is vulnerable or insecure, due to that one now hobbled feature is just flat out wrong. That command was rarely issued by people unless they were being mislead by some vindictive person or someone playing a joke, or unless they intended to do it. In the case they did it by accident a lot of conditions had to be right for it to do any harm.

    It doesn't take much research in Google to find that the option was hobbled a long time ago so that people don't make the mistake. Besides everything in Linux is done in a graphical desktop anyway without a root control, so most people are not using the command line but infrequently. There's very little reason to be at the terminal prompt for the vast majority of Linux users.

    Yet, no matter how you look at it, it is not a security issue. Security involves working toward a safe environment free of bugs and exploits that allow others to penetrate your system and control it.

    Linux gets better every day. One of the philosophies of Linux is to update and release often. Because of this Linux is on the cusp of exceeding not only the value of Windows but also the usability.

    Linux is approximately 20 years old and benefits from having the code updated and released often adding a flexibility not shared by other legacy OSes such as Windows. All those eyes examining it for security issues and bugs keep it flexible and young at heart. Most operating systems are old, older than Linux.

    Microsoft's OS is also old, older than Linux, but it's core functionality, when it was first created, was based on the ability to have mom and pop use it, thus meaning they neglected security to accomplish that--they tacked it on after the fact, and they haven't been able to resolve the security issues in the past 15 years.

    • Richard Carpenter
      June 6, 2012 at 4:50 pm

      The rm command is still treat.... It CAN be ran from a script without root access, easily.

      Also, Linux is Directly based off of Unix, which is roughly twenty years older then Windows.

      Linux is full of security vulnerabilities that the community doesn't even care about, and will not fix. For instance, using net commands to control a box without any user rights...

      Linux is a good OS, but security is not a strong point.

      • Jimbo99
        June 9, 2012 at 3:04 am

        The rm command *is* a valid command. It is used to remove (or rather delete) files. The rmdir command is used to delete folders. Parameters to the rmdir command allows you to recursively delete files and folders.

        Those commands are no more going away than the "del" command is going away in Windows.

        And, as I said, the issue isn't unique to Linux. In Windows you can delete all those important files necessary to have Windows work. In OS X the same. In BSD and Sun the same.

        So it was not solely a Linux issue. The issue also existed in other OSes.

        The following link shows how the command is now configured in Linux/PC-BSD/Sun. Of course BSD and Sun pretty much are Unix. So is Mac OSX.

        In order to perform these actions you must now override a block. This means that if you try to use the command to remove these files you have to intentionally tell it to do so.

        In the past, few if anyone really deleted their whole file system by accident. The ones that did do it by accident had to be logged in as root and issue the command wantonly. We all know by now that we should not be logging in as root (so as to protect us from ourselves).

        Alternatively you might issue the command preceded by "sudo", and yes, if you told it to do so then it would proceed.

        As the above links point out the commands are not unique to Linux. They are the same on BSD and Sun and OS X resulting in the same unhappy endings.

        As you can see from the second link they changed the command some time ago so that you had to intentionally override the block. Why it still exists is because you sometimes (albeit however rare) may have a reason to do it.

        To misrepresent the command as a security risk is irresponsible. When you then leave out that the other OSes suffered the same deficiency (where you can do the same thing) makes you doubly irresponsible, as if you are intentionally misleading people.

        Concluding, you can issue the same command or an equivalent in any of the popular OSes: Windows, Unix, OS X, BSD, and Linux. At least the *nix OSes have changed the command to force users to tell it to override the blocks. In Windows you can still easily destroy important files necessary to boot the OS.

        • Richard Carpenter
          June 9, 2012 at 5:01 am

          This is not a issue with modern Windows (Vista and up) and can not be executed without tweaking VS. just running the command in Linux.

          I have tried to do this several different ways (even thru PowerShell) to Windows 7, Windows 8 RP, and Vista, just to see if it could be done... and it can not. It just a Unix issue.

          It may not wipe your file system, but the command ran from a normal user prompt will render it useless, unless the person on the other end is proficent with unix enviroments, ofcourse most people proficent with unix wouldn't run a rm with a wildcard anyhow...

          Also just tried on three machine running last greatest of threee hardened distros... all fell to my basic script mainly using the rm command and made the machines unusable. Took code from several bits and peices of unix malware for priviledge escalation. ect, and the result from where as expected, Unix is extremely vulnerable.

  4. Anestis
    June 5, 2012 at 8:41 am

    As other people have said, more eyes looking at the code means quicker fixes.

    Also, modern flavours of Linux force you to create a standard user account which you use day to day.

    If you need to install software or an application package, you need to provide the root username password (equivalent to admin username/password in Windows).

    This is unlike Windows, where the initial user account you create automatically also has admin access and allow any program to be installed without permission.

    Also, if you have UAC turned off in Windows this makes it easier for viruses and malware to be installed, as you get no warning.

    It's also makes it more difficult for drive-by viruses and malware to be installed.

    So, it's not so much the open source factor, but rather the philosophy and execution of the day-to-day user account between the two that makes it safer.

    Mac OS X has the same philosophy due to it running BSD UNIX as the underlying operating system.

  5. rajaram342
    June 5, 2012 at 8:35 am

    Does anyone hear really know why linux is virus proof???? i wud like to know!

    • Shehan Nirmal
      June 6, 2012 at 2:29 pm

      Linux is open-source. So the developers all over the world, develop and updates the security problems in Linux. And also, It always ask the root password when someone try to run a program that would access the system files and directories.

  6. gpvprasad
    June 5, 2012 at 8:33 am

    It's very simple Linux never fired any one

  7. Jon Smith
    June 4, 2012 at 11:09 pm

    It is easier like everyone said but most computers used by consumers are still PCs so its hackers would go for the heavier user group

  8. Mike
    June 4, 2012 at 10:24 pm

    Let me give you another perspective:
    Open source and closed source operating systems are exactly the same.

    Why, is very simple to explain:
    You have to put effort, time and thinking into either of them to make it safe.

    For example you will see a lot of people (including here in the Answers section) who are still running Windows XP with Service Pack 2.
    Of course their proprietary software is not as safe as downloading the latest release of Ubuntu because THEY failed to put the effort into it installing all the latest updates or better upgrade to a fully patched Windows 7.

    On the other hand a fully updated Windows 7 installation running Windows Defender and the Windows Firewall (both built-in) is probably more secure than a updated Ubuntu installation. The reason has already be stated. Every one can browse through the source code to find exploits. With things like SSH daemon running by default (allowing 'remote root') through the firewall there is the possibility of someone logging/cracking into your system without you even noticing.

  9. Richard Carpenter
    June 4, 2012 at 4:48 pm

    Linux is extremely vulnerable, because, like you said, anyone can look at the code. It is very good at stopping certain attacks, but is really vulnerable to most basic attacks.

    There is a single command (rm) that can delete everything if ran carelessly, or maliciously...

    Linux/Unix servers can be hardened, but it is a drawn out process. A newly installed linux distro is far more vulnerable than a new Windows box, the difference is it is not being really targeted yet.

    Also, the Mac malware that has been seen in the wild could easily be ported to any major distro.

    Security by Obscurity is not a good answer any more.

    • Dalsan
      June 4, 2012 at 7:53 pm

      It may not make it safer, but less active to see the scale of malware that Windows has. It would be like saying a highway is safer with less traffic; in a sense it is as there would be less to deal with, but no since the only safe highway is one that is not used. There is no such thing as a safe operating system or program.

      • Richard Carpenter
        June 4, 2012 at 10:24 pm

        This is true, but Linux is aging. Compared to current Windows, Linux is defenceless... and it will not get much better any time soon.

  10. Dalsan
    June 4, 2012 at 1:29 pm

    Another factor to the security is that it is the lesser used operating system in households and businesses. This was also the reason Apple's computers were hacked into less and had less malware until recently. If it isn't lucrative, then there is less reason to waste the effort and time on it. If Linux ever gets close to the same usage base as Windows or Apple has, then the same amount of problems with malware and hacking would appear. But, as Bruce said, open source has a big advantage over this, too.

  11. Kyem Ghosh
    June 4, 2012 at 9:49 am

    open source applications means thousands of brains on a single destination... One tries to attack, other provides the shield... This is how open source softwares are secure... Windows will have more chance to fall cz in it, there are few minds and there are loads of people to make it fall. Even paid anti virus can sometimes fail to protect whereas the open souce anti virus of the same company can prevail... Recently Mac Os has got got attacked, hackers found some security hole, when Mac claimed that there is no need to install antivirus in it...

  12. Bruce Epper
    June 4, 2012 at 8:24 am

    There are a lot more honest people looking over that source code, finding problems and fixing them. It is one of the biggest advantages over closed source.

    It has long been established that security by obscurity is not security at all. By enabling so many programmers and hackers to be able to review the code for any piece of software, problems (security and otherwise) are found faster and generally fixed faster. It is basically a huge peer-review that is carried on on a daily basis in a similar way that academians, medical researchers and others have their materials checked and rechecked by other people experienced in their area endeavour. The more eyes that delve into the material, the better chanced that problems can be found and corrected.

Ads by Google