Pinterest Stumbleupon Whatsapp
Ads by Google

Security is an important topic on everyone’s minds in today’s highly-technological world. With all of the security news that pops up on almost a daily basis, trying to be aware of the choices you make can make a big difference. Linux is often touted as the most secure operating system you can get your hands onto, but is this reputation deserved?

Let’s take a look at different aspects of Linux security.

Security Practices of Distribution Maintainers

For a short period of time in February 2016, some links on Linux Mint’s download page redirected to an altered installation image that contained a backdoor. Since then, Linux Mint’s maintainers have gone under attack for bad security practices both on their own servers as well as in the Linux ecosystem (for example, not releasing their own security advisories). Not all distributions are the same, and that applies to security as well.

While this is an extremely rare occurrence, it does show that attackers are targeting Linux and that such exploits are possible. Keeping track of the latest security news is very important, whatever platform you’re using.

Malware

One of the biggest concerns on many people’s minds is malware. This includes things such as viruses, spyware, worms, and so on. All of this malware has one thing in common: it needs to run code in order to work. Thankfully, there is barely any malware in existence for Linux compared to Windows and even Mac OS X. On Wikipedia, a partial list of the most common malware for Linux is only about 54 items long.

However, the fact that the list is longer than zero items proves that Linux isn’t impenetrable. The fact that the list is relatively short is thanks to a few different factors, including:

Ads by Google
  • There are relatively few Linux desktop users, and Linux server administrators usually know how to secure their server.
  • Windows viruses cannot run on Linux (unless they have the help of WINE).
  • There’s a fantastic permissions system in place to minimize damage done by malware.

clamtk_main
Now, although the risk of Linux viruses wreaking havoc is low, there are antivirus clients (such as Clam Antivirus Control Virus Scans From The Command Line With Clam Antivirus [Linux] Control Virus Scans From The Command Line With Clam Antivirus [Linux] There are a few ways in which you can access Clam Antivirus for numerous purposes. First, there's a front end to Clam Antivirus which you can use to perform tasks graphically. It is called Clamtk... Read More ) you can get for Linux. The twist is that these are mainly used to scan for Windows viruses. The idea is that as data passes through your Linux system, it can be scanned for viruses so that it does not infect other Windows users who might be receiving that data at some point. Consider it a public service.

Permissions Save the Day

Wait, what’s this permissions system mentioned earlier? Files are owned by users and groups, and there are three levels of permissions: permissions for the owner user, permissions for the owner group, and permissions for everyone else. The possible options for each level are read, write, and execute permissions or any combination thereof. So for example, the owner user could have full permissions, the group can have read permissions, and everyone else can have no permissions at all.

linux_file_permissions
If malware does ever run, it’ll most likely run with your user’s permissions, so the damage will be localized but it won’t take down your whole system. Why? The system-related files are owned by the “root” user. This is the reason why it’s recommended to use the root account What Is SU & Why Is It Important to Using Linux Effectively? What Is SU & Why Is It Important to Using Linux Effectively? The Linux SU or root user account is a powerful tool that can be helpful when used correctly or devastating if used recklessly. Let's look at why you should be responsible when using SU. Read More (or sudo) as little as possible to avoid the risk of running malware as root. Because if that happens, it’ll definitely wipe out your whole system (if the malware was written to do so).

Firewall

gufw_preferences
Having a firewall is still extremely important, however. Linux is no different than the other operating systems when it comes to networking — without software to control the ports, anything from the outside world can connect to your computer and start causing mayhem. As a desktop user, the quickest and easiest tool to make sure that you have a firewall enabled is Gufw, a graphical tool for the UFW firewall Easily Manage Your Linux Firewall With GUFW Easily Manage Your Linux Firewall With GUFW Over the years, Linux has gained the reputation of being one of the safest operating systems to work on. While it's decently safe from viruses, there's still another threat which affects all computers with networking... Read More . It’s a very simple thing you can do to protect yourself from attacks.

Phishing

muo-security-phishingemails-paypal
Next, phishing. I’m of the opinion that this is actually a bigger threat than malware because it can happen to anyone and is much more difficult to prevent. And there’s still nothing that your choice of operating system can do to protect you from phishing attacks. The only way to truly protect yourself from phishing attacks (besides from being proactive in identifying them How to Spot a Phishing Email How to Spot a Phishing Email Catching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud. Read More ) is to disconnect from the Internet completely. But we know that the Internet is just too good for us to want to do that.

Installing Software

There’s also a related risk — being tricked into installing malware. If you’re new to Linux and look up how to install a certain program, you may be given links to download packages that end up containing modified or entirely different software than what you wanted. Once you install it, you’re pretty much screwed.

Remember to check what you’re looking up and always try to install software from the official repositories whenever possible. And if you’re installing software from a PPA What Is An Ubuntu PPA & Why Would I Want To Use One? [Technology Explained] What Is An Ubuntu PPA & Why Would I Want To Use One? [Technology Explained] Read More , make sure that it’s officially from the developers and trusted.

Not A Magic Pill

So after all that, is Linux actually safer? Yes, and quite objectively so. However, it’s still not bulletproof and cannot protect you from everything. So if security is on the top of your mind, definitely give Linux a shot. Just remember to continue keeping an open mind about security threats as they do still exist.

What all do you do to secure your Linux system? Let us know in the comments!

Image Credits:penguin carrying a rifle by 3Dalia via Shutterstock

  1. fcd76218
    June 1, 2016 at 11:58 pm

    "Installing Software"
    If you're new to Linux, install software only from the OFFICIAL distro repositories. Do not use PPAs, AURs, Snaps and/or community repositories until you are more familiar with Linux and how to avoid/remove Linux malware. Treat any package repository other than the official one as of questionable quality.

  2. Michael Weldon
    May 5, 2016 at 11:46 pm

    Re; malware installing itself with the help of WINE.

    It's a bit of a 'wobbly' statement, this.....for one main reason. WINE is extremely prone to regressions. Yes, I know the developers of WINE do do their very best to improve it from one release to the next; but very often, something that worked flawlessly in one version of WINE will refuse to run properly in the next. I've had it happen to me several times.

    It's a marvellous piece of software, don't get me wrong.....I have Adobe's Photoshop CS2 running under version 1.7.51. You should always bear in mind, though, that it's NOT infallible. Malware MAY be able to run under it; it may NOT.

  3. Daniel Escasa
    March 23, 2016 at 2:34 pm

    <quote>
    Linux is often touted as the most secure operating system you can get your hands onto
    </quote>

    Uh, no, that would be OpenBSD

  4. Noam Preil
    February 25, 2016 at 3:15 am

    You mentioned that Windows malware cannot run on Linux except when it has help from WINE - I disagree. Even run by WINE, the effect should still be minimal (it shouldn't affect your system - backups are still important, as your files are destructible). WINE, after all, can be run by a non-root user. If a non-root user runs malware in WINE, would it not only affect the "container"? If it deletes everything on the C: drive, you're fine - your files are not ON the C: drive, as the C: drive is actually a folder (usually located at ~/.wine/drives/c IIRC). As such, while any programs installed into the C: drive in WINE would be wiped, the system would be otherwise unaffected.

    Counter-argument I just realized while typing this - the C: drive in WINE contains symbolic links to your home folder.

    Additionally, someone could theoretically create malware targeting Linux through WINE.

  5. Darr
    February 23, 2016 at 9:33 pm

    On top of what your article suggests, I also use a VPN and encrypt my DNS with opendns. DD-WRT runs my both of my routers.

Leave a Reply

Your email address will not be published. Required fields are marked *