this post was submitted on 05 Aug 2023
1963 points (97.3% liked)

linuxmemes

21355 readers
1478 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     

    For those who are wondering, yes, Wine is malware compatible so be careful about the EXEs you run!

    https://wiki.winehq.org/FAQ#Is_Wine_malware-compatible.3F

    you are viewing a single comment's thread
    view the rest of the comments
    [–] PutangInaMo@lemmy.world 46 points 1 year ago (2 children)

    You really don't think Linux has viruses? I'm confused by this post. Is it an excuse to shit on wine and windows?

    [–] fidodo@lemmy.world 49 points 1 year ago (5 children)

    They're super rare. I've not gotten one once in decades, whereas I've encountered countless viruses on Windows. Linux is more secure, but also it's just a smaller target. Best way to avoid viruses is to use an OS nobody else wants to use *taps head

    [–] PutangInaMo@lemmy.world 23 points 1 year ago (4 children)

    I think you have a false sense of security with regards to Linux vulnerabilities and exploitations. There are dozen of known exploits throughout the Linux ecosystem that are publicly disclosed frequently.

    What makes you think Linux is more secure than windows? I'm not trying to start an argument here I'm just curious.

    [–] fidodo@lemmy.world 12 points 1 year ago (2 children)

    I find the Linux ecosystem has far better updating mechanisms than Windows and it doesn't have as much backwards compatibility cruft as Windows. That and the open source nature I think is better at having exploits uncovered. I'm not saying Linux is perfectly secure, but that it's more secure than Windows. But I think the biggest reason it's less likely to get viruses is just that it's a smaller target and that hackers aren't spending as much time trying to attack it, plus the users are more tech savvy meaning any attacks will be less lucrative.

    [–] Freesoftwareenjoyer@lemmy.world 2 points 1 year ago (1 children)

    it’s a smaller target and that hackers aren’t spending as much time trying to attack it

    It's the most popular server system, so I'm not so sure about that.

    [–] fidodo@lemmy.world 4 points 1 year ago (1 children)

    The target user base is much smaller. Most viruses are spread through user error and server administrators are far more competent than a typical OS user. Also, typical server exploits lead to exposing credentials rather than spreading viruses.

    Software is usually installed from repositories and not random websites, so there is less room for user error in general. Even if you download an executable file, you will most likely have to give it permissions to run first. So I think it's more immune to viruses not because of its users, but because of the way it's designed.

    [–] PutangInaMo@lemmy.world -1 points 1 year ago

    Open source can be a double edged sword for that but I dig it.

    I think dependencies in Linux packages does cause a lot of issues but that's mostly on air gaped networks, and even still manageable.

    Sizing the target depends on what threat actors are involved though so those broad stroke statements don't hold up well in reality, from my Experience.

    [–] taladar@sh.itjust.works 9 points 1 year ago (3 children)

    Not sure what their answer is but not delaying security fixes until some fixed monthly date would be my answer.

    [–] AspieEgg@lemmy.blahaj.zone 4 points 1 year ago

    To be fair, critical security patches for Windows are often delivered out of band (not on patch Tuesday). And malware definitions for Defender are daily.

    Not trying to defend Microsoft entirely, but not everything is delayed until their monthly update schedule.

    [–] andrew@lemmy.stuart.fun 4 points 1 year ago

    And a single place to download and install all those security fixes with one command.

    [–] PutangInaMo@lemmy.world 2 points 1 year ago

    To be fair if it's scored high enough there are usually workarounds posted and supported to hold you over for patch Tuesday.

    I've done patch management on both platforms and find the predictability easier to manage. But that's not home use so grain of salt stuff.

    [–] ipkpjersi@lemmy.ml 3 points 1 year ago (1 children)

    There's a difference between exploits and malicious software (even though malicious software often makes use of exploits, it is different). I am willing to bet there is way way more malicious software written for Windows than Linux, simply because there's way more Windows users than Linux users and there's way more Windows software than Linux software.

    [–] PutangInaMo@lemmy.world 1 points 1 year ago

    Yeah that's true. But I say false sense of security because that's what happened to Apple back in the day and they got caught with their pants down lol

    GNU/Linux is Libre Software, so that already makes it more secure, because anyone can actually verify what it does and modify it if needed. This means that users are really in control of what the operating system does. It's difficult to verify what Windows does, but we know that it contains spyware, which isn't easy to remove.

    Installing software from a repository is also safer than downloading it from random websites.

    When some library like OpenSSL has a vulnerability, you will get a new version with system updates and all programs will start using that patched version. On Windows usually each program has to have its own update mechanism or it will be stuck with old libraries.

    [–] Malfeasant@lemmy.world 20 points 1 year ago (2 children)

    To be fair, I haven't gotten a windows virus in at least 25 years either...

    [–] madcaesar@lemmy.world 10 points 1 year ago (1 children)

    Getting a virus takes real effort. I feel like the whole virus debate is just 2000s hangover, and people never update their shit talking points.

    What is actually a threat are scams. Seniors being called, lied to and forced to compromise themselves. Those are the real viruses of 2023. And obviously 99% of seniors are on Windows.

    [–] nogrub@lemmy.world 1 points 1 year ago

    yeah when you use your brain you don't get viruses it better than any anti virus software

    [–] chickenf622@sh.itjust.works 8 points 1 year ago (2 children)

    You had the perfect opportunity to mention you use arch and wasted it!

    [–] grue@lemmy.ml 1 points 1 year ago

    I use Kubuntu, BTW.

    [–] Tekchip@lemmy.world 5 points 1 year ago (1 children)

    Getting tired of this smaller target narrative. On desktop, maybe. We don't know for sure since most Linux doesn't carry telemetry and one ISO download doesn't mean one install.

    Also, Linux runs some insanely high percentage of the Internet (server, VM, container), IOT and mobile. For every individual who might own a hand full of computers there are 10's, or perhaps hundreds, of Linux servers out there doing tasks for them. Virus and malware don't only target desktops. There's literally no larger target.

    [–] PlutoParty@programming.dev 5 points 1 year ago (1 children)

    I think when people say it is a smaller target for virii, they are talking about an actual virus such as ransomware, crypto miner, adware, trojans, etc. I have zero doubt these types of virii are more targeted on Windows platforms. Linux servers on the other hand are indeed going to be the largest target for exploits. The primary mechanism by which a Linux server is compromised is going to be via an exploit, not an actual virus. That's not to say they don't exist. I administer hundreds of Linux servers in several data centers. I don't believe I've ever come across an actual virus in the last decade or so, but do deal with exploit and brute force attempts nonstop. Perhaps this is a matter of semantics. I don't consider the tools and methods used to exploit systems as a virus.

    [–] fidodo@lemmy.world 5 points 1 year ago

    Exactly. Server exploits tend to lead to leaked credentials, not viruses.

    [–] megatron36@lemmy.world 2 points 1 year ago

    By God you're right! Installs BeOS haiku

    [–] rhythmicotter@midwest.social 6 points 1 year ago (2 children)

    There are very few Linux viruses. With its low market share, it's not a juicy target, or at least not desktop users.

    [–] steakmeout@aussie.zone 12 points 1 year ago (1 children)

    Yeah that kinda thinking is really not useful. Linux is a very very juicy target these days due to your thinking. Desktop Linux installations are riddled with poor security settings and many server features enabled by default. IOT devices and self spun servers are regularly deployed unsecured as well.

    https://linuxsecurity.com/features/must-read-articles/linux-malware-the-truth-about-this-growing-threat-updated

    [–] Stelus42@lemmy.ca 1 points 1 year ago

    Yeah, even if it IS true that it's not juicy right now, doesn't that mentality run directly contradictory to the desire for linux to become more popular? We're trying to increase market share, so the "not a juicy target" idea is a very wreckless way of thinking.

    [–] AspieEgg@lemmy.blahaj.zone 6 points 1 year ago

    I disagree. Linux is run on a large number of servers. It may be a less tempting target for Trojan style malware, but exploits and vulnerabilities for Linux are very valuable since you can gain access to large amounts of valuable data.