• Plopp@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Linux users keep saying you don’t need antivirus on Linux and that Linux is more secure and safe. This intrigues me, as I’m moving to Linux, but I never hear any technical reasons as to why this would be. All I see is “there are no viruses because it’s a small platform”. That’s not an argument for the security of the platform so I’m curious to know if there are any technical reasons Linux would be more secure. Every now and then I read about some malware for Linux, so they do definitely exist.

      • RedFox@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        9 months ago

        Congratz, you found a really shitty malware.

        I don’t think that’s lockbit quality.

    • scoobford@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      The underlying user/group systems are a little more secure, containerization is common and easy (flatpak, bubblewrap, and firejail), the attack surface is lower, the marketshare is smaller, and repositories are fundamentally superior. Of these, app repositories and the market share are by far the biggest factors.

      Getting malware on Linux isn’t totally unheard of, but it is extremely uncommon. I’ve never had any, nor has anyone I know. This guy isn’t the first person I’ve heard of getting malware on Linux, but he is one of very, very few.

      • raspberriesareyummy@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        one added benefit of Linux: It doesn’t - on a default installation - enable tons of services the user will probably never need. These services on Windows listen on the internet connection for incoming requests (e.g. remote desktop service), or are available locally for other exploits.

        One of the reasons Windows “just works” (well…) is because literally EVERYTHING is preconfigured and activated on startup. That’s also one of the reasons why the system is such a resource hogging piece of work…

        It’s a work of hours to manually go through system services and identify & disable everything you will not need.

    • expr@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      It’s not the case that viruses can’t exist on Linux, it’s just very improbable through normal usage. The key difference is that the overwhelming majority of software installed on Linux is through a package manager, which is a tool that downloads software from a maintained, trusted, and vetted repository of software. So instead of googling “Firefox download”, clicking on (hopefully) the right link (and getting this right gets harder and harder with Google fucking up search results), and downloading the software from the website, you simply execute a command in your terminal like apt install firefox (for Debian-based systems, command can vary by distro you’re using) and it pulls the software from a trusted repository. This alone eliminates the most common attack vectors, since usually Windows users get viruses by downloading random executables off the internet.

      Generally, the way you get viruses on a Linux system are through finding/exploiting vulnerabilities in software which is very hard to pull off generally and are usually resolved fairly quickly once they’re discovered (And of course, Linux is not unique in this respect, any computer can be target of such attacks).

    • psycho_driver@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      Haven’t looked to see if there are other replies yet, but the primary reason, back when I ditched windows completely 20+ years ago, was that the worst that could happen with linux malware or a ‘virus’ would be the user’s home directory becoming compromised. Due to posix permissions they would have no ability to take down your entire system as would happen with windows pretty much all the time if you clicked the wrong button on a pop-up. I still have to use windows for work and from what I see (and from the successful ransomware attacks that have happened due to people opening an email attachment) I can’t imagine that has changed a lot.

      If you set up system backups of user directories then the damage could be mitigated relatively quickly and easily. These days with flatpaks and browsers (well, firefox at least) having built-in and by-default sandboxing then even your home directory is pretty safe.

    • Nollij@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      All I see is “there are no viruses because it’s a small platform”.

      It’s also a total lie. Do you know how many Linux servers there are in the world? It’s a lot. Same for Android devices.

      While these aren’t quite the same, and thus not the same vulnerabilities as desktop Linux, they do provide some insights into the effectiveness of its security model.

    • magikmw@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      There’s little technical reason, at least no security features were ever tested on the scale Windows is every day.

      The real reason is nobody bothers to target Linux desktop users because there’s dozens of us (dozens!) while there’s billions of Windows users. It’s about efficiently spending your money and time while investing into crime.