I have two semi-related questions about the security-related reasons I hear for
ID: 657053 • Letter: I
Question
I have two semi-related questions about the security-related reasons I hear for switching to Ubuntu over Windows 7 (or from other Windows OSs to other Linux distributions).
1. Someone people say that Ubuntu is less of a target for malware, spyware etc. I've heard arguments that many attacks are written specifically for Windows computers because Windows is a more common OS. If this is the case, doesn't this logic essentially adhere to the 'security through obscurity' mentality that is generally frowned upon?
2. I assume that malware can also be written for Ubuntu, so why do I rarely hear about Ubuntu being more secure? What other security advantages are there to switch to Ubuntu, or another Linux distribution more generally? (I realize that certain distros might have strengths and weaknesses so just specify Ubuntu if the variances are too large.)
Explanation / Answer
Ubuntu (or any Linux distro) is less a target for malware because it's less common - if you had a limited amount of time to spend developing malware, would you make it for an OS that the majority uses or do it for the one a minority uses ?
As for the security by obscurity part, Linux distros don't base their security on top of the fact that they're less popular and thus less likely to be malware targets... sure, that's the case, but it's not because of that fact that developers will use that as an excuse for writing vulnerable software, and the fact that the code is open source means vulnerabilities are usually found and fixed way faster than in proprietary OSes.
However, if the user is stupid and installs/executes anything he finds on the web (cracks/keygens, toolbars, or even credit card generators - I'm serious, every so often I stumble upon a script kiddie's video showing off his VB6 skills with a badly designed GUI and a lame attempt at malware) then no OS nor antivirus will save him, because once you intentionally install something and click through the permission prompts (user account control in Windows, root password request in Linux) then the system considers the user knows what he's doing and obeys the orders, in this case it'll execute the malicious code and the machine is compromised.
If you're only switching to Ubuntu for the so-called "immunity to malware" then stop right now and read again what I just wrote above. While you may get away with most of the malware because it's designed for Windows, one day will come when you'll stumble upon some awesome media player or l33t hack utility with a big "Download for Ubuntu" button on their site... because you're careless and used to the so-called "immunity", you'll execute it and your machine will be compromised. Note that detecting what OS you use to serve the appropriate flavor of the malware is just a matter of comparing User-Agent strings and setting the link based on that.