'WannaCry Makes an Easy Case For Linux'

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.

Depends on the company, doesn't it?

[gfxguy]

My father runs an accounting business. His tax software is only available on Windows, and not as a service.

I work in a media company. Yes, some have Macs, but most of the software is only available for Windows, so most users must use Windows. Now the other departments could possibly use something like Linux, but then it's another system that needs to be supported (given that we still must support Windows, anyway).

I'm sorry Linux fans (of which I am one... the web servers I set up for work are Linux, and I'm typing this on Linux as my desktop right now), but there's a lot of proprietary software that many companies use that is only available on Windows. Most of it has no serious competition on Linux.

Re:This opinion isn't new and is still wrong.

[OrangeTide]

Linux has been around enough and is used widely in high-value enterprise servers that it most certainly is attacked by malware, hackers, etc on a regular basis. Much is known about the security of Linux, and multiple vendors work to improve the security of the Linux Operating System and key applications.

Microsoft, Adobe and others have not been doing that great of a job securing Windows and its key applications. And much of the industry that touts that they enhance security on Windows are also trying to sell you virus scanners that significantly impact system performance.

What you fail to understand are two factors at play here:
1. Linux(FreeBSD and Unix in general) have a very different security model than Windows. Unix is a much simpler model and is less flexible, but it is also applied more consistently as a result.
2. Windows is not the top OS in the world in terms of numbers. Virus writers, if they are going only for high-volume attacks, would also aim their sites at Android or iOS as either of those have more installed systems than Windows. And like I said early, Linux dominates the enterprise environment and would theoretically be more valuable of a target to attack than Windows.

Re: This opinion isn't new and is still wrong.

I keep hearing this argument, but every time Microsoft releases another Windows, I am shocked by the security holes I find open. They just don't care enough. With Linux, more eyes on the source exposes more bugs and the security ones often get fixed before the ink dries on the mainstream media post about it.

Plus, older Linux installs are often maintained for security patches far longer than Windows.

Re: This opinion isn't new and is still wrong.

[Anne+Thwacks]

It is not just an issue of "more eyes". If you ignore Canonical, Gnu/Linux is far more stable internally - I specifically say Gnu, because the issue here is userland culture: The Unix/Linux world has enormous motivation to keep reusing the same code over massively diverse hardware as well as application use cases.

The same code gets more thorough testing in the Unix, with more motivation to fix the problems - because people are able to locate and describe problems better.

I know there are still bugs in Linux - hell, I know there are bugs in OpenBSD - but if I report them, they get fixed - sure it can take a year if the impact is only on me. If I phone Microsoft, all I get is a phone bill and a sore ear.

In the BSD world, some of the code really is over 40 years old, and generations of students have tried to hack it - to improve their game scores or college grades. When they succeed, it is fixed.

In Windows, when a new version is released - it probably comes with more new, improved bugs than bug fixes.

Re:This opinion isn't new and is still wrong.

[ctilsie242]

The thing about ransomware, it doesn't need to fight with SELinux, nor escalate to root, to cause damage. It just needs enough access to read/write the user's files, which most web browsers provide. Even having an Internet connection isn't needed, since ransomware can bundle a public key with it that it can encrypt an individualized ephemeral private key, then use the public key from that ephemeral keypair to encrypt all files.

Ransomware is part of a perfect storm. So many companies don't bother with security. Individuals don't care or don't bother. With the lack of consumer-tier tape drives and optical drives of a decent capacity, backup drives and cloud-synced storage are easy pickings for deletion. Not many end users really care to use a program like Mozy, Carbonite, or CrashPlan.

Re: This opinion isn't new and is still wrong.

[Daniel+Phillips]

So far for 2017, Linux has 128 code execution vulnerabilities whereas Microsoft has 71.

Because each Linux vulnerability is reported for multiple distributions. And because Linux vulnerabilities are found faster and therefore fixed faster. However you want to spin it, Windows is the one getting successfully exploited in multiple ways, so that new Windows vulnerabilities are hardly news any more, whereas its big news any time a hole shows up in Linux, and then very few fall victim to it.... partly because of the early and widespread disclosure, but more because Linux vulnerabilities typically require local access, login shell, etc. Whereas a dodgy flash file is often enough to take out a Windows box.