Linux Is Not As Safe As You Think

BrianFagioli writes via BetaNews: Would you be surprised if I told you that threat methods for Linux increased an astonishing 300 percent in 2016, while Microsoft's operating systems saw a decrease? Well, according to a new report, that is true. Does this mean Linux is unsafe? No way, Jose! There are some important takeaways here. Microsoft's Windows operating systems are still the most targeted platforms despite the year over year decline -- far beyond Linux. Also, just because there is an increase in malware attack methods doesn't necessarily mean that more systems will be infected. Let us not forget that it is easier to find a vulnerability with open source too; Microsoft largely uses closed source code. "At the end of November, criminals with other variants of the same Linux malware unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were taken down. In October, the Mirai code appeared freely available on the Internet. Since then, the AV-TEST systems have been investigating an increasing number of samples with spikes at the end of October, November and beginning of December," says AV Test of the Mirai malware. "Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years now and can be easily modified for attacks against IoT devices. The detection systems of AV-TEST first detected the Tsunami malicious code in the year 2003. Although, at that time, practically no IoT devices existed, the Linux backdoor already offered attack functions which even today would be suitable for virtually unprotected attacks on routers: In this manner, Tsunami can download additional malicious code onto infected devices and thus make devices remote controllable for criminals. But the old malware can also be used for DDoS attacks. The Darlloz worm, known since 2013, as well as many other Linux and Unix malware programs, have similar attack patterns which AV-TEST has been detecting and analyzing for years."

three times

[MSG]

This is a silly write up. There are three times more malware programs targeting Linux systems. That tells us nothing about the number of Linux vulnerabilities, or the number of vulnerable systems, or the general security of the system.

Re:Fuchs ache!

[MightyMartian]

It's why I roll my own routers with a long term support version of the distro I'm using, and why I run updates on a strict schedule. If you're buying some low-end shitty D-Link router, well you got what you paid for; a Linux box that's virtually never updated, that probably is running old versions of the kernel and other userland tools right out of the box. It's literally like booting a three year old version of unupdated Ubuntu and decrying the vulnerabilities of Linux.

Re: Ponderosa Puff

[dougdonovan]

linux is only as safe as you make it. besides, it beats the hell out of windows.

Yoe mean modular

The term "monolithic kernel" doesn't mean modules are statically linked. It means that the kernel contains the full interface to hardware in kernel space. In a microkernel architecture kernel space is used for less, device drivers, file systems etc. operate in user space.

The Linux kernel is modular and monolithic. The modular nature makes it possible to remove parts that aren't needed, but those parts still run in kernel space.