Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Is Not As Safe As You Think (betanews.com)

Posted by BeauHD on from the welcome-to-the-club dept.

BrianFagioli writes via BetaNews: Would you be surprised if I told you that threat methods for Linux increased an astonishing 300 percent in 2016, while Microsoft's operating systems saw a decrease? Well, according to a new report, that is true. Does this mean Linux is unsafe? No way, Jose! There are some important takeaways here. Microsoft's Windows operating systems are still the most targeted platforms despite the year over year decline -- far beyond Linux. Also, just because there is an increase in malware attack methods doesn't necessarily mean that more systems will be infected. Let us not forget that it is easier to find a vulnerability with open source too; Microsoft largely uses closed source code. "At the end of November, criminals with other variants of the same Linux malware unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were taken down. In October, the Mirai code appeared freely available on the Internet. Since then, the AV-TEST systems have been investigating an increasing number of samples with spikes at the end of October, November and beginning of December," says AV Test of the Mirai malware. "Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years now and can be easily modified for attacks against IoT devices. The detection systems of AV-TEST first detected the Tsunami malicious code in the year 2003. Although, at that time, practically no IoT devices existed, the Linux backdoor already offered attack functions which even today would be suitable for virtually unprotected attacks on routers: In this manner, Tsunami can download additional malicious code onto infected devices and thus make devices remote controllable for criminals. But the old malware can also be used for DDoS attacks. The Darlloz worm, known since 2013, as well as many other Linux and Unix malware programs, have similar attack patterns which AV-TEST has been detecting and analyzing for years."

12 of 237 comments (clear)

  1. Percentage change by DavidJSimpson · · Score: 5, Insightful

    Baby Timmy grew 300% but Uncle Bob shrunk 5%. Who is bigger?

  2. Fuchs ache! by Epsillon · · Score: 5, Insightful

    This isn't a "Linux problem," it's a "proprietary vendors using Linux and not passing on patches in a timely manner because money problem."
    Linux is exactly as safe as I think it is, though. That's why I'm careful to lock it down just as I would any other system.

    --
    Resistance is futile. Reactance buggers it up.
  3. Not a level comparison by Anonymous Coward · · Score: 5, Insightful

    The DSL router issue was /that/ distro, not linux as a whole. That's like lumping Adobe Flash issues in with WinXP issues.

    1. Re:Not a level comparison by MightyMartian · · Score: 3, Insightful

      How is a distro's update problems Linux's problem. Linux is an operating system. If you bought a router or downloaded a router distro that can't do updates, well, that's your fault. I learned my lesson a long time ago. I spend a few extra bucks, by a small-form box with a cheap 32 bit or 64 bit CPU, a relatively small drive, usually an SSD, throw a mainline distro like Debian on it, and not only do I have a router, but I have a router that can do some pretty complex things since I have full control of iptables, not to mention being able to run anything else on it I please. I've got it to the point that I can get a router on a box in about an hour or so, from the point that I run the netinstall version of Debian.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
  4. Re:FINALLY!! by Anonymous Coward · · Score: 4, Insightful

    At least I can see the holes in swiss cheese. Unlike the MSFT "processed" cheese-like product.

  5. Thank you IoT by grilled-cheese · · Score: 4, Insightful

    Thank you IoT vendors who don't maintain their devices for creating a breeding ground of consumer-grade security holes. Let us all pray that these widgets aren't internet facing in some way and that the consumer grade routers are sufficient at keeping external attack vectors to a minimum. There isn't much we can do for consumers who like to click on internet candy to infect themselves.

  6. this is like saying by cas2000 · · Score: 5, Insightful

    that a particular brand of car can be stolen easily if you leave them parked on the street with the door open and the keys in the ignition.

    because that's what router and IoT etc manufacturers did with default passwords and backdoors and generally undermining security for the sake of convenience (mostly their own convenience, not their customers')

  7. Bad Assumption by Zero__Kelvin · · Score: 1, Insightful

    They have no idea what I think.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  8. Routers and IOT? by markdavis · · Score: 5, Insightful

    Please compare apples to apples...

    >"At the end of November, criminals with other variants of the same Linux malware unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were "

    How many routers run MS-Windows?

    > "Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years now and can be easily modified for attacks against IoT devices."

    How many IOT devices run MS-Windows?

    Routers and IOT devices are notorious about having crappy firmware with Linuxes that are hacked up and rarely (or sometimes never) updated. Comparing those to desktops and servers is much less a function of the security of Linux and more about the lack of maintenance and updates with the unusual role of the devices.

    Sure, *ALL* operating systems have security risks and vulnerabilities. Anyone that thinks Linux (or any OS) is impervious to malware and safe needs to have their head examined. But the sensationalistic article title isn't really comparing machines of the same class, so it doesn't do the topic much justice.

  9. Flawed study, is flawed. by geekmux · · Score: 4, Insightful

    "...unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were taken down."

    Linux. You keep using that word. I do not think it means what you think it means.

    It's a absolute joke to lump in devices that most people who who actually use Linux would define as one fucking step above the Internet of Shitty Things from a security perspective.

  10. Re:Potential by unixisc · · Score: 4, Insightful

    How? By not using monolithic kernels that support every device in creation, and stripping the kernel down to what is installed on the system -- especially with things like IOT devices. If it isn't installed, it doesn't need patched, it can't break, and it can't be exploited.

    Huh? Linux is a monolithic kernel, and Linus is emphatically opposed to it being anything else. If any IoT vendor wants to use a microkernel based OS, they should look at Minix instead.

    Router makers should use well known router distros of Linux or BSD, such as DD-WRT, OpenWRT or pFsense, instead of spinning their own. And let those organizations remote-manage them in exchange for a deal.

  11. Re:FINALLY!! by MightyMartian · · Score: 5, Insightful

    A router running an OS that probably hasn't been patched in years, thus containing multiple vulnerabilities long ago patched, is hardly the same thing as an OS full of holes. That's like condemning Windows because of unpatched vulnerabilities in Windows XP and Vista.

    Here's a tip. Don't buy shitty routers running years' old firmware, and expect that somehow the magic update faerie is going to make the vulnerabilities go away.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.