Linux Security?

[zl55lz]

I have read a lot of stuff about how secure Linux is and needs no antivirus/antimalware.

Why is that so, given that when someone is using Linux, they could still be using various browsers, visiting unsafe sites on the internet, getting emails with attachments, downloading apps, etc.?

Am I missing something?

 

[jim584672]

I have read a lot of stuff about how secure Linux is and needs no antivirus/antimalware.

Why is that so, given that when someone is using Linux, they could still be using various browsers, visiting unsafe sites on the internet, getting emails with attachments, downloading apps, etc.?

Am I missing something?

I've used it for years with no anti-virus. Almost all virus and malware targets Windows, which is a much larger target area compared to the few percent that use Linux. A Linux executable has permissions requirements, and Linux apps generally come from a trusted repo source for the distro.

 

[ERD50]

I've used it for years with no anti-virus. Almost all virus and malware targets Windows, which is a much larger target area compared to the few percent that use Linux. A Linux executable has permissions requirements, and Linux apps generally come from a trusted repo source for the distro.

+1 Using Linux as my main daily driver since 2010.

I have read a lot of stuff about how secure Linux is and needs no antivirus/antimalware.

Why is that so, given that when someone is using Linux, they could still be using various browsers, visiting unsafe sites on the internet, getting emails with attachments, downloading apps, etc.?

Am I missing something?

Yes - don't do that, regardless of the OS. These are tactics that are independent of the OS, they will get you in trouble regardless (though Linux permissions *might* provide a bit of extra security against some malware).

It's kind of like saying "I drive a car with all the best modern safety features, multiple air-bags, etc. Why can't I just run red lights at 70 mph?".

Don't do that.

-ERD50

 

[jollystomper]

One of the advantages of Linux is that no one "owns" it, so there are many different distributions available to you. Some of them emphasize security, so if you really want to go full paranoid you can get one of the more secure distributions.

Another advantage is that you can have multiple people signed on in a Linux environment. There is one "master" user, root. The recommendation is to never sign on and use thins like web browsing as root, but instead to this as a non-user. That puts you in a much more secure "box" than, say, a non-admin Windows user. With things like user ID permissions *and* executable permissions that is a strong base level to start with.

Of course, as others have mentioned, do not expect to do stupid things mentioned above and expect to be totally protected.

 

[Golden Mean]

The basic fact is that Linux/Unix comes with a sane user/system permission system. As a user you can only ever wipe out/modify your own files. The core OS files cannot be modified by a user or a user's processes.

Microsoft's toy OS didn't even have that concept until XP?(or NT which regular peeps didn't really use). So Microsoft's OSes need extra products to protect them from themselves.

Also, you have/had horrible things like their Explorer browser which would automatically run any executable that was saved in a certain directory. They had/have horrible 'integrated' products like Outlook mail that used the highly unsecure/flawed html parser from Explorer. So you'd get an html email, Outlook would autoparse it, a simple exploit would allow an executable to be written to disk and the OS would run it automatically on startup.

That's just the tip of the iceburg. Unix/Linux was written to be useful to the operator. Windows was written to sell Windows and Microsoft products.

 

[target2019]

The browsers run on top of the OS, which provides the first line of security defense. Each browser has additional security, which must work with and through the OS.

Windows is becoming more secure with each version. Linux was designed with security in mind from the beginning.