Thursday, October 11, 2012

Top 5 security Myths about Linux; and their realities

http://www.unixmen.com/top-5-security-myths-about-linux-and-their-realities


Linux, unfortunately has been long surrounded by myths. Despite the speedy adoption of Linux as mainstream operating systems for enterprises particularly, the common misconceptions about Linux seem to continue. The post enlists five traditional myths about Linux Security and attempts to debunk each; discussing real facts.
There exist mainly two schools of thoughts regarding security of Linux. One group that assumes ‘ Linux is Virus Proof’ and the other, advocating a completely contrary thought i.e. ‘Linux is more insecure (when compared to contenders), as it makes source code available to everyone’. Let’s investigate in detail.
Myth 1: Linux is insecure, as it makes source code available to everyone.
Reality: While this is true that Linux makes Source code available to everyone to view and inspect; it is this open source nature that makes Linux superior to any proprietary OS in terms of security. As the source code is available to anyone, thousands of develops around the world scrutinize the source code for security pitfalls. Imagine, even at this very moment number of people are reading and making the code better. It is far more easier to spot and fix security issues on Linux than on any closed-source platform.  Additionally, if any security vulnerability is found on closed source platform, it cannot be readily altered to make the software secure. On the contrary, in case of open source software, if any security hole is discovered patches are created as quickly as possible (usually within hours) therefore the security flaw doesn’t last for long enough to be exploited.
When asked about the lack of viruses known for Linux platform, the proprietary camp claims that Linux is not very popular to have viruses. This comprises another common Myth. Interestingly, it’s not only the proprietary camp to believe that Linux lacks virus because of its minimal market share, alot of literature on the internet and in books we find this misconception.
Myth 2: Linux lacks virus because it is not very popular.
Many say that the purpose of virus writers is to bring massive destruction. As Linux does not run on as many computers as MS’s Windows does, virus writers only target Windows to damage more and more stations. While this might not be completely wrong, it’s not completely true too.
Reality: Linux might not run on many desktop computers, BUT it runs on most computers in very important places. All super computers run Linux. Many notable governments have approved policies moving governmental computers to Linux. Additionally there was a huge enterprise shift from Proprietary OS to Linux in last 2000s recession. That means Linux, too is a very charming opportunity for hackers; rather hackers would more likely to write virus for Linux than for Windows if they want to bring even more destruction (especially destruction in terms of quality then quantity!). Therefore, the myth can easily be ruled out. Another reason that the proprietary camp gives for lesser known viruses for Linux is that Linux is an advanced OS and can only be used by professions who know how to protect their systems.
Myth3: Linux is for experts who know how to protect their system and therefore Linux does not get viruses and it generally thought as secure
It is also a common misconception that because Linux is for experts, they know well how to deal with viruses. On the other hand, Windows, as being a simpler system is usually used by even non-technical people who are naive enough to get virus and destroy the whole system.
Reality: The concept ‘ Linux is for experts’ is itself a myth and quiet out dated now. Linux is now one of the friendliest OS out there that can be used by novice and experts both. There are Linux based computers dedicated for elderly (heard of the Wow computer?). So to say that Linux is for experts is not true. Linux is for everyone. Consequently to say, the Linux doesn’t get virus because of its technically strong to defend OS is wrong.
What makes Linux secure is neither its lack of popularity nor its technically strong user base. It is the strong architecture of Linux which makes it secure. On Linux systems users do not have “root” privileges; instead they possess lower-level accounts. As a result even if a Linux system is somehow compromised, the virus shall not have root access to bring about any major damage to the system. Windows supports exe files, a format in which virus are transmitted. Linux, on the other hand does not support .exe files. Linux uses configuration files in place of registry files hence closing this door for virus. For the Linux servers now, Linux servers employ several level of security. Linux servers are updated more often. To conclude, it’s the Linux architecture that is different from that of contending proprietary OS which makes it secure. That is to say if Linux is adopted in main stream desktop computing, I am sure that Linux will prove to be more strong and less incline to get virus than contending OS.
Does that mean Linux is virus free? This comprises of our third Myth.
Myth 4: Linux is virus free
Reality: while Linux is very secure and superior to its proprietary counterparts, it’s not virus free. There are a number of viruses known for Linux. I have compiled popular known viruses in this post. It may be noted that all most all the viruses known for Linux are non-destructive in nature (but not non-existent)
Myth 5: On Linux system you don’t need an Anti virus.
Reality: Yes indeed it’s very much true that when you are running Linux OS you are secure. Never the less one must realize that no OS is 100% secure. While this might not be very important for desktop/home users; enterprise sector which use Linux, may require anti-virus. Occasional scanning, backing up data and checking your system for malicious software does not bring harm to anyone. This does not mean you need to spend substantial amount of cash on expensive anti- virus softwares. Any free or open source and free antivirus would do justice to your security!

No comments:

Post a Comment