this post was submitted on 13 Sep 2023
181 points (73.1% liked)

Linux

48129 readers
480 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I'm just tired. On the last post about having Linux at our work, many people that seems to be an IT worker said there have been several issues with Linux that was not easy to manipulate or control like they do with Windows, but I think they just are lazy to find out ways to provide this support. Because Google forces all their workers to use Linux, and they have pretty much control on their OS as any other Windows system.

Linux is a valid system that can be used for work, just as many other companies do.

So my point is, the excuse of "Linux is not ready for workplaces" could be just a lack of knowledge of the IT team and/or a lack of intention to provide to developers the right tools to work.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -3 points 1 year ago* (last edited 1 year ago) (1 children)

I don't understand. You made the claim Linux viruses exist. Why is it now my job to disprove their existence?

It's like with God, Vishnu, Thor, ... You claim existence, you show me.

If there are that many experts around. Why can't they do more than link a Wikipedia article that doesn't (yet) contain the information I've specifically asked for? Shouldn't they know at least something themselves? At least know 1 name from the worst offender? Why does the other half of experts not know the distinction between virus and other forms of malware? And that it makes a difference here?

I see that people disagree with me. But I seriously doubt that there is a single expert around.

I swear I'm not trolling. If you're an expert, just give me the name. I'll even try to look it up myself and if it's a virus and spread across a few hundred computers around the world and maybe more than 2 or 3 companies and I can find maybe a newspaper article that says it did some harm, I promise I'll accept that and change my opinion. At least tell me you've learned in uni that Linux viruses definitely exist in the wild, but no studies have been done because of X or Y. And we have no numbers. I would think that's very curious because there are so many linux servers out there, but I'd at least have something to work with. (And don't take things out of context.)

[–] [email protected] 5 points 1 year ago (1 children)

The original post made the claim, I merely stated fact that Linux can be vulnerable to viruses like any other OS.

Want a straight forward answer?

https://www.linux.com/training-tutorials/myth-busting-linux-immune-viruses/

A virus is a specific type of malware but for the general public is broadly synonymous with malware. Ask the average user, and the commenter in the OP screenshot, what the difference is without looking it up and they can’t tell you.

A virus doesn’t need to be spread broadly for it to be concerning, impactful or dangerous. Often these attacks are very carefully targeted at the victims.

A vulnerability is generally exploited by a virus to inject code by either modifying memory or files the target program relies on. One such vulnerability was

https://arstechnica.com/information-technology/2022/03/linux-has-been-bitten-by-its-most-high-severity-vulnerability-in-years/

With this vulnerability it was possible to modify any file on a Linux device, meaning viruses would be simple to implement and deploy. Many android devices are still vulnerable.

To think that all possible vulnerabilities have been fixed, or are known to linux developers, would be extremely naive.

Furthermore a virus is often targeting a specific application and while OS level controls restrict the avenues of attack it doesn’t prevent flaws being introduced by developers.

You’ve already been given a list of viruses for Linux, if you’re genuinely so concerned with defining them by impact you can look them up. You have the information needed to do this yourself, and it is not my responsibility to educate you, though I do seek to counter misinformation where possible.

[–] [email protected] -2 points 1 year ago* (last edited 1 year ago) (1 children)

Well, the first article pretty much says what I'm saying. In theory there can be viruses. In the real world they have pretty much no effect. They are more a curiosity than something that really exists and has had consequences. It even says you're installing antivirus because of the windows clients, not because there were linux viruses.

The second article also is about a security vulnerability and talking about potential consequences. Not a virus that uses this as means to infect people. Not actual consequences.

We're going in circles. I'm sorry.

And a virus and a vulnerability in some software (or kernel) that can you get hacked are two entirely different things:

  • They affect different parts of your infrastructure. It is unlikely that someone executes random binaries on your webserver. It is very likely that someone wants to listen to Spotify while editing 150 excel spreadsheeds. So it's likely your employers execute stuff on their workstations. Also you wouldn't install a browser in an AWS cloud instance to look at lewd websites. You're going to use Chrome on your workstation. Viruses affect other and distinct parts of your infrastructure.
  • You protect for them by different means. Antivirus helps with viruses. For targeted attacks on your webserver, you have firewalls, filter requests, keep your software updated. And don't do silly stuff. I'll admit rootkit detection is kind of similar to antivirus. There is some overlap, for example you should also keep Chrome updated on your employers workstation. But updates won't help you against a virus editing a file on the network share to replicate. You do vastly different things to protect against the different security threats that your company faces.
  • All the threats have different consequences. Some things just try to wreack havock in your company. Some things you'll barely notice but hackers are stealing information. Some things try to extort you. Either by blackmailing you to pay to get your data back, or so it doesn't get leaked. The next few workdays after that happened will be very different, depending on which of those possibilities happened.

So while talking about cybersecurity. Why would I lump all that together and strip the words of their meaning? And in this case on top: One thing is something that actually happened. The other things are just words about something hypethetical. I'm aware you have to protect against potential threats. Nonetheless both things are something different.

Regarding your advice: Yes. I've looked it up. I found no viruses that had any significant real-world impact. Hence me insisting on it. I said in my first comment I want to see impact. Not an academic study. Because context matters. We're talking about someone advertising Linux to an undetermined group of people. These people are concerned with implications for them. If they need to worry. Not if in theory anything can happen. That doesn't help you choose between two options. And we're talking about 'simple truths'. They're kinda always false. But people want to hear them. They want it condensed into one sentence. Because they own a company that manufactures car tires and they don't want to get a 20 minute lecture about computer attack vectors. They want to hear if they need to worry about their Linux server. Is it safe or not, do I need to pay someone to install Sophos? And be done with it.

You're twisting my words so they lose meaning. And change the context. And then posting articles about something related but not the thing.

[–] [email protected] 3 points 1 year ago (1 children)

I found no viruses that had any significant real-world impact.

So you found viruses, which debunks the claim in the OP, yet you remain skeptical they exist.

We're done here.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

Please read my first few comments. I've talked about it and that's not what I said. I have found no viruses conforming to what I've clarified in my very first comment. I've also explained why it's important to differentiate. I have found things alike. But never the thing. If you twist my words enough and change the context, it would almost seem like I'm contradicting myself, yes. But you're the one twisting things around until you're right.

And why are you just now talking about that? Nearly every single comment of me starts right with a sentence that clarifies what I mean?

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

I have found no viruses conforming to what I’ve clarified in my very first comment

Frankly I don't care about whatever "metrics" you have made up to justify your ignorance.

Actually I have a better idea, please contact Linus Torvalds on Mastodon with your opinion that there aren't any viruses on Linux.

I will happily eat some popcorn while reading your eviceration.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago)

For the record: I'm not the one changing the meaning of the word. I use it like in the definition. You're the one extending the meaning arbitrarily.

I think I'll just wait and see if some expert comes along and gives me my single example. If that doesn't happen I'm going to stick to my opinion: They exist in theory, but not in practice. And vulnerabilities and rootkits exist, but a vulnerability isn't automatically called a virus because those are different things.

https://www.debian.org/doc/manuals/securing-debian-manual/ch08s08.en.html

To end with some more friendly words: I'm pretty sure some people are confusing the words 'malware' and 'virus'. Malware is the umbrella term. I've already admitted there is malware. For example the Mirai worm i think had affected hundreds of thousands of IoT devices (speaking of fire and forget embedded linux). And I've seen wordpress plugins with vulnerabilities and actual rootkits on webservers myself, as I told earlier. But I've also said in this context the distinction matters.