Now that I've been back in the Linux fold for a few weeks, I'm coming to recognize a sense of comfort—comfort that the operating system is fast, stable, and surprisingly user friendly, but also that it is very secure. In fact, desktop Linux distributions are among the most secure operating systems out there, and many users don't feel the need for antivirus or anti-malware software, and with several good reasons:
Small market share—The largest target for malware is, not surprisingly, the largest desktop operating system by market share. Windows attracts the lion's share of malware attacks, but what's engineered to infect Windows machines will not necessarily have any effect on an identical piece of hardware running Linux. Thinking like a malware writer for a moment, it's easy to see that if one wishes to do the most damage, Windows would be the target of choice. And not only is the desktop Linux market share infinitesimally smaller than that of Windows, it is also far more fragmented. Not every desktop Linux user runs the same distribution, and what might potentially affect one distribution might not affect another, so many malware authors will simply not see it as worthwhile. But small market share does not necessarily make an operating system inherently more secure.
Safer protocols—Desktop Linux distributions are also safer because of their operating protocols. First and foremost is that most desktop Linux users do not routinely stay signed into a root (administrator) account by default. If they need to perform an operation that requires root access, they sign in and then sign back out. Windows and Mac OS, by comparison leave users permanently signed into administrator accounts by default. Although they can—and should—create an additional non-administrator account for daily use, most Windows and Mac OS users do not bother to do this because it is less convenient. What users do not realize is that by doing this, they leave their computers more open malware attacks, designed to exploit administrator/root privileges.
Another de facto safety measure is how desktop Linux users acquire their software. Because most Linux software is free, most end users never look beyond the software repositories provided by their Linux distribution. Since all the software there has been vetted by those who maintain it, one can generally rely on it to be safe. By comparison, many Windows and Mac OS users will download software from less legitimate sources in search of a deal. This increases the chance of ending up with an infected copy.
Linux is bigger than you think—While the desktop Linux market share is very tiny, and divided up between a number of different distributions, Linux itself is surprisingly pervasive. From large server farms to smart phones and appliances we may not even consider to be computers, Linux is everywhere in various forms. As a result, malware actors may be more likely to target large Web servers running on Linux than they would individual users. It also means operators of large server complexes, whether they are fueling eCommerce, hosting Websites or email, or supplying desktop Linux users with software, are going to necessarily exercise greater caution.
Where individual users are more likely to run into malware attacks is on devices they don't even know are running Linux, including Android phones and tablets, smart TVs and set-top boxes. Unfortunately, there is little that end users can do to protect against such attacks, other than to make sure such devices are kept updated.
Also potentially a growing target is Chromebooks, which run a highly customized version of Debian Linux, and can run both Android and Linux apps, in addition to its own native version of the Chrome browser. This may become an increasingly attractive target for malware actors, given that the Chrome OS market share surpassed Mac OS during the COVID pandemic.
Is antivirus/anti-malware software necessary on Linux?—This is a simple question with a complex 'yes and no' answer. If you're running a Linux-based server farm, then the answer would be a definitive yes. Those servers need to be protected. Meanwhile, individual users are reasonably safe—not completely immune, but reasonably safe—from malware attacks. That said, a little caution never hurts to exercise a little caution. There are free antivirus packages, like ClamAV, that can help with this effort, but just as importantly, users should keep their software updated to minimize vulnerabilities, and make sure only install software from trusted sources.
It's a dangerous world out there for Internet-connected computers, but as operating systems go, most desktop Linux distributions—I'm using Linux Mint on two laptops—are about as safe as it gets, which is yet another reason to consider upgrading from Windows.
No comments:
Post a Comment