Some might think it’s just dumb luck that on Linux there are no viruses. Most Linux users don’t even bother to run a virusscanner or spyware removal software. Why is it so much harder for virus writers to target a Linux box? What makes the Linux desktop environment a safer choice? I have summed up six security reasons that makes me never want to switch back to Windows ever again.
1. Smaller audience
Let’s start off with an easy one. There are less people using Linux and the people that do tend to be more tech savy. Therefor it is less profitable to write malware for Linux, hence there are less attempts. It had to be said and it is probably true, however it is by far the sole reason. For example; Mac OSX (being a UNIX type operating system also) has gained enormously in popularity but not in malware. Coincidence? Read on!
2. Software Repositories
The process of installing software on a Linux box is somewhat different then most people are used to. For example; on Windows one would go to the software manufacturers website and download a binary to install. Instead most Linux distributions maintain so called Software Repositories. Almost all software (browsers, wordprocessors, ftp-clients, mail-clients, et cetera) can be installed by simply selecting it within a package manager. The applications in the repositories are specifically built and tested for your system, which ensures that they are legitimate and contain no malware. The repositories are filled with tons of software which you might need, only in rare occasions would you have to resort to other installation methods like a manual binary install or compiling from source. Getting your software from a secured and verified place, makes it less likely that you accidentally install malware on your computer.
3. System-wide security patches
Another big advantage of Software Repositories is that it also allows for system-wide security updates. It is your Linux distribution that decides which version of a particular program you can install. This sounds like a disadvantage at first, but the benefits definitely outweigh the drawbacks. For example; if a patch is needed for a specific piece of software (from kernel to browser) you would almost instantly be given the possibility to update. This way you can easily keep your system up-to-date without having to constantly keep track of new software versions and flaws. In a sense you outsource the entire software security issue to your Linux distribution, making even inexperienced users as safe as can be.
4. User privileges
By default you are an underpriviledged user on your own system. You can make/edit documents and run most application on your system. But as soon as you want to reconfigure the system or install/update software you’d first have to prove (usually by means of entering a password) that you are authorized to do so. It’s a very effective way of preventing a single software flaw in becoming a systemwide security breach.
5. Execute permissions
Generally speaking, files can be documents or applications. A document (picture, video, text) is something you can make by using an application. In Unix environments files are treated as documents by default. Meaning, you can’t run them. Suppose you accidently download some piece of malware thinking it is the latest Britney Spears hitsingle. Even tripple clicking it won’t make it run. In order to make the file behave like an application you’d first have to manually set execute permissions on it. And because nearly all malware is first activated by the user himself, this simple precaution makes it that much harder for malware coders to deploy their malicious software.
6. Open Source
The security through obscurity principle is flawed, I think most security experts would agree. Proprietary software isn’t inherently less exploitable then Open Source sofware simply because the code can’t be looked into – I would even argue the exact opposite. When Open Source software get’s popular, the source code is inspected and tested by a global community of developers. Granted some with bad intensions, but also those trying to learn from it and better it. As a result the software tends to consist of clean and well maintained code, which is thouroughly security scrutinized and debugged freely by third party enthousiasts. Collaboration leads to better software!
Is Linux infallible?
Nope, not even close. But conceptually better protected then some.
Which distribution is right for me?
There is not one “Linux”. Literally hundreds of different flavors exist, picking the right one is something you’d have to find out for yourself. If you’re interested in trying out something easygoing, I’d personally recommend Ubuntu or Linux Mint. For servers, Debian all the way!