I still don't understand security on Linux.

D

Debian_SuperUser

Active Member
Joined
Mar 18, 2024
Messages
137
Reaction score
34
Credits
1,639
It's been I think over an year since I have been fully using GNU/Linux. But even till this date I don't understand the security part of it.

The major reason of me hating Windows is it's performance. And that includes Microsoft Windows Defender or any other Anti-malware software that you would be running. If you disable Defender and not have any other Anti-malware software running, Windows actually becomes much more usable for me.

This doesn't seem fair when I state that GNU/Linux is better in terms of performance, as I do not have any Anti-malware software running. But I wanna know, why?

The main reason I found by searching for it is that GNU/Linux has very little market share and just isn't the target for attackers, and GNU/Linux users are going to be at least somewhat knowledgeable in computers and wise so they are less likely to fall for it. But in my opinion,
a) What about browser related attacks such as cookie stealing? Browsers can be cross platform.
b) Some other cross platform ways or writing the malicious code for cross platform so that it could target GNU/Linux users as well.
c) GNU/Linux is used widely on servers, and so attacks for them could also affect us (that's why critical servers do have Anti-malware service running). For example, backdoor in operating system itself, though that is something very looked out for, but it could happen.
d) Directly targeting a GNU/Linux system, as the GNU/Linux market share rises.

You know what? Keep all of this aside. First somebody explain this to me. Why is the range of sudo so large? Why is it that sudo is required for a program to write something in the root's folder, to install a necessary package system wide, sometimes a necessary to properly launch (those programs are bad), or to read some information such as from hardware, and that at the moment the root access is granted, it has the ability to wipe or encrypt my entire drive? No, I actually don't understand this, and don't know how I haven't been affected and didn't get my drive wiped till now. This makes so no sense that it feels like I am missing something.

So as a conclusion from my understanding, you do need a security software on GNU/Linux, but you are as okay without it as I have been okay all these years with even Defender disabled on my other system running Windows and my parents have been using it, and now recently that I think about it, I am definitely gonna change that and enable Defender, even if it comes to my laptop screaming with it's fan and slowing down, but my parents don't care, but I will have some setting or a dual boot when I need to use it (I just can't use Windows in that state). Basically you aren't full proof on Linux without a security software, are you?
 


I had to stop reading at "market share". While windows dominates the PC market, Linux is an absolute shot caller server side. A moderately reasonable blanket statement to be made for the sake of simplicity is that the VAST majority of the internet you browse every day is hosted by..... linux servers.

Now heres the kicker.... There's very..... very little difference between Server Linux and "Desktop" linux. The only notable difference is that of a Desktop Environment of some sort being present on a "desktop" Linux System that helps you visually navigate the system instead of being stuck to TTY.

I'm quite confident that every government agency known to man uses Linux, and conduct operations from the Linux environment. So they're obligated for their own security to contribute to the Linux Kernel to ensure the risks to their systems is minimal at best.

I'm going to rejoice the day desktop users realize that Linux Desktop is really just a Linux server with a shiny coat of paint.

I'm not going to bother trying to elaborate; as it's already been done. And even if I did, I'm not confident it would make sense with the limited knowledge the OP has on the system.
 
Debian_SuperUser said:
I don't understand the security part
Click to expand...
Linux is inherently more secure than windows[ if it was not, then all experienced users would be ramming different add-ons down your throat]
Do you need a third party fire wall, NO the Linux firewall works well enough
If you're a conspiracy theorist, then you can always use anonsurf or a tor browser, or better still sandbox any apps that have internet access.

But with all these things, NO operating system will ever be 100 % secure if you want to use the internet, and as long as the weakest link is between the seat back and keyboard
 
Keeping your browser, whichever one you use, up to date, along with using common sense while browsing the internet, should be enough to keep you safe from browser vulnerabilities. Keep your OS up to date as well. And if you haven't already, read The Duck's first link (in the third post); I highly recommend that website. AVs are not necessary on a Linux desktop installation.
 
Debian_SuperUser said:
a) What about browser related attacks such as cookie stealing? Browsers can be cross platform.
Click to expand...
Linux is not better in this regard, both Windows and Linux suffer the same way, you as a user need to be careful.
Debian_SuperUser said:
b) Some other cross platform ways or writing the malicious code for cross platform so that it could target GNU/Linux users as well.
Click to expand...
Not true, cross platform malware still works differently on Linux vs Windows, Linux is better here.
Debian_SuperUser said:
c) GNU/Linux is used widely on servers, and so attacks for them could also affect us (that's why critical servers do have Anti-malware service running). For example, backdoor in operating system itself, though that is something very looked out for, but it could happen.
Click to expand...
Only a bad Admin could introduce a malware into Linux, or an unskilled user.
Debian_SuperUser said:
d) Directly targeting a GNU/Linux system, as the GNU/Linux market share rises.
Click to expand...
Market share of Linux may increase but security features of Linux won't change or make Linux worse than Windows.

Debian_SuperUser said:
You know what? Keep all of this aside. First somebody explain this to me. Why is the range of sudo so large? Why is it that sudo is required for a program to write something in the root's folder, to install a necessary package system wide, sometimes a necessary to properly launch (those programs are bad), or to read some information such as from hardware, and that at the moment the root access is granted, it has the ability to wipe or encrypt my entire drive? No, I actually don't understand this, and don't know how I haven't been affected and didn't get my drive wiped till now. This makes so no sense that it feels like I am missing something.
Click to expand...
sudo is another name for "I know what I'm doing, give me full control over OS".
if you're unsure about that don't use sudo.
sudo is like Administrator in Windows or NT SYSTEM account.

Debian_SuperUser said:
So as a conclusion from my understanding, you do need a security software on GNU/Linux
Click to expand...
Linux has plenty of security software, but AV is not one of them as it's not really required, those few Linux based AV's are rather bad, much worse than Windows AV's because very few firms make signatures.

---

Bottom line, Linux security depends on user a lot, security software can't help careless user at all.
 
AlphaObeisance said:
I had to stop reading at "market share". While windows dominates the PC market, Linux is an absolute shot caller server side. A moderately reasonable blanket statement to be made for the sake of simplicity is that the VAST majority of the internet you browse every day is hosted by..... linux servers.

Now heres the kicker.... There's very..... very little difference between Server Linux and "Desktop" linux. The only notable difference is that of a Desktop Environment of some sort being present on a "desktop" Linux System that helps you visually navigate the system instead of being stuck to TTY.

I'm quite confident that every government agency known to man uses Linux, and conduct operations from the Linux environment. So they're obligated for their own security to contribute to the Linux Kernel to ensure the risks to their systems is minimal at best.

I'm going to rejoice the day desktop users realize that Linux Desktop is really just a Linux server with a shiny coat of paint.

I'm not going to bother trying to elaborate; as it's already been done. And even if I did, I'm not confident it would make sense with the limited knowledge the OP has on the system.
Click to expand...

I mostly like this. However, may I point out that a Linux desktop box is not really just a Linux server with a shiny coat of paint. :)

I don't know about your desktop, but in order to make mine into a public web server, I would have to:

1. Install a lot of packages
2. Configure the firewall to accept incoming requests, on the right ports and with the right security measures.

That, my friend, is vastly understated. Someone else can expand on this if they like.
 
Mike-W0BTU said:
I mostly like this. However, may I point out that a Linux desktop box is not really just a Linux server with a shiny coat of paint. :)

I don't know about your desktop, but in order to make mine into a public web server, I would have to:

1. Install a lot of packages
2. Configure the firewall to accept incoming requests, on the right ports and with the right security measures.

That, my friend, is vastly understated. Someone else can expand on this if they like.
Click to expand...

Oh I'm aware, I was speaking generally because I don't feel that elaborating would do any good...

Linux is Linux. Either you install tools and utilities useful for a "desktop" experience, or you install tools, utilities and databases required for it to act as a "server". I'm trying to speak in laymans terms for the sake of simplicity here.

But, i wouldn't know anything of hyervisors and servers n what nots
1742685260143.png

;)
 
Last edited:
AlphaObeisance said:
Oh I'm aware, I was speaking generally because I don't feel that elaborating would do any good...

Linux is Linux. Either you install tools and utilities useful for a "desktop" experience, or you install tools, utilities and databases required for it to act as a "server". I'm trying to speak in laymans terms for the sake of simplicity here.

But, i wouldn't know anything of hyervisors and servers n what nots ;)
Click to expand...

Well then, I'm glad that I didn't go into detail and find that I wasted my time.
 
The biggest source of Security...is YOU
Read this:
The permission-based structure in Linux prevents regular users from performing administrative actions because each app needs authorization by the superuser (root) before it’s executed. This barrier makes it difficult for any virus to sneak into the system and make disasters.

Without being a root, you won’t be able to run/install new programs on Linux. Only the superuser has the privilege to access all files in the system.

Linux does not process executables without explicit permission as this is not a separate and independent process. So you’ll have to chmod +x a file before running it.

On Linux, it is harder for the virus to get system-level access. This is because the root account owns system-related files. Therefore, if infected, viruses can be easily removed as they can only affect the user account where they were installed and do not affect the root account.

In other words, the Linux architecture makes it almost impossible for a virus to do anything. This is one of the main reasons we still don’t need antivirus software on Linux.

Also...a GOOD read

linuxsecurity.com

How Secure Is Linux? Key Features And Threat Protections Explained

Discover why experts consider Linux the most secure OS by design as we delve into its key features and benefits
linuxsecurity.com linuxsecurity.com

------------------------------------------------------

And then, have a read of this:...

easylinuxtipsproject.blogspot.com

Security in Linux Mint and Ubuntu: an Explanation and Some Tips

Easy tips, tweaks and tricks for Linux Mint and Ubuntu, both for beginners and for advanced users. Complete starter's guide with simple how-to's.
easylinuxtipsproject.blogspot.com easylinuxtipsproject.blogspot.com

------------------------------------------------------------------
get your head around the processes used to shield the operating system.

They appear to be trivial....and in many ways they are.... Simplicity done with a touch of Genius
 
It's not hard to understand...

1. Enable the Firewall
2. Keep your system up to date
3. Don't do anything stupid
1742684728568.gif
 
This page is one of the most comprehensive I've found.
If your really worried about security There are many tips here that will help. Some are geared toward servers.
Good luck.
phoenixnap.com

Linux Security Stats, Tools, and Best Practices | phoenixNAP

With more than half of the internet being powered by Linux, security is a great concern. Learn how to protect your Linux system today!
phoenixnap.com
Click to expand...
 
You must log in or register to reply here.

Similar threads

D
linux server for windows coding.
Replies
5
Views
474
CaffeineAddict
CaffeineAddict
dos2unix
Secure boot
Replies
10
Views
3K
dos2unix
dos2unix
Fanboi
My Disgust With Amazon (that there's nothing I can do about)
Replies
15
Views
966
Fanboi
Fanboi
H
Customizability of various distros
2
Replies
37
Views
3K
MikeWalsh
MikeWalsh
f33dm3bits
Linux desktop sucks 2025!!!
2 3
Replies
59
Views
6K
theLegionWithin
T


Staff online

Members online

Total: 403 (members: 11, guests: 392)

Latest posts

Top