Why I’m not concerned about the rise in Linux attacks


Jack Wallen explains why he’s not worried that the rise in popularity of the Linux operating system will mean your open source platforms will be vulnerable to attacks.

Linux powers big business–of that there is no debate. With more and more manufacturers selling Linux preinstalled on desktops and laptops, the writing on the wall is clear: Linux popularity is growing faster than most expected. 

For some, that means the rise of attacks on the platform is inevitable. I’m not concerned. I know, that sounds like crazy talk. After all, we’ve seen a number of attacks reported over the past few years. 

But why am I not worried? 

By design the security of Linux is simply superior to most platforms. Consider this: For most traditional malware, the user must execute an application. This is done by running a binary attachment or clicking on a malicious link. 

On the Windows platform, these malicious payloads can be executed without having to first give the malicious code executable permission or admin rights. On Linux, that’s not the case.

SEE: Troubleshooting Linux: An admin’s guide (TechRepublic Premium)

First of all, that binary must have executable permission. Unless you set that permission bit, the file won’t run. Second, in order to negatively affect a Linux system, the binary requires root or sudo privileges. 

When a user attempts to run that package, it’s going to ask for their user or root password. Those are two major hurdles for the malicious code to get around. It’s possible, but not easy. 

The next reason I am not concerned about this is because the Linux kernel is open source. That means vulnerabilities will be quickly discovered, quickly patched, and quickly released. Within hours or days of an issue being found in the wild, the kernel will be patched against it. 

Desktops and servers can then be updated and all is well. We’ve seen that scenario play out countless times over the past five years. Even with zero day vulnerabilities, soon after they are discovered, they’re fixed. Such an efficient and effective scenario isn’t possible with proprietary software. 

Look, I’m not saying that Linux is some bastion of invulnerability. It’s not. What I’m saying is that, even with the gloom and doom news being reported, I’m quite confident in Linux. You should be as well. Just remember, however, to regularly check for and apply updates.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.

Also see

linuxadminhero.jpg

Image: Jack Wallen



Source link