Malware is Winning

The struggle between malware and the PC dwarfs the struggle between Free and non-free software. Various estimates based on recent studies put the percentage of infected machines in the 31-50% range depending on whom you ask and this is in spite of widely used anti-malware software. The defence is totally inadequate.

On the other hand, using FLOSS is an excellent defence against malware since almost all malware is aimed at that other OS. Even if that were not the case the relative simplicity, openness and modularity of GNU/Linux gives fewer vulnerabilities and better systems for fixing them.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

21 Responses to Malware is Winning

  1. reactosguy says:

    Operating system security settings are not set in stone. You can easily modify your GNU/Linux distribution to run root. You can also configure Windows to have up-to-date anti-malware software while avoiding banner ads and running on Limited privileges. There isn’t a “one security setting” for every operating system. You have to maintain it.

    You also fail to mention that the same people who run Administrator on Windows are likely to run root on GNU/Linux.

  2. There are many reasons why GNU/Linux is a better layer of defense. Chief among them is that software is modular and malware getting into one place does not mean that it takes over everywhere. There is far more malware for that other OS not only because it is more prevalent but also because it is the easier target. Holes? Multiple APIs established to provide market dominance for M$’s stuff, for instance. Running as administrator results from the need to control everything as a user. GNU/Linux does not need that. The user can just use the PC without overruling security at every turn.

  3. reactosguy says:

    Common sense is not common. Everywhere I have worked you will find some fraction of users of IT are totally oblivious to the obvious fact that installing random stuff could be bad. These are the users who insist on running as Administrator because “it’s easier that way”.

    This is exactly why common sense as a security technique should be spread.

    Common sense and a bit of education and a layered defence are needed. GNU/Linux is a better layer for the OS than that other OS which has priorities created by salesmen and not engineers.

    If by better layer, you mean:

     • Lack of widespread malware
     • Lack of anti-malware software

    Then yeah, that’s (not even) okay (with me).

  4. oldman says:

    “Some 45% of PCs are using that obsolete OS. It is still the “state of the art” for that other OS’

    Nice try Pog, but you know exactly what I mean by “state of the art” Windows XP is a now 2 generations obsolete version of the windows OS. Windows XP is simply there at this point on a population of computers that has yet to age out and be replaced. We went through the same cycle a decade ago with windows 9x, which is still running on something like 2% of the computers in the world and is “state of the art” for those computers, but it is NOT state of the art.

  5. oe says:

    Mr. Pogson speaks from the Admin, me I speak as a user, the place I worked until recently offerred up WinXP, Win7, Snow Leopard and CentOS 5 for your desk. There was no cost incentive for me, the user, to pick any one over the other. CentOS won out out due to the raw performance of the OS, but also due to a great sets of apps. OO is tightly integrated, and very capable Office suite, and it also worked with the RefWorks reference management site natively. It also supports group-ware edits through the GDocs and ZohoDocs via FOSS plugins available for it so the committee could hack on edits. Gnuermic was very good for data reduction with statistical rigor backed in to a general purpose spreadsheet, unlike MS Excel. There are many others (Octave, G77 with numerical libraries, 2 mainline FEA packages, etc.) but suffice to say apps were a major driver in my selection of CentOS over the other 3 choices.

  6. Some 45% of PCs are using that obsolete OS. It is still the “state of the art” for that other OS. It was obsolete back in 2001 but that is what people are used to. I don’t know anyone who is just an ordinary user who prefers “7” to XP.

  7. oldman says:

    “State of the art? Do you call crashes and malware and slowing down state of the art? ”

    Don’t talk to me about obsolete OS running on the junk pile that you worked with.

    I would suggest that you shouldn’t presume to pass judgment on what is available commercially currently on windows until you are actually in a situation where you are managing current applications running on windows vista or windows 7 on properly provisioned hardware with properly provisioned network connectivity,

    “APT is much smoother and far more reliable.”

    Irrelevant. You removed their choice and left them with no way to run anything but FOSS on Linux. THis may worked because you don’t seem to have had have anyone who was a heavy enough computer user to cause you problems, but I guarantee you that were you to go outside of the environment that you work in you might have a very different experience as you attempted to pave over users existing applications, all because it is easier for YOU.

  8. I had many sleepless night when “critical” updates was in the pipe, trying to get all the machines to take it. Many of the machines would download but not install updates so we had to take several runs at it whereas the GNU/Linux machines just clicked them in. There was never an update last year that I felt was “critical” for the GNU/Linux systems because there was so little malware in the wild. I have worked with WSUS, manual and automatic updates in that other OS and APT and RPM in GNU/Linux. APT is much smoother and far more reliable. I was once in a school where it took the two MSCEs three tries to get a lab of 24 machines to update.

    State of the art? Do you call crashes and malware and slowing down state of the art? My users appreciate that GNU/Linux keeps on ticking. All the bloatware in the world is useless if the PC is lagging.

  9. oldman says:

    “I will never willingly use that other OS for anything not because I cannot but because I don’t want to waste time and money on bloatware.”

    Not to be blunt, but if you are in a supporting situation, your opinions on what is “bloatware” are irrelevant. If the knowledge workers who you service have demonstrated certain productivity levels using commercial software on windows based desktops, then that is what you support.

    As far as the avalanche of updates is concerned,even on the now obsolete windows XP running on up to date hardware the update process is pretty seamless, and Vista and Windows 7 are, as far as I have seen and experienced, even smoother.

    “Many organizations find the cost of migration recovered in a few months to a year in reduced labour and the return continues indefinitely with lower licensing costs.”

    Reduced labor for whom, Pog? – technicians like your self, Probably. But in many cases the people who actually have to get the work done, get to scramble to regain their lost productivity, especially as the commercial software acquires more useful features that the knowledge workers can take advantage of becasuse the FOSS applications that have been stuck with in the name ofcsaving a few bucks don’t keep up with the state of the art.

  10. While large organizations may find use of multiple operating systems no problem because they have many bodies in the system, small organizations greatly prefer a single OS for everything. While it is possible to hire staff conversant with MacOS, that other OS and GNU/Linux, it is difficult. It is much easier to hire someone familiar with a single OS. I have managed XP/2003 with no problems years ago but last year managing simple XP desktops was impossible. Malware has reached epidemic proportions. The rate of updates has become an avalanche. We switched to GNU/Linux so that the work of managing the system became much less. Even if staff are unfamiliar with GNU/Linux it is worthwhile switching to GNU/Linux on the desktop because it is solid. I have migrated several organizations of small/medium size and GNU/Linux is a much better fit than that other OS. I will never willingly use that other OS for anything not because I cannot but because I don’t want to waste time and money on bloatware. I am not alone in this. Many organizations find the cost of migration recovered in a few months to a year in reduced labour and the return continues indefinitely with lower licensing costs.

  11. oldman says:

    “Just remember, you’ll want your words to remain valid in the future. A future that’s coming on fast and not friendly towards Microsoft.”

    There’s nothing to remember, Mr. Chapman. I’ve worked with windows from version 1.0 (and DOS before). I’ve worked with Unix since the late 1970’s and I’ve Linux for about a decade now, I also use both FOSS and commercial software. I’m fluent in all of it.

    If a commercially viable version of a Linux desktop catches on and attracts commercial ISV support from the vendors whose software I use, and it meets my needs. I will be looking at it.

    IN the meanwhile, I’ve made my choices and which ever way the world goes, I am well positioned to work in EITHER world.

    Are You Mr. Chapman?

  12. Richard Chapman says:

    It’s your choice, but if you wish to advertise that you find Microsoft’s Windows easier to manage than GNU/Linux go ahead. Just remember, you’ll want your words to remain valid in the future. A future that’s coming on fast and not friendly towards Microsoft.

  13. oldman says:

    “Therefore, all systems are equally insecure… Not True.”

    My “whining” as you call it, remains true no matter what you say, and your statement is a distinction without a difference Mr. Chapman driven by bigotry.

    “Microsoft is an ongoing security disaster and the only thing keeping it going is fact that most people believe it is their only choice, not that it’s a better choice.”

    Most people believe in the applications that they run, and when push comes to shove, the “security disaster” that is windows is easier to manage than the fork lift upgrade to your so called “better” choice is.

  14. Richard Chapman says:

    “Both are by definition insecure and working with either environment connected to the internet requires caution and preparation.” Of course they are “oldman”. Your statement says absolutely nothing.

    Same old whine in a new bottle. “All systems are insecure, true. Therefore, all systems are equally insecure… Not True.

    Windows is not as secure as GNU/Linux. No amount of layers will make it as intrinsically secure as GNU/Linux. You can offer all the personal experience you wish but it doesn’t play out on the world stage. Microsoft is an ongoing security disaster and the only thing keeping it going is fact that most people believe it is their only choice, not that it’s a better choice.

  15. oldman says:

    I can’t believe you took my bait. You’ll never learn. Don’t defend Microsoft’s security record, you’ll always lose.”

    Bait, Mr. Chapmsn? I could care less about your stupid games, or your anti microsoft bigotry. Microsofts security record is as relevant to me as Linuxes security record is. Both are by definition insecure and working with either environment connected to the internet requires caution and preparation.

    But in the end, nothing you say is going to change the relative non-relevance of the Linux desktop to the bulk or the personal computing world.

  16. Common sense is not common. Everywhere I have worked you will find some fraction of users of IT are totally oblivious to the obvious fact that installing random stuff could be bad. These are the users who insist on running as Administrator because “it’s easier that way”. Common sense and a bit of education and a layered defence are needed. GNU/Linux is a better layer for the OS than that other OS which has priorities created by salesmen and not engineers.

  17. reactosguy says:

    On the other hand, using FLOSS is an excellent defence against malware since almost all malware is aimed at that other OS.

    I doubt that. There have been a lot of Linux malware over the ages. Many people who use open source OSes forgot that nobody is immune.

    On the third hand, common sense is a better defense than FLOSS. It has thousands of applications with a percentage of them being in security. This involves, but is not limited to, not carelessly clicking on malicious ads even with anti-malware software.

    The best thing about common sense is that it applies to all operating systems.

    Even if that were not the case the relative simplicity, openness and modularity of GNU/Linux gives fewer vulnerabilities and better systems for fixing them.

    The open source model does not always work. Whereas you can fix something, you can screw it up and distribute it-think Wikipedia’s editing model. In addition someone can create a virus for Linux as easily as they can for Windows. As I said, nobody is immune.

    I made enough points here. The thing is, any OS will have security flaws. Open source OSes are not your best defense as someone can write a virus for Linux and there’s nothing you can do about it. Common sense means stopping the virus through proper techniques-updating your software often and not clicking on some ad that got you the virus in the first place, but that’s not all, as I pointed out earlier.

    Think about common sense in preventing germs. If you wash your hands and clean things regularly you will have a lesser chance of getting sick. I never got H1N1 nor have I took the vaccine.

    These are some points I have collected to disprove the last paragraph of this article. Good day to you, sir.

  18. Joe says:

    The whole package management thing is great for security, because packages get peer reviewed and digitally signed. You download a binary on Windows and you have no way to know if that binary is a virus or not, it’s not like Windows users know how to check MD5/SHA1 hashes.

    Linux also has military grade security built in at the kernel level (SELinux). You probably won’t find this on most people’s desktop, but it’s nice to know that it’s there if you need it.

  19. Richard Chapman says:

    And billions upon billions are spent each year for what? Nothing? No effort? No troubles? No downtime?

    “People will use the software they want/need to use, and the baddies who create malware for fun and profit will continue to do so.”

    No “oldman”, they create nothing. They exploit the security holes PUT IN THE SOFTWARE by the software vendor. If the bad guys “create” malware then why don’t they just create some malware that gives them all the Swiss bank account numbers and passwords right now?

    I can’t believe you took my bait. You’ll never learn. Don’t defend Microsoft’s security record, you’ll always lose.

  20. oldman says:

    “Now for the real reason: Their software is a swiss cheese of security holes.”

    And in the end the rest of us all continue to use the commercial applications that run on microsoft OS’s, including FOSS. And some of us even manage to have never never even see a malware attack.

    You can talk about bad design all you want, and I can talk about the Unix and Linux systems I’ve seen compromised over the years. It doesnt matter. People will use the software they want/need to use, and the baddies who create malware for fun and profit will continue to do so.

    And so it goes.

  21. Richard Chapman says:

    Ah, let’s see: Stupid users, no malware for Linux ’cause hardly anyone uses it, there wouldn’t be any malware if there weren’t any bad people in the World. Did I miss any imaginary reasons for Microsoft’s atrocious record? Now for the real reason: Their software is a swiss cheese of security holes.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>