One of the myths propagated by haters of FLOSS is that GNU/Linux and other FLOSS are not targets of malware writers because there are not enough units to bother or rather that M$ offers a larger target.
There is no doubt that the existence of a target affects a shooter’s probability of shooting at it but Kaspersky is way off the mark:
- Kaspersky claims MacOS is now on the radar of malware writers because it has reached 5% market share (units, not $), and
- Kaspersky claims GNU/Linux is less than 2% share (units) so is not on the radar.
That’s utter nonsense:
- GNU/Linux is on hundreds of millions of servers (virtual/real) and is a huge target for malware-writers. The malware artists have no trouble finding GNU/Linux targets but the bullets are not penetrating.
- GNU/Linux exceeded MacOS unit share of shipments back in 2003 and has not slowed down. “According to IDC, Linux desktop shipments outstripped Macintosh shipments in 2002. By 2006, Linux will likely have a larger installed base than the Macintosh OS.” see DESKTOP LINUX TECHNOLOGY & MARKET OVERVIEW (2003)
- In 2003, IDC reported unit sales of licences: MacOS 2.9% and GNU/Linux 2.8%. That was before the huge roll-outs at Extremadura, Spain, Munich, French national Police etc. which were in excess of “sales” of licences which IDC counts and before Brazil, Russia, India and China endorsed GNU/Linux. Is MacOS really that big of a target?
The current vulnerability in MacOS is actually about Apple’s Java virtual machine, not the UNIX architecture underneath. The UNIX system of security does work and it is better than that other OS regardless of the numbers of units installed. That’s why UNIX still lives on many servers in large enterprises. They don’t care about price. Security is paramount. The argument about size of target is almost irrelevant when thousands of times more malware are out there for that other OS. Anything else is more secure. GNU/Linux is more secure than that other OS. It’s about the law of combination of probability. The probability of a compromise is the product of the probability of encountering a malware and the probability of being susceptible. We have less of each factor with GNU/Linux or MacOS than that other OS.