GNU/Linux: Don’t Call Them PC Viruses

I use a PC. Actually, I use several PCs. My small business has 5 tower PC systems and 1 laptop PC system. All of these are what is called a PC. Any computer that can be purchased by an individual and used by said person for personal "stuff" is by definition a Personal Computer also known as a PC. That includes Apple Computer Systems Personal Computers known as "Macs". All of these devices are PCs.

So, we all can agree that all of these devices are PC systems. The fact that malware are written primarily for PC systems is a given and is well reported in the news. The fact that malware are written primarily for Microsoft Windows based PC systems is often not reported. When such a connection is made in the press or on a Microsoft friendly web site then the caveat is often added that Microsoft Windows suffers from popularity. The argument is that because Microsoft Windows is so ubiquitous it gives a good "Return On Investment" to malware writers. Supposedly these malware writers do not target other operating systems because they want to get the most bang for their buck. I call that hogwash. The reason Microsoft Windows is so often successfully attacked is because of its flawed security design. I run FreeBSD Unix and Mandriva GNU/Linux on my PC systems. I keep my systems patched with up to date bug fixes and security fixes. I will not install software that I do not know from whence it originates. I do not run any anti-virus software and yet I will never get a "PC Virus" on these systems. There is no such thing as a "PC Virus", call them "Microsoft Windows Viruses" or "GNU/Linux Viruses" or "Apple OS X Viruses" depending on the operating system which they successfully attack. Don't call them "PC Viruses".

What is a Virus? I refer people to this definition when asked: The Difference Between a Computer Virus, Worm and Trojan Horse. So, a Virus must be able to be shared and operate easily by user to user transfer to be successful.

All PC systems are targeted for attacks regardless of the operating system. Do not believe any person who says otherwise. The only difference is that some systems are attacked successfully more easily than others. Those more easy systems are almost all Microsoft Windows based PC systems. Anyone who has monitored an internet facing server of any type knows that systems connected to the internet are constantly probed for weaknesses in their open services. (Thank you China, may I have another?) These probes are often looking for unpatched services with known flaws that can be exploited. This is true of Unix, including OS X, GNU/Linux and Microsoft Windows based servers. Any of these open services that are not kept up to date can potentially be exploited. The only mitigating factor would be the underlying operating system on top of which the services are running.

If an attacker can get a root shell prompt, root being the "administrator" account, by exploiting a service flaw on a Unix or GNU/Linux system then the game is over, the attacker basically owns the system at that point. Further, since internet facing systems are often servers that handle traffic for a handful of users up to thousands of users these would be a cherry to pick that is much more "tasty" than some lone PC or even dozens of PC systems.? So why do we read so much about successful Microsoft Windows based malware attacks yet read so little about malware exploits of internet facing servers? Well, most of these are running some form of Unix or Unix-like operating system, such as GNU/Linux. The security by design nature of these Unix based systems make them a very tough nut to crack. Only the really, really smart attackers can figure out how to exploit these systems. The chance of exploiting very many is low because all one has to do to keep an internet facing server "safe" is make sure it is running a Unix based operating system and keep the open services that face the internet up to date. (Yes, I know one can maybe do this with Microsoft based servers too, but they are not in the majority when it comes to internet facing servers.) The majority of system administrators managing internet servers know this. Creating a Virus that can successfully attack these systems using the definition above is likely possible, but spreading it very much is not probable. Just because something is possible, writing a Virus for GNU/Linux, does not make something else probable, the easy spreading of said GNU/Linux Virus. So, attackers that target Unix based systems have to give them personal attention in most cases to find a successful attack vector. These folk are known as Crackers and are a different breed from the plethora of malware writers. Like malware writers Crackers are slime, they are just a smarter level of slime.

What we Unix and GNU/Linux folk worry about most are Crackers, Worms and Trojan Horses. Of course if one keeps service applications like BIND domain server, Apache web server, Postfix mail server, CUPS print server and so on up to date the probability of a successful Cracker or Worm attack is very low. If one uses only secured sources for installable applications and updates the probability of a successful Trojan Horse attack is also very low. Again these would not be called "PC Crack", "PC Worm" or "PC Trojan Horse". They would be called by the service they successfully attack, such as a BIND Worm that exploits known flaws in unpatched versions of BIND or an Apache Crack that allows a Cracker to successfully "get root" through an unpatched Apache web server. Do these attacks succeed? Yes they do sometimes. But they are much less successful than Viruses that are written to take advantage of user ignorance and Microsoft Windows design flaws.

So, if we ever do see a successful GNU/Linux Virus "in the wild" we will call it a "GNU/Linux Virus". As unlikely as that scenario is due to the mitigating factors that make up the security by design model used with GNU/Linux. Or will all you people that insist on calling Microsoft Windows Viruses by the misnomer "PC Virus" also insist we call a GNU/Linux Virus a "PC Virus"? Suuuure you will.

Internal ERACC advertisement: Windows users – need anti-malware (anti-virus) software? Get it from our on-line shopping site here: AVG Software

Number of unique accesses for this article:

click for free hit counter
university of phoenix

Notice: All comments here are approved by a moderator before they will show up. Depending on the time of day this can take several hours. Please be patient and only post comments once. Thank you.


Published by

Gene A.

Gene is a "Unix Guy", network technologist, system trouble-shooter and IT generalist with over 20 years experience in the SOHO and SMB markets. He is familiar with and conversant in eComStation (a.k.a. OS/2), DOS (PC, MS and Free), Unix, Linux and those GUI based systems from Microsoft. Gene is also a follower of Jesus (forgiven, not perfect), and this does inform his world view.

17 thoughts on “GNU/Linux: Don’t Call Them PC Viruses”

  1. I fully agree with your article; however, things will never change. The same way the term hacker is misunderstood. Unless the mass media changes, popular thought/opinion will not.

  2. “Only the really, really smart attackers can figure out how to exploit these systems.” Or it takes very, very sloppy admins let them through 🙂 The human factor is still the weakest link for the vast majority of threats, though at least it’s not magnified by system deficiencies. Indeed you develop the idea in the rest of the paragraph, I simply thought having it in a one-liner somewhere would have further emphasized your argument.

    As for the “PC virus” moniker, it’s actually a very smart PR tactic: keeping the masses in the dark. Reminds me of the Microsoft’s second attempt at an ad response to Apple’s “I’m a Mac” campaign. The one where they pretend to offer cash back if the comedian finds a computer for under $XX… Same message: “Well there are Macs, which are bloody expensive, and then there are PCs, which de-facto run some version of Windows”. Never mention the competition against which you have no relevant advantage to your target audience. Brilliant! In a twisted way…

  3. this is brilliant.
    I’ve often thought the community should be comparing itself to windows but in the opposite way it is currently done.
    Headlines like “Is Linux ready for the desktop?” are bad for Linux because they consistently relegate Linux to bottom of the pile so to speak. The nature of the headline assumes Linux is not ready and that is completely wrong.

    Better would be headlines like “Windows starting to catch up to Linux but still a long way to go.” or “Windows Power Shell, is it as capable as Linux shells”, “It only took 15 years for Windows to catch up to Linux shells.”

    As a rule the community should always be thinking in terms like these.
    Anything less will continue to doom us.

  4. While I agree with most of the points of this post, I think there is some truth to the point about Windows being targeted more for viruses than other operating systems, because of its wide usage on the desktop level. By nature I think desktops are attacked more because they are easier to exploit since there is a user on it actively reading emails, browsing the Internet, etc. Typically there isn’t a user logged in to a server doing those types of activities. However, I agree that Unix-based operating systems like GNU/Linux are FAR more secure than Windows both at the server and desktop level. A lot of exploits you see for 3rd party products like Adobe Reader only affect Windows, and not Linux. So even though you are running the same application at the application level, the GNU/Linux operating system has clear security advantages over Windows. Windows has a lot of flaws, and it is generally bloated compared to more efficient operating systems like GNU/Linux.

  5. Are you kidding?
    I am running (and always been) a Microsoft Windows Client, I keep it up to date, and I have never got any virus/worm/trojan or whatsoever, open up your Services snap-in and see how many offerings does Windows have compared to linux or apple. I also have owned a Mac Pro but i couldnt bare how primitive the system was.

    I am an administrator of a Windows Server environment, and I have had any security issues, ever heard of the Security Configurations Wizard (SCW) ? well trust most Windows Server Admins haven’t also, I agree with PsynoKhi0 when it comes to sloppy admins everywhere.

    but when it comes to users, a phishing website’s pop-up that says they’re infected is enough for them to click it, install an ActiveX controller to put dozens of backdoors, trojans, and worms on their systems.

    Windows is Secure, people are not.

  6. Alaa Ajweh (comment #7) thank you for reading and for commenting.

    Perhaps you should read these before you assert that “Windows is Secure”: Why Windows security is awful and Comment #15 from “paul” in our article titled “GNU/Linux Security: Linux House vs Microsoft House”. Frankly, Windows can be “secured” only as long as it is in a severely controlled environment. It should never have been let loose on the masses that now use it.

  7. Alaa Ajweh:
    Windows is NOT secure, mainly due to the fact that for various reasons users are forced to run as administrators. Period.

  8. Marketing. Money gets marketing. Lots of it. In order to change “public ideology” you have to consistently MARKET. This is the reason why the “end user public” is so Microsoft-brain washed. How do you combat it? Well, from experience, it ain’t by example. The only way it can be done is with MARKETING. If all the big GNU/Linux dogs put all their effort into a single MARKETING campaign, well, “public ideology” might get swayed. Otherwise, it’s going to remain the same (as it has for the past 15 years).

  9. and also you just can’t say that linux is virus free. More reasons such as improved GUI and increased popularity have acted as a double-edged sword. As more people switch over to linux, more hackers are following them!

    (Administrator note: Your URL was removed as it does not meet our link standards. It points to a site that appears to be mainly pro-Microsoft and is rife with advertisements. Don’t do that.)

  10. Richie,
    You have so got to be joking.
    If I was a hacker, I’d be going for the easily accessible stuff, the high profile targets, and the common things.
    50% of web servers are running linux- or that sort of ball park number. >90% of supercomputers. An increasing number of phones (and the OS market for phones is an order of magnitude larger than PC’s).
    Name one Linux virus propagating in the wild, despite the fact that the most online computing devices, the biggest, and the most common form factor are all using it.

    So any idea why Windows is still the target of choice at present? Wouldn’t be because security on Windows has distinct analogies with a screen door on a submarine, would it? Windows virus management looks a lot like sweeping problems under the rug; an increasingly lumpy and thin rug at that.

    Alaa Ajweh,
    I’m sure you can run a MS box without problems. 90% of that is staying out of the darker corners of the net, and not having teenagers on it, with really tight access control. For those of us with families, however, its a
    Finally, Linux may not be perfect, but at least when there’s a problem the code itself gets patched, not a program that supposedly protects the code.

  11. Just found this article today and wanted to say thank you for clarifying and/or propagating the proper usage of several terms…. “Windows viruses” vs. “PC viruses,” “computer viruses,” and similar, certainly… but also “GNU/Linux” vs. “Linux” and “crackers” vs. “hackers.” We can hardly have intelligent discussions on these subjects if we’re starting right out of the gate with misnomers and misconceptions. Wish the press would read this article before commenting on these subjects! I’ve seen many news reports spreading erroneous information as you’ve mentioned here. Many thanks for helping to alleviate the confusion.

  12. g33kgrrl (comment #15) thank you for reading.

    Thank you for the kudos as well. However, the “Linux” versus “GNU/Linux” argument is probably a lost cause. We need to get over the fact that “Linux” is now a market term for the entire realm of the kernel plus everything on top of the kernel. I agree that we need to give credence to GNU somewhere but arguing over the market terms used is not going to do that. Since there is a lot of GNU available on BSD should we start insisting that all BSD variants be called GNU/*BSD? I think there might be some resistance to that … 🙂

  13. All we need to do is hammer the journalists with questions like:

    ” I have a PC at home running Mandriva Linux”. I’m concerned about what the PC virus you mention in article “xxx on date yyyy”. Can you please tell me how I can protect my Mandriva PC from the “zzzzz PC virus” you report on.

    6-700 of them every time they crap on might get them to be more specific in their reporting. You have to educate the uneducated in order for change to occur. That education will then flow on and the masses will become educated. They might even start asking questions like “Why is it only Windows PC’s” that have this issue?

    I don’t believe it’s a conspiracy for the journalistic of the world to protect MS. I think they are just stupid enough like most MS users, to not realise that other platforms exist. Or rather to only address the majority.

    Perhaps if they are shown that the majority is less than they think it is it might change. But that would take the minority to make some noise.

    Why is it everywhere else in life the noisy minority always seem to win? Except when it comes to Linux eh? Perhaps the answer is so simple. We are just not vocal enough. If vocal minorities have more power (as I often see), clearly all we have to do is become louder!

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow the directions below to post a comment if you are human. After 3 failed tries reload the page to start with new images.