I use a PC. Actually, I use several PCs. My small business has 5 tower PC systems and 1 laptop PC system. All of these are what is called a PC. Any computer that can be purchased by an individual and used by said person for personal "stuff" is by definition a Personal Computer also known as a PC. That includes Apple Computer Systems Personal Computers known as "Macs". All of these devices are PCs.
So, we all can agree that all of these devices are PC systems. The fact that malware are written primarily for PC systems is a given and is well reported in the news. The fact that malware are written primarily for Microsoft Windows based PC systems is often not reported. When such a connection is made in the press or on a Microsoft friendly web site then the caveat is often added that Microsoft Windows suffers from popularity. The argument is that because Microsoft Windows is so ubiquitous it gives a good "Return On Investment" to malware writers. Supposedly these malware writers do not target other operating systems because they want to get the most bang for their buck. I call that hogwash. The reason Microsoft Windows is so often successfully attacked is because of its flawed security design. I run FreeBSD Unix and Mandriva GNU/Linux on my PC systems. I keep my systems patched with up to date bug fixes and security fixes. I will not install software that I do not know from whence it originates. I do not run any anti-virus software and yet I will never get a "PC Virus" on these systems. There is no such thing as a "PC Virus", call them "Microsoft Windows Viruses" or "GNU/Linux Viruses" or "Apple OS X Viruses" depending on the operating system which they successfully attack. Don't call them "PC Viruses".
What is a Virus? I refer people to this definition when asked: The Difference Between a Computer Virus, Worm and Trojan Horse. So, a Virus must be able to be shared and operate easily by user to user transfer to be successful.
All PC systems are targeted for attacks regardless of the operating system. Do not believe any person who says otherwise. The only difference is that some systems are attacked successfully more easily than others. Those more easy systems are almost all Microsoft Windows based PC systems. Anyone who has monitored an internet facing server of any type knows that systems connected to the internet are constantly probed for weaknesses in their open services. (Thank you China, may I have another?) These probes are often looking for unpatched services with known flaws that can be exploited. This is true of Unix, including OS X, GNU/Linux and Microsoft Windows based servers. Any of these open services that are not kept up to date can potentially be exploited. The only mitigating factor would be the underlying operating system on top of which the services are running.
If an attacker can get a root shell prompt, root being the "administrator" account, by exploiting a service flaw on a Unix or GNU/Linux system then the game is over, the attacker basically owns the system at that point. Further, since internet facing systems are often servers that handle traffic for a handful of users up to thousands of users these would be a cherry to pick that is much more "tasty" than some lone PC or even dozens of PC systems.? So why do we read so much about successful Microsoft Windows based malware attacks yet read so little about malware exploits of internet facing servers? Well, most of these are running some form of Unix or Unix-like operating system, such as GNU/Linux. The security by design nature of these Unix based systems make them a very tough nut to crack. Only the really, really smart attackers can figure out how to exploit these systems. The chance of exploiting very many is low because all one has to do to keep an internet facing server "safe" is make sure it is running a Unix based operating system and keep the open services that face the internet up to date. (Yes, I know one can maybe do this with Microsoft based servers too, but they are not in the majority when it comes to internet facing servers.) The majority of system administrators managing internet servers know this. Creating a Virus that can successfully attack these systems using the definition above is likely possible, but spreading it very much is not probable. Just because something is possible, writing a Virus for GNU/Linux, does not make something else probable, the easy spreading of said GNU/Linux Virus. So, attackers that target Unix based systems have to give them personal attention in most cases to find a successful attack vector. These folk are known as Crackers and are a different breed from the plethora of malware writers. Like malware writers Crackers are slime, they are just a smarter level of slime.
What we Unix and GNU/Linux folk worry about most are Crackers, Worms and Trojan Horses. Of course if one keeps service applications like BIND domain server, Apache web server, Postfix mail server, CUPS print server and so on up to date the probability of a successful Cracker or Worm attack is very low. If one uses only secured sources for installable applications and updates the probability of a successful Trojan Horse attack is also very low. Again these would not be called "PC Crack", "PC Worm" or "PC Trojan Horse". They would be called by the service they successfully attack, such as a BIND Worm that exploits known flaws in unpatched versions of BIND or an Apache Crack that allows a Cracker to successfully "get root" through an unpatched Apache web server. Do these attacks succeed? Yes they do sometimes. But they are much less successful than Viruses that are written to take advantage of user ignorance and Microsoft Windows design flaws.
So, if we ever do see a successful GNU/Linux Virus "in the wild" we will call it a "GNU/Linux Virus". As unlikely as that scenario is due to the mitigating factors that make up the security by design model used with GNU/Linux. Or will all you people that insist on calling Microsoft Windows Viruses by the misnomer "PC Virus" also insist we call a GNU/Linux Virus a "PC Virus"? Suuuure you will.
Internal ERACC advertisement: Windows users – need anti-malware (anti-virus) software? Get it from our on-line shopping site here: AVG Software
Number of unique accesses for this article:
| university of phoenix |
Notice: All comments here are approved by a moderator before they will show up. Depending on the time of day this can take several hours. Please be patient and only post comments once. Thank you.
Marketing. Money gets marketing. Lots of it. In order to change “public ideology” you have to consistently MARKET. This is the reason why the “end user public” is so Microsoft-brain washed. How do you combat it? Well, from experience, it ain’t by example. The only way it can be done is with MARKETING. If all the big GNU/Linux dogs put all their effort into a single MARKETING campaign, well, “public ideology” might get swayed. Otherwise, it’s going to remain the same (as it has for the past 15 years).
and also you just can’t say that linux is virus free. More reasons such as improved GUI and increased popularity have acted as a double-edged sword. As more people switch over to linux, more hackers are following them!
(Administrator note: Your URL was removed as it does not meet our link standards. It points to a site that appears to be mainly pro-Microsoft and is rife with advertisements. Don’t do that.)
Richie,
You have so got to be joking.
If I was a hacker, I’d be going for the easily accessible stuff, the high profile targets, and the common things.
50% of web servers are running linux- or that sort of ball park number. >90% of supercomputers. An increasing number of phones (and the OS market for phones is an order of magnitude larger than PC’s).
Name one Linux virus propagating in the wild, despite the fact that the most online computing devices, the biggest, and the most common form factor are all using it.
So any idea why Windows is still the target of choice at present? Wouldn’t be because security on Windows has distinct analogies with a screen door on a submarine, would it? Windows virus management looks a lot like sweeping problems under the rug; an increasingly lumpy and thin rug at that.
Alaa Ajweh,
I’m sure you can run a MS box without problems. 90% of that is staying out of the darker corners of the net, and not having teenagers on it, with really tight access control. For those of us with families, however, its a
Finally, Linux may not be perfect, but at least when there’s a problem the code itself gets patched, not a program that supposedly protects the code.
[...] en ERACC Web Log v?a Linux [...]
Just found this article today and wanted to say thank you for clarifying and/or propagating the proper usage of several terms…. “Windows viruses” vs. “PC viruses,” “computer viruses,” and similar, certainly… but also “GNU/Linux” vs. “Linux” and “crackers” vs. “hackers.” We can hardly have intelligent discussions on these subjects if we’re starting right out of the gate with misnomers and misconceptions. Wish the press would read this article before commenting on these subjects! I’ve seen many news reports spreading erroneous information as you’ve mentioned here. Many thanks for helping to alleviate the confusion.
g33kgrrl (comment #15) thank you for reading.
Thank you for the kudos as well. However, the “Linux” versus “GNU/Linux” argument is probably a lost cause. We need to get over the fact that “Linux” is now a market term for the entire realm of the kernel plus everything on top of the kernel. I agree that we need to give credence to GNU somewhere but arguing over the market terms used is not going to do that. Since there is a lot of GNU available on BSD should we start insisting that all BSD variants be called GNU/*BSD? I think there might be some resistance to that …
All we need to do is hammer the journalists with questions like:
” I have a PC at home running Mandriva Linux”. I’m concerned about what the PC virus you mention in article “xxx on date yyyy”. Can you please tell me how I can protect my Mandriva PC from the “zzzzz PC virus” you report on.
6-700 of them every time they crap on might get them to be more specific in their reporting. You have to educate the uneducated in order for change to occur. That education will then flow on and the masses will become educated. They might even start asking questions like “Why is it only Windows PC’s” that have this issue?
I don’t believe it’s a conspiracy for the journalistic of the world to protect MS. I think they are just stupid enough like most MS users, to not realise that other platforms exist. Or rather to only address the majority.
Perhaps if they are shown that the majority is less than they think it is it might change. But that would take the minority to make some noise.
Why is it everywhere else in life the noisy minority always seem to win? Except when it comes to Linux eh? Perhaps the answer is so simple. We are just not vocal enough. If vocal minorities have more power (as I often see), clearly all we have to do is become louder!