The ‘Hand of Thief' Trojan recently discovered has brought Linux users back to reality just a bit, making them question just how safe they really are. So what do you need to know?
Linux Malware: Hand of Thief
“Given the recent Hand of Thief news in which RSA's Limor Kessem explains how a Linux malware kit is sold on Russian websites, I have been contemplating about Linux security again,” said Hans Kwint in a blog post on LXer bearing the title “Linux Malware: Should We Be Afraid?”
“Here's my question to you,” continued Kwint. “Are you afraid attackers [will] break into your Linux boxes? Do you scan for rootkits from time to time, and check md5-sums of executables against your ‘trusted list?' Do you consider one distro safer as another? What is your level of paranoia?”
Linux Malware: Bloggers Respond
And the Linux blogging community began responding to this post.
“Linux malware isn't new, but for one reason or another it never seems to spread far,” said Hyperlogos blogger Martin Espinoza. “Sure, users could be tricked into installing malware from repositories in Ubuntu, but that could happen on any distribution with meaningful package management.
“Linux at least has some generally working security features that help keep infection down,” he added.
Blogger Robert Pogson agrees: “I've been using GNU/Linux for more than a decade and never saw any malware on it while I have seen hundreds of infections on a single PC running that other OS. Malware does exist, but GNU/Linux has so many layers of defense that unless a repository distributes it, the malware may not even run on a GNU/Linux system.
“There are all kinds of checks against that happening unless someone sneaks it into the source code,” he continued. “With the open development process of FLOSS, that is very unlikely to happen.”
Linux Malware: To Worry, Or Not To Worry
Google+ Blogger Kevin O'Brien, in an interview with Linux Girl, points out that any device that runs code is susceptible to malware. Linux has just been lucky thus far, thanks to their security measures. “That is not a very powerful shield, so learning safe computing applies to us as well.”
Mike Stone, blogger at Linux Rants, reminds Linux users that absolutely no operating system, ever, is immune to a Trojan Horse. Even Linux, held high on a pedestal by its users. Stone says, “Who thinks that there's no reason to attack the operating system that runs the majority of the world's websites, a massive chunk of he Internet, over 90 percent of the supercomputers out there and now a vast majority of the smartphones sold in the world?
“The Stock Exchanges in New York, London, and Tokyo all run on Linux,” he said. “No reason to attack that? Please.”
Linux Malware: What You Need To Know
As long as you're cautious and keep security in the forefront, you should be fine. Because according to Slashdot blogger hairyfeet, no OS is safe.
“Hand of Thief is just the beginning, folks, because as more and more virus writers find out that Android bugs can often run on Linux and that ‘How to Write a Linux Virus in 5 Easy Steps' works, then more and more malware writers will simply make their wares cross-platform.” Hairyfeet wonders “whether the Linux community will ‘man up,' accept this is the case and take steps to minimize risks? Only time will tell, but it IS a legitimate threat.”
Do you rely on Linux for your cheap hosting site? How do you feel about this threat?