Reply to comment
In the past few years i read and heard many times that the reason for Windows' vulnerabilities and specially virus attacks is simply because much more computers are running it and it could have been the same for Linux (aka GNU/Linux)!.
First of all i'm glad that this kind of discussions are pupping up so often these days, because it means that Linux's user base is increasing and it attracts more attention everyday. However this point of view also shows its authors' limited understanding of how GNU/Linux and Open Source community work. GNU/Linux is NOT WINDOWS, yes they're both operating systems but they have many fundamental differences. Lets highlight some of these differences and see how they affect the main topic of this article.
- GNU/Linux is open source, which means that anyone can modify and distribute it. It also means that two GNU/Linux installation at the same day, might not be identical! they may even run different or custom versions of Linux's Kernel.
- GNU/Linux is not a single software and it's not developed by a single company or a single person.
- GNU/Linux is not even a single operating system!! There are many different distributions with quite different configurations
- GNU/Linux is a network operating system, you can't use it effectively without an Internet access. It's always under development and new updates are available almost everyday.
- Many eyes are on Open Source softwares because their source code is publicly available
Writing viruses, Trojans , etc for GNU/Linux and any other software is possible. However the question is how effective this Viruses are going to be?
Lets answer this question first. How a Virus spreads , and what makes it dangerous? By infecting other computers and the more computers it infects the more damage it can cause.
GNU/Linux has many different distributions and each distribution usually has the following differences with the others
- Security policy (Some are very strict, specially server distributions)
- Linux kernel version (Distribution maintainers may apply different patches and configurations and make a custom kernel)
- Primary operating system's softwares (Not all distributions use the same version of a software or even the same softwares for doing similar things)
If someone wants to write a Virus which can target most of these different flavors of Linux :
- Should find a common vulnerability among at least 60%-70% of them
- Should be lucky because another developer may find it and announce it at the same time
- Should act very fast and write it in an undetectable way because if someone report it, it becomes in effective in few days!!
So what happens when users find a security vulnerability in GNU/Linux?
They usually report it and since security vulnerabilities have a very high priority the maintainers of the distribution or the software fix and release the patched version ASAP. As mentioned before almost all GNU/Linux distributions are highly depend on the Internet and they update themselves everyday. So the moment the fix releases it spreads among many computers and dramatically decreases virus spread rate.