Every time a virus like the current “Here You Have” worm comes around, people shake their heads, wring their hands and wonder how “computer security” can be improved.
The assumption, for many, is that malware like this is simply part of having a computer. Thank goodness for the PC security industry, working hard to protect us with expensive software!
The fact, however, is that malware like this does not go hand-in-hand with having a networked computer–it goes hand-in-hand with Windows. Microsoft Windows is the reason our culture gets threatened again and again by malware; if the world ran Linux instead, it wouldn’t be a problem. Here’s why.
1. Users Are Dumb
There’s no point denying it — humans are extremely gullible, forgetful, distracted, and yes, just plain stupid sometimes. That is simply a fact of life, and no “helpful reminders” or even automated warning systems are going to keep them from being stupid. Offer them pictures of cute puppies or porn, and they’ll go wherever you want them to.
This is only a problem, however, because of Windows. Rather than protecting foolish users from themselves by minimizing the potential consequences–which is what a good operating system should do–Windows gives them all administrator access by default. That means that they pretty much have the keys to the castle at all times–which, in turn, means that viruses do too. As I’ve said before, it’s like giving terrorists high-level government positions.
With Linux, on the other hand, users do not have “root” privileges by default. So, even if a Linux system is compromised–which is rare–the virus won’t have the access it would need to do damage systemwide; rather, just the user’s local files and programs would typically be affected. That’s much less motivating for evil-doers.
2. It’s a Monoculture
So Windows gives each and every user the keys to his or her local castle, which–thanks to the Internet–is linked to every other castle on the planet. Since the majority of those also run Windows, imagine the fun viruses can–and do–have! It’s a simple matter of frolicking from one castle to another–again and again and again–taking the keys, and then watching the email servers fall! It’s a worm’s dream come true.
That, of course, is why Linux isn’t popular with worm developers. With the diversity of environments that Linux includes–Ubuntu, Debian, Fedora, and so on, not to mention all the many shells, packaging systems, mail clients and even underlying architectures– reaching more than a relatively small part of the Linux community is much more difficult. Much less gratifying for worms.
3. Closed Access
Less applicable in the present case, and yet still a factor in Windows’ relative insecurity, is the fact that its code is closely guarded by Microsoft. No matter how many developers Redmond has, it simply can’t compare with the countless users around the globe constantly scrutinizing Linux’s open code for vulnerabilities. Microsoft developers also don’t typically tell anyone about the problems they’ve found until a solution has been created, leaving the door open to exploits until that happens.
I’m certainly not saying that Linux is perfect, and any business user, in particular, should still enable firewalls, minimize the use of root privileges, and keep the system up to date. They could even implement a virus scanner for Linux, such as ClamAV.
The difference, though, is that such extra measures are not simply an accepted part of computing in the Linux world–they’re additional steps you can take, if you want extra peace of mind. Malware is primarily a Windows problem. Use Linux, and you can mostly forget all about it.
Follow Katherine Noyes on Twitter: @Noyesk.