The lack of viruses for Linux has little to do with any sort of alleged innate security or the competence of its user base. Trust me, with a little social engineering it’s just as easy to get a single-user sysadmin to install an infected package as it is to get a Windows user to install an infected MSI.
However, desktop Linux is such a tiny part of the marketplace today that it’s not worth it from a virus writer’s perspective to waste time on a Linux variant of some trojan. This is especially true if you’re writing a worm distributed via email; yes, you *can* write an OpenOffice worm, but why bother with all that effort when it’ll only pwn a tiny handful of boxes? In fact, the *density* of targets is so low that you can’t even achieve reliable viral transmission; even if you succeed in getting your virus onto one Linux box, the likelihood of it successfully *finding* another Linux box to spread to is very, very low.
Of course, if people start buying fewer Windows boxes and more Mac or Linux boxes *because* of the virus threat, then the total population (and population density) of Linux boxes will increase, while the population and density of Windows will decrease. This will cause the virus-writer to be more willing to write viruses for Linux and Mac, and we will see a commensurate spike in viruses for those platforms.
In the study of biological infections, this phenomenon is called the “Red Queen” principle. When an infectious agent optimizes itself to attack a particular common variant of some species, the agent’s success is dependent on the commonality of that variant; yet its very success causes a decrease in the occurrence of that variant. This in turn forces the agent to re-optimize for an alternative variant, which leads to cyclical patterns of variation over time.
“The lack of viruses for Linux has little to do with any sort of alleged innate security or the competence of its user base. Trust me, with a little social engineering it’s just as easy to get a single-user sysadmin to install an infected package as it is to get a Windows user to install an infected MSI.”
That’s a Trojan, not a virus..
Debunked years ago, yet some people don't seem to get it.
Linux viruses are less common because the design does not as easily lend itself to being compromised by malware.
There are more Linux web servers than Windows web servers yet Windows web servers are still compromised more often. Given your debunked premise, please explain how an operating system with a LARGER footprint than Windows is LESS vulnerable.
The lack of viruses for Linux has little to do with any sort of alleged innate security or the competence of its user base. Trust me, with a little social engineering it’s just as easy to get a single-user sysadmin to install an infected package as it is to get a Windows user to install an infected MSI.
That's not a virus, that's tricking a human to run a trojan. One can trick an old lady into giving up her ATM card and pin, and the location of her purse. That's doesn't make the security of a bank equivalent to her purse.
However, desktop Linux is such a tiny part of the marketplace today that it’s not worth it from a virus writer’s perspective to waste time on a Linux variant of some trojan. This is especially true if you’re writing a worm distributed via email; yes, you *can* write an OpenOffice worm, but why bother with all that effort when it’ll only pwn a tiny handful of boxes? In fact, the *density* of targets is so low that you can’t even achieve reliable viral transmission; even if you succeed in getting your virus onto one Linux box, the likelihood of it successfully *finding* another Linux box to spread to is very, very low.
Oh, right, you don't know about BlackICE Defender. BlackICE was a nifty little personal firewall built to fend of script kiddies back before such things were common. I myself ran it, but it had virtually no awareness in the general computer using public. Yet in 2004 someone still went to the trouble to write a worm that only infected systems running that software, estimated to be about 10,000-12,000 worldwide.
In fact, the *density* of targets is so low that you can’t even achieve reliable viral transmission; even if you succeed in getting your virus onto one Linux box, the likelihood of it successfully *finding* another Linux box to spread to is very, very low.
The aformentioned worm infected virtually all 12,000 hosts worldwide in less than one hour.
10,000-12,000. By way of comparison, the number of Linux desktops in the elementary and secondary schools in Brazil alone exceed 20,000. The French Parliment is using Linux on its desktops, (Yeah, France, I know...) Amazon.com uses Linux on its desktops. Novell is unsurprisingly running Linux on their desktops. And thats just some desktop numbers.
According to Netcraft, Linux is the OS running on four out of ten of the most reliable Internet hosting companies (incidentally BSD, another free Unix like OS with four of the ten has been making significant gains recently... Windows server is one of the ten) Google's servers run Linux. Amazon.com runs Linux, the servers that host Freerepublic.com run Linux.
People that say Market share and therefore "worth" to the virus is the reason that vulnerabilities in Linux aren't widespread are only demonstrating a fundamental lack of knowledge of the number of internet facing Linux servers that would reap the malware writer rewards several orders of magnitude greater than Windows desktops if they could only be exploited.
So the only reason there isn't a worm or two running around pantsing Linux is that NOBODY has even tried to write one?