我写这篇文章是因为我最近无意中听到两个朋友之间的对话,其中一位建议朋友(friend switch)从Windows切换到Mac 或 Linux(Mac or Linux),因为后者的操作系统是防病毒的,并且永远不会感染恶意软件或 rootkit(malware or rootkits)。
呃(Uhhh),错了。完全错误。不幸的是,有很多人相信这一点,并认为购买Mac或安装Ubuntu会以某种方式保护他们。
Linux更安全一点是有一定道理的,但OS X 和 Linux(OS X and Linux)都有病毒。
此外,由于许多人没有在他们的Mac(Macs)上运行防病毒软件,因为它被认为没有必要,所以当病毒开始在OS X上传播时,它会像野火一样传播,甚至没有人意识到他们感染了病毒。2012 年的Flashback 病毒(Flashback virus in 2012)感染了超过 600,000 台机器,Apple花了数周/数月的时间才发布适当的修复程序。
在这篇文章中,我想通过Windows病毒多的原因来解释Linux是否真的比Windows更安全,以及为什么。
恶意软件来自许多地方
我向人们解释的第一件事是,所有操作系统都是来自网络和电子邮件附件的恶意软件或病毒的王子。
无论您使用的是哪个(t matter)操作系统,如果您访问感染恶意软件的站点,单击不道德的链接或下载并打开未知附件,您的计算机很容易被感染。
不幸的是,这就是大多数人最终在他们的计算机上感染恶意软件和病毒的方式。(malware and viruses)由于操作系统级别的(OS level) 安全漏洞(security flaw),感染病毒或被某人入侵并不常见。
研究人员总是在Windows、IE、Office等中发现安全漏洞,但系统通常会在病毒开始传播或有人接管您的计算机之前进行修补。
由于Windows是迄今为止最流行的操作系统(operating system),仅设备数量之多(sheer number)就可以确保Windows用户最终会感染更多病毒。既然Mac(Macs)卖得很好,病毒和恶意软件事件的数量也增加了。
OS X本质上并不比Windows更安全。Linux并非如此,它本质上更安全。我将在下面进一步解释。但是,当Linux 用户(Linux user)确实感染了病毒时,它几乎总是与面向 Internet 的应用程序有关,例如邮件服务器或 Web 应用程序(mail server or web app)。
Linux 用户精通技术
为了每天运行Linux ,您需要比(Linux)Windows 或 Mac(Windows or Mac)用户了解更多关于计算机的知识,简单明了(plain and simple)。尽管消费领域的(consumer arena)Linux非常小,但Linux在后端(如 Web 服务器等)上却是巨大的。
令人惊讶的是,许多Linux服务器没有运行任何防病毒软件。为什么?因为维护它们的人知道他们在做什么,并且服务器被加固以抵御潜在的攻击。
安装Ubuntu的人也不太可能通过访问阴暗的网站(他们将在虚拟机中访问该网站)或从他们的电子邮件中下载受感染的附件而感染病毒。
这个类别中的很多人安装了NoScript之类的扩展程序,它可以防止任何脚本在浏览网页时运行。显然,如果您竭尽全力确保您的安全,那么您受到威胁的可能性就会大大降低。
Linux 与 Windows 权限
Linux相对于OS X 和 Windows(OS X and Windows)的一大优势是用户权限。Windows有很多烦人的问题,例如有人可以将文件命名为“(file “) CuteGirl.jpg.exe”,当您双击打开它时,该文件将被执行,您的计算机现在将被感染。这种 hack 不能在Linux中完成。为什么?
为了在Linux中执行文件,您必须使其可执行。这意味着您必须专门设置它的权限才能运行。Linux更安全的另一个原因是您需要 root级别(level access)的访问权限才能执行任何操作。
大多数Linux用户使用普通帐户,只有在需要对系统进行特定更改时才登录root 帐户。(root account)
Windows也有管理员(Administrator)和普通用户帐户,但 99% 的Windows用户只是使用(Windows)管理员帐户(Administrator account)登录他们的计算机,从而失去了普通帐户提供的所有安全优势。即使某些东西设法在Linux中运行,它也不能做任何事情,除非它可以访问root 帐户(root account)。
在Linux(Linux)中所需的特殊权限和非 root 帐户的使用使得创建一种像在Windows 或 OS X(Windows or OS X)中那样实际传播的病毒变得更加困难。
Linux是开源(Open Source)的,这很重要
使用Linux的另一大优势是一切都是开源的。您可以看到所有代码,因此很难在Linux 软件(Linux software)中隐藏病毒。如果有人确实为Linux创建了专有软件包(software package),除非它来自一家知名的大公司,否则它会自动被认为是不可信的。
大多数使用 Linux 的人从其Linux 发行版的官方软件包存储库(Linux distribution)安装(Linux install)软件。Windows 软件(Windows software)没有官方的Microsoft 存储库(Microsoft repository),它无处不在。
即使是像我这样一直使用计算机的人,我也下载并安装了一个我认为是合法的软件,但最终隐藏了一些间谍软件。就我而言,我只先在虚拟机中安装未知软件,如果虚拟机中一切正常,然后我将其安装在我的主机上。
在OS X上,Apple最近向操作系统添加了一项功能,该功能将阻止安装不在Mac App Store或一组已识别软件开发人员中的任何软件。
您可以手动更改设置,以便可以安装任何Mac 软件(Mac software),但我建议Mac用户启用它是一种保护措施,因为它比可以安装任何东西的Windows 机器(Windows machine)为您提供更好的安全性。
其他因素
还有几个其他因素决定了为什么你没有看到Linux 上(Linux)那么多病毒:
1. Linux 是一个异构环境。(Linux is a heterogeneous environment.)如果您曾经考虑过使用Linux,那么您可能要做的第一件事就是决定要安装哪个Linux 发行版(Linux distribution)(风格)。实际上有成千上万的Linux 发行版(Linux distribution),它们都是不同的。
Linux 内核(Linux Kernel)是不同的,它们都带有不同的包和配置。拥有如此多不同形式的操作系统使得编写一种会在所有事物中传播的病毒变得很困难。Windows并非如此。
2.出于安全目的,Linux 具有特殊的命令和功能。(Linux has special command and functions for security purposes.) 当您学习Linux时,您会学到很多关于让您执行某些与安全相关的任务(如sudo 或 chroot(sudo or chroot) )的命令。这些命令使在Linux(Linux)中执行特殊任务更加安全。
3 、Linux内核更小。(Linux Kernel is smaller.)这可能会引起争议,但总体而言,Linux 内核(Linux kernel)比Windows 内核(Windows kernel)小得多,当谈到检查和强制执行权限的操作系统区域时。更小更精简的内核并不一定意味着更安全,但它肯定有助于将事情保持在最低限度。
4.安全性增强的 Linux。(Security-enhanced Linux.) 有一些Linux发行版具有称为SELinux 或 Security-enhanced Linux(SELinux or Security-enhanced Linux)的功能。它基本上是一组使其更安全的内核修改。它是Red Hat、CentOS甚至Ubuntu的一部分。
希望这篇文章能够为您提供更多关于为什么Linux被认为比Windows更安全的详细信息。它绝对不是防病毒的,如果有一天每个人都(day everyone)开始下载和使用Linux,黑客也会找到新的和创新的方法来获取病毒!享受!
Why Does Windows Have More Viruses Than Linux and OS X?
I’m writing this post becаuse I recently overheard a conversation between two frіends where one recоmmended that the friend ѕwitch from Windоws to Mac or Linux becаuse the latter оperating systems are virus-proof аnd never get malware or rootkits.
Uhhh, wrong. Totally wrong. Unfortunately, there are many people who believe this and think buying a Mac or installing Ubuntu will protect them somehow.
There is some truth to the fact that Linux is a bit more secure, but OS X and Linux both have their share of viruses.
Also, since a lot of people don’t run anti-virus software on their Macs because it’s deemed not necessary, when a virus starts spreading on OS X, it spreads like wildfire and no one even realizes they have a virus. The Flashback virus in 2012 infected over 600,000 machines and took Apple weeks/months to release a proper fix.
In this article, I wanted to go through the reasons why there are more viruses for Windows and explain whether Linux is really more secure than Windows and why.
Malware Comes From Many Places
The first thing that I explain to people is that all operating systems are prince to malware or viruses from the web and from email attachments.
It doesn’t matter which OS you are on, if you visit a malware-infecting site, click on unscrupulous links or download and open unknown attachments, your computer can become easily infected.
Unfortunately, this is how most people end up with malware and viruses on their computer. It’s not as common to get virus or get hacked by someone because of an OS level security flaw.
Researchers are always finding security holes in Windows, IE, Office, etc, but the systems normally get patched up before the virus starts to spread or someone can take over your computer.
Since Windows is by far the most prevalent operating system, just the sheer number of devices ensures that Windows users will end up getting more viruses. Now that Macs are selling pretty well, the number of incidents of viruses and malware has gone up too.
OS X is inherently not any more secure than Windows. The same is not true for Linux, which is inherently slightly more secure. I’ll explain that further down. When a Linux user does get a virus, though, it’s almost always related to an Internet-facing application like a mail server or web app.
Linux Users are Technically Savvy
In order to run Linux on a daily basis, you need to know a lot more about computers than a Windows or Mac user, plain and simple. Even though Linux in the consumer arena is quite small, Linux is huge on the back-end like web servers, etc.
What’s surprising is that a lot of Linux servers don’t run any anti-virus. Why? Because the people who maintain them know what they are doing and the servers are hardened against potential attacks.
People who install Ubuntu also are less likely to get a virus by visiting a shady website (they’ll visit the site in a virtual machine) or downloading an infected attachment from their email.
A lot of people in this category install extensions like NoScript, which prevent any scripts from running while browsing the web. Obviously, if you go to those lengths to ensure your security, you’ll be far less likely to be compromised.
Linux vs Windows Permissions
One huge advantage that Linux has over both OS X and Windows is user privileges. There are lots of annoying issues with Windows like the fact that someone can name a file “CuteGirl.jpg.exe” and when you double-click it to open, the file will be executed and your computer will now be infected. This kind of hack cannot be done in Linux. Why?
In order to execute a file in Linux, you have to make it executable. This means you have to specifically set it permissions in order for it to run. Another reason why Linux is more secure is that you need root level access in order to do anything.
Most Linux users use a normal account and only log into the root account when they need to make specific changes to the system.
Windows also has Administrator and normal user accounts, but 99% of Windows users just log into their computer using the Administrator account, thereby losing all security advantages that the normal account would provide. Even if something manages to run in Linux, it can’t do anything unless it can gain access to the root account.
The special permissions needed and the use of non-root accounts in Linux make it a lot harder to create a virus that will actually spread like it can in Windows or OS X.
Linux is Open Source and That Matters
Another big advantage to using Linux is that everything is open source. You can see all the code and therefore it’s really hard to hide a virus in Linux software. If someone does create a proprietary software package for Linux, it’ll automatically be considered untrustworthy unless it’s coming from a large well-known company.
Most people using Linux install software from the official package repositories of their Linux distribution. There is no official Microsoft repository for Windows software, it exists everywhere and anywhere.
Even someone like me who works with computers all the time, I’ve downloaded and installed a piece of software that I thought was legit, but ended up with some spyware hidden. In my case, I only install unknown software in a virtual machine first and if everything runs fine in the VM, then I install it on my main machine.
On OS X, Apple has recently added a feature to the OS that will prevent installation of any software that is not in the Mac App store or a set of identified software developers.
You can manually change the setting so that you can install any Mac software, but it’s a safeguard that I recommend Mac users enable as it gives you better security than a Windows machine where anything can be installed.
Other Factors
There are a couple of other factors that dictate why you don’t see as many viruses for Linux:
1. Linux is a heterogeneous environment. If you have ever thought about using Linux, the first thing you probably had to do was decide which Linux distribution (flavor) to install. There are literally thousands of Linux distributions out there and they are all different.
The Linux Kernel is different and they all come with different packages and configurations. Having so many different forms of the OS makes it hard to write a virus that will spread through everything. This is not the case with Windows.
2. Linux has special command and functions for security purposes. When you learn Linux, you learn a lot about commands that let you perform certain security related tasks like sudo or chroot. These commands make performing special tasks in Linux more secure.
3. Linux Kernel is smaller. This one can probably be debated, but overall the Linux kernel is a lot smaller than the Windows kernel, when talking about the areas of the OS where permissions are checked and enforced. A smaller leaner kernel doesn’t necessarily mean more secure, but it definitely helps to keep things to a minimum.
4. Security-enhanced Linux. There are some Linux distributions that have a feature called SELinux or Security-enhanced Linux. It’s basically a set of kernel modifications that make it more secure. It’s part of Red Hat, CentOS, and even Ubuntu.
Hopefully, these article gives you a few more details as to why Linux is considered safer than Windows. It’s definitely not virus-proof and if one day everyone starts downloading and using Linux, the hackers will find new and innovative ways to get viruses there too! Enjoy!
