Response to “Antivirus – Community Ubuntu Documentation”

This is a response (as of 10-06-2013) to the following sections on the Community Ubuntu Documentation wiki page “Antivirus” (https://help.ubuntu.com/community/Antivirus):  No disrespect is intended with my replies.

1) “Possible reasons Linux is less prone to malware”

2) “Root User vs normal usage”

3) “Market Share Myth”

The Ubuntu documentation is in red and my replies are in black. All quotes from the wiki are direct quotes.

——————-

Possible reasons linux is less prone to malware

  1. Programs are run as normal user, not Root User
  2. More eyeballs on the code, nowhere for malware to hide
  3. Vast diversity makes it difficult to reproduce flaws in a system
  4. All software and drivers are frequently updated by Package Managers
  5. Software is generally installed from vast Repositories not from unfamiliar websites
  6. Developers/programmers are recognised as Rock Gods rather than treated with contempt
  7. Elegant, secure code is admired & aspired to. Hasty kludges are an embarrassment

Response to #1:  Both Windows (2000/XP/Vista/7/8/8.1/10) and Ubuntu Linux can run software as a normal user.

Response to #2:  Myth. If anything, there would be so much code (like in the Linux kernel) that no one could constantly go through all of the code to make sure that no “monkey wrenches” have been thrown into the works. 🙂

Take a look at: http://scalibq.wordpress.com/2013/05/15/the-myth-of-linuxopen-source-security/

Response to #3: I assume you mean many different types of hardware when you said “vast diversity”. That is not always true. If there is a flaw in the Linux kernel, technically it could affect all Linux systems that have not been patched.

Response to #4:  This does not guarantee that no viruses can take over your system. This is a poor argument.

Response to #5:  You are assuming that the servers hosting the files for the repositories are not infected with a viruses. This does not guarantee that no viruses can make their way into your system. This is a poor argument.

Response to #6:  …no comment…

Response to #7:  Not all software for Linux is secure. For example, the BIND DNS server has had multiple security issues over a 15+ year span. Not good.

“A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace the existing population, the virus is doomed from the beginning — even before news reports start to raise the awareness level of potential victims.” by Ray of http://librenix.com

A virus, if programmed correctly, could just lay dormant until other computer(s) are detected for possible infection can be found. Most viruses, in my opinion, will only get as far as the computer it infected (whether on Windows or Linux).

Root User vs normal usage

“For a Linux binary virus to infect executables, those executables must be writeable by the user activating the virus. That is not likely to be the case. Chances are, the programs are owned by root and the user is running from a non-privileged account. Further, the less experienced the user, the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also the ones with the least fertile home directories for viruses.” by Ray of http://librenix.com

If the virus uses an exploit in the Linux kernel, it may not matter whether or not the current user has permission to access other files. If you have SE-Linux enabled (assuming you are using a distribution that includes it), that may help prevent the virus from functioning (or at best, functioning correctly).

Market Share Myth

Some people say that linux suffers less from malware because it has less than 1% of the desktop market compared to Windows 90% & suggest that if linux ever increases in popularity then it will suffer just as badly. This argument is deeply flawed & not just by the spurious statistics. Linux dominates server markets(NB: this link dead). Why struggle to write a virus that might knock out a few thousand desktops when knocking out a few thousand servers could knock out a continent? Yet it is the desktop machines that are commonly exploited.

If 90% of computer users switched to Linux overnight, you would see a huge difference in the amount of malware you have for Linux.

What I think you do not understand is that hackers will go after targets that are easy and rich in “bounty”. In my opinion, most Windows users do not understand computer security (and the same would go for Mac OS X and several Linux users). They will click on just about anything, download just about anything, open e-mail attachments without observing if anything is out of the ordinary, etc. It is not that Windows is easier to hack than Linux. It is because there are many users that are not knowledgeable about computer security that makes it easier for the hackers to gain access to Windows computers.

Hackers know they have a better chance with Windows users than others. If even 50% of the Windows users suddenly went to Linux, you would have such an increase in malware (albeit not as much of an increase as you would have with 90% of Windows users switching over to Linux), that you may not be ready for it.

I used to use Linux to run a DNS resolver for the house and shop, but that does not mean that the DNS resolver was 100% secure just because I ran it on Linux. I ran it on Linux to save RAM, not for security. If I had let it go (without running any updates), I would have eventually gotten hacked.

“Why struggle to write a virus that might knock out a few thousand desktops when knocking out a few thousand servers could knock out a continent?”

That is speculation. How do you know that all the computers running the power grid, gas systems, etc. are all running Linux? Some could be running UNIX, Mac OS X, or even Windows.


Posted in Computers, Internet and Servers, Operating Systems, Software

Do I Need a Web Hosting Control Panel?

If you are looking into running your own web server, you probably have heard about web hosting control panels before.

Web hosting control panels are software that runs on a web server that allow you and others to manage web domains, e-mail accounts, FTP accounts, MySQL databases, etc.


Here are four questions to ask yourself, if you are wondering if you need a web-based control panel:

1) Are you experienced using the Linux command line? If you plan to use Windows, have you ever administrated a Windows server before?

2) Do you have intermediate knowledge of how to setup and run a web-server?

3) Are you good at problem-solving?

4) Do you have many websites to manage?

If you answered “no” to questions #1, #2, or #3  and/or  you answered “yes” to question #4, then you will be more comfortable using a web hosting control panel. Also, if you are planning to sell web-hosting or have a lot of websites to host, then using a web-hosting panel may be easier than doing everything manually. Otherwise just forgo a web hosting control panel and do it yourself.


Please keep in mind, using a web hosting control panel, you are potentially making it easier for a targeted attack, since one little web panel script with a vulnerability in it can potentially compromise your server (not joking).

If someone does hack the web-based control panel and gets into your accounts, they can do some serious damage and you better hope you have a current backup that restores successfully.

Here is an example of a web hosting control panel giving you a security problem (I know the linked article is old, but it still proves my point): https://krebsonsecurity.com/2012/07/plesk-0day-for-sale-as-thousands-of-sites-hacked/


Web-hosing panels are there to make your job easier, usually at the expense of being flexible with your server. When using a web-hosting control panel, you are “locked-in” with whatever the web hosing panel allows you to do. It’s basically convenience or flexibility with your server.

It is not advised to “do your own thing” (doing something that the web-hosting panel does not support; going around the control panel to do something), since this can cause problems down the road. It’s best to just stick with whatever the web hosing control panel provides you, so you better pick the right one the first time.


Posted in Computers, Internet and Servers, Software

Similarities of Windows and Linux

Windows and Linux both have the potential to accomplish the same things (like web hosting). There are differences, but in the long run, it is really a matter of what you need and if possible, want to use. Note: This list does not contain every single similarity between Windows and Linux. Somethings in this list have to do with the operating systems them-self. Other things in this list have to do with the way people make use of them.

Last Updated: 12-04-2015

1) Windows and Linux both can have limited “non-root” (Linux) and “non-administrator” (Windows) system users.

2) Both Windows and Linux can host PHP websites via FastCGI.

3) Both Windows and Linux have anti-virus software (many more anti-virus programs
for Windows, almost nothing for Linux).

Note: Linux can get viruses too, but without running a real-time anti-virus program on your Linux box, how can you have the potential to know that you do not have a virus on your Linux desktop/server?

4) Both Windows and Linux can run several different types of web services (e.g., web server, e-mail, DNS, MySQL, etc.)

5) Both Windows and Linux can run several pieces of hardware out of the
box.

6) Both Windows and Linux can blue-screen (in UNIX and Linux it’s called:  Kernel Panic)

7) Both Windows and Linux make good use of your system resources.

8) Both Windows and Linux can run many days without a reboot.

9) Both Windows and Linux have file-systems that can become corrupted.

10) Both Windows and Linux are used in Professional companies for doing work.

11) Both Windows and Linux have open-source software that runs on them
(e.g., Apache Webserver,  BIND DNS,  SpamAssassin,  Mozilla Firefox,  Mozilla Thunderbird,  Blender,  etc.)

12) Both Windows and Linux can take a while to setup correctly.

For example, downloading and installing updates, making sure that SSH (or if you are using Windows, Remote Desktop) is setup correctly, drivers are installed and working properly, host-name for the computer is set, (if you are running a web-server) making sure that you have a separate user account for each web service you host (for increased security), etc.

(in my opinion, Windows takes less time setting up than Linux, but that may not apply in your situation).

13) Both Windows and Linux have support (Red Hat and SUSE are two for
Linux, and of course Microsoft supports Windows).  Both also have free online support via web forums.

14) Both Windows and Linux can boot quickly.

15) Both Windows and Linux have pretty good security. Windows has Access Control Lists on its NTFS file-system, but Linux uses Read/Write/Execute bits by default instead.

Linux does have the ability to use ACLs, but I have never heard of Linux using ACLs by default.

Access Control Lists basically allow you to fine-grain your file-system security. The Read/Write/Execute bits are very limiting compared to ACLs.

16) Both Windows and Linux can get viruses (Windows is the larger target for malware, but this does not mean that Windows is easier to infect, nor does it mean that you are guaranteed to get malware when using Windows).

17) Both Windows and Linux are stable operating systems.

In my opinion, 99% of crashes on Windows are due to faulty hardware and/or drivers. However both Windows (NT family) and Linux are stable operating systems, when using good stable hardware and good stable drivers.

18) Both Windows and Linux can be secure, if you know what you are doing.

19) Both Windows file-systems and Linux file-systems suffer from hard drive fragmentation.

When you delete files (on any file-system, NTFS, ext4, ext3, etc.), you leave gaps in the file-system. These gaps will be filled with other files, but you will also have files before and after the new file. So when the computer goes to access the data, it has to sift though all of the data to find the bits and pieces it needs to complete the task.

20) Both Windows and Linux can read several file-systems (For Example: there are drivers for Windows that allow you to read EXT3/EXT4 Linux file-systems).

21) Both Windows and Linux run mission-critical applications.

22) Both Windows and Linux can be hacked by malicious Internet users.

23) Both Windows and Linux can be used to host online game matches on the Internet.

24) Both Windows and Linux have plenty of development tools to write software.

25) Both Windows and Linux work on embedded devices. (Windows CE is Microsoft’s OS for embedded devices)

26) Both Windows and Linux can run as a server on low-memory systems. (On Windows, you can use “Server Core” to not only save RAM, but to lower the attack surface of your server)

27) Both Windows and Linux can be used to program micro-chips.

28) Both Windows and Linux are used in industrial manufacturing of products.

29) Both Windows and Linux are used by governments to run and manage utilities.

30) Both Windows and Linux have 32 and 64 bit editions.

31) Both Windows and Linux have the ability to use virtual memory (SWAP).

32) Both Windows and Linux have the ability to run automated tasks set by the user. In Linux, this is called “Cron”.  In Windows, this is called “Task Scheduler”.

33) Both Windows and Linux support Type-1 and Type-2 hypervisors for running virtual machines.  A couple of examples of Type-1 hypervisors would be Hyper-V for Windows and KVM for Linux.

34) Both Windows and Linux have the ability to quickly communicate information between running programs on the computer.  In Linux there is something called “Unix Domain Socket”.  In Windows there is something similar (not exactly 1:1 though) called a “Named Pipe”.

35) Linux has integrated firewalls in its kernel (e.g., ipchains, Netfilter, nftables).  Windows’ own integrated firewall is simply called Windows Firewall.

36) Both Windows and Linux support symmetric multiprocessing.

37) Both Windows and Linux are multitasking operating systems.

38) Both Windows and Linux have Disable Memory Execution support.

39) Windows and Linux both support Address Space Layout Randomization.

40) Linux has Mandatory Access Control kernel security modules such as SELinux, SMACKTOMOYO Linux, and AppArmor.  Windows supports Mandatory Access Control and already has it built into its kernel.


Posted in Computers, Internet and Servers, Operating Systems

How Much VRAM Do You Need

Last Updated:  10-19-2019

Video card memory (VRAM) temporarily stores data for quick retrieval. The more video memory you have, the more image information your video card can store away for quick and easy access.

These are not official guidelines. They are my opinions on the matter.

Type of ComputerRecommended Video RAM
Office / Work Computers
(for non-Multimedia use)
1-2GB of VRAM
Gaming / Multimedia Systems (<1080p)2-4GB of VRAM
Gaming / Multimedia (1080p)4GB of VRAM
Gaming / Multimedia (2k)6-8GB of VRAM
Gaming / Multimedia (4k)8-12GB of VRAM

Definitions:

“Office / Work Computers” — any computer that is used for word processing, spreadsheets, and anything else that is generally used in an office.

“Gaming / Multimedia” — any computer that is used to play games, develop FX effects for videos, video editing, etc.


Posted in Computers