Linux vs Windows: Malware

All the comments about Linux on this video are completely missing the point: The average user idea of "malware being something you click on while browsing" is a very limited view of malware and largely obsolete in various fields of cybersecurity. Most cyber threat actors today don't think in terms of a specific OS, rather a specific target or target group and tailor their techniques to whatever platform is relevant.

pcsecuritychannel

One thing that has always stuck with me in my career in IT is that "the issue lies between the chair and the keyboard." Human error is the biggest cause of malware infection going. It should be compulsory to teach kids and even adults the importance of staying safe online.

cosmicgoat

You should cover Linux malware more - show newbie, and intermediate, nix users how to listen for, spot and remove issues.

paullee

Debian the most vulnerability? That site put all Debian release from 1993 up to today in the same basket which is stupid. There is 12 release of Debian so if they split the vulnerability on each release, it still way much less vulnerability than Windows 10.

agolinux

1:54 This ranking list is SO misleading. Debian Linux is a huge project which ships tens of thousands of software packages including Firefox and Chrome browsers, LibreOffice, server stuff like Apache web server, SQL databases etc. -- of course it will have more vulnerabilities *in total* compared to just bare Windows without any 3rd-party software.

If you want valid comparison you should install both in a similar configuration, and then do weighted sum of discovered vulnerabilities in installed software for both for e.g. one year, where weight will be severity of that vulnerability.

psupogh

No offense but the cvedetails is misleading!

Example Debian:
Debian leads the charts because 114 versions are grouped under "Debian Linux", while Windows 10 is only Windows 10 and it's updates.
Also do security holes in 3rd party software count as Debian vulnerabilities, because they are in the repository.
Example Debian --> Debian Linux ---> 10.0 ---> CVE-2024-20952: Oracle Java SE, Oracle GraalVM for JDK.

If cvedetails would group all Windows versions from Windows for Workgroups till Windows 11 together including all updates and 3rd party software, then Windows would be the leader.

Windows XP SP2 had finally a firewall but the default user was still admin, so insecure.
Meanwhile Linux/Unix had proper multi-user with ACL, ASLR, MAC (SELinux, AppArmor, TOYOMO), grsecurity etc

Microsoft started the whole UAC, ASLR, MIC stuff with Vista.


IMHO malware is still rare under Linux compare to Windows.

PyCoder

Most people who use desktop Linux aren't worried about being targeted by malware, they want a clean operating system that isn't loaded with Windows pre-shipped spyware. The attack surface of Windows is simply larger when it comes to all of the unknown proprietary processes and telemetry running in the background. Especially after the Copilot+PCs start ending up in everyone's hands. You can defend your spyware box all you want, it doesn't change the fact you have no idea what all is actually running on your computer.

Sqwert-gh

1:55 Why are different versions of Windows separate entries? Other operating systems aren't grouped by major versions and it's not like they develop new major versions of Windows from scratch. What I want to see is all of the Windows versions grouped together and removing duplicate vulnerabilities that affected multiple versions.

renpnal

I really expected better... But here we go:
- 00:51 Nobody on Linux downloads random executables, we have Software Repositories.
- 00:51 Server/IOT virus, much harder to come by as a desktop user with a functioning brain.
- 01:38 We also have Flatpaks, which make ransomware completely powerless ;)
- 01:58 List sums up Linux, but seperates Windows. In total, Windows has more vulnerabilities.
- 01:58 Linux is Open Source, so people find vulnerabilities by just browsing its code, not by exploiting it.

You didn't give a comparison, you gave a rant.
Here's something this video should've been:
- Windows users get viruses by just trying to download a web browser, Linux users need a global scale data breach.

shartdiffractor

This is extremely misleading, you can't just compare CVE counts of entire package ecosystems like Debian to only Windows

Dr-Zed

Theoretically, no OS is secure, as malware can target any system. However, despite statistics showing that malware can be successful on Linux, we rarely hear complaints or see much drama and victims from Linux users. This discrepancy suggests a gap between statistical data and real-world experience.

newbtop

Yes, Linux malware exists and yes, Linux users need to be worried about it but it's not as prevalent and it generally requires more interference to get it to work.

Desktop Linux is largely a harder target to hit than desktop Windows. Especially with more and more distributions shipping with app armor policies or modern SE Linux policies which help prevent unauthorized access to critical parts of the system. Desktop Linux distributions are also often now requiring passwords to be put on the super user account which used to not be required and would result in a fairly easy privilege escalation as long as you knew what you were doing. And in general we have seen a push from both canonical and red hat to start shipping distributions in a baseline secure mode with some flexibility to increase the amount of hardening that can be done.

Essentially, the current best practice is to ship a distribution in a state that is hardened but not inconvenient so the distribution shouldn't get too in the way of the user, but it should also not allow excessively dangerous operations.

Also, a major point on the lack of variety for Linux malware is just the smaller attack surface. There's not as many users on Linux that can be directly attacked which is why we see the botnets that target iot devices which are often not as secure as the desktop distributions. I am curious as to how anyrun setup their Ubuntu VM because at worst an encrypt and wipe program should only be able to hit the home folder.

Its-Just-Zip

My (sysadmin for several schools) real-world experience says: For non-technical users (desktop) Linux is a solution to the malware problem, which includes not only malware but also malware protection software. Linux servers have open ports that make them vulnerable to attacks. The usual way of getting malware (clicking on, or installing something) simply is a no concern on Linux, at least for now.

One school even decided to give the students full access to the laptops, and while some managed to break the OS (mostly by deleting some file/package or misconfiguration), we never had an issue with malware so far.

LostinSpacetime

Yes, cyber security is not a Windows problem but I have some comments I want to make:

1- when you show the all time leaders you forgot to mention Windows Server 2016, which is at #6 on the list, although in this case the comment you made was not malware related but vulnerabilities related
2- Mirai is a worm that uses brute force and password spray attacks, when it finds a device with user and password by default it gets root level control over the device so it isn't directed at desktop users, the main focus of this channel, because desktop users' passwords should represent a bigger challenge
3- when you execute the linux ransomeware example you either had to give execution permisions or it was using an PrivEsc exploit, if you execute a an ELF file the shell won't do anything unless you use 'chmod +x file' first

puyatecla

Honestly, the main security advantage of Linux that I see is that you aren't encouraged to go and download apps from random websites. The system itself is of course vulnerable, it's not like no one make mistakes writing code (or just doesn't realize the security implications of something) just because they write Linux software.

I think one of the best way an OS can keep you safe is by just making it as convenient as possible to do the secure thing, and by being vigilant when it comes to vulnerabilities. The reason I think it's important that being secure is convenient is because otherwise, some people will start to circumvent the security because it's inconvenient. If it's convenient, fewer will probably do that.

the-answer-is-

In default, baseline configuration Linux is still going to be more secure but I get your point. I have yet to come across a home user whose single windows account is NOT a local adminstrator (root).

Wahinies

These are prevalent because Linux is prevalent on every other type of system other than desktop PCs
Try finding a supercomputer running Windows

PaulG.x

I'm not a security or system admin, but the guys in my firm that do that work say that Windows keeps them up at night. There are a lot of places for malware to hide in Windows like task scheduler, services, RunOnce, etc... But, they say Linux is easier to audit and lockdown with things like systemd and selinux.

esra_erimez

It make sense to see more vulnerabilities reported on linux, it's opensource, more eyes on the code = more reports... I do not trust close source OS no more, especially corporation distributed OS...
Another thing, the world runs on linux, all the servers and most home devices are linux based, so ofc it makes sense to have a linux bot net... Linux users are more tech literate than windows on average making infection less likely to happen.

Bunuffin

What was that website, showing Debian as the top vulnerable os? Any source?

moetocafe