-9

Since Android has virus: Android.Counterclank, Android.Tonclank (seal info, back-door), does it prove that FreeBSD, Solaris, Fedora, CentOS, ArchLinux, Ubuntu can all have similar virus/trojan/malware, but not that being publicly well known?

Basically in general Linux/Unix desktop or server, we do not see them because there is no scanner/nor better tools available nor we care by saying Linux/Unix do not have virus.

But Android shall prove it; Every Linux/Unix has trojan/virus/malware sitting and sleeping somewhere which is stealing business logic, confidential information, transactions, passwords etc same like Windows?

Improve this question
4
  • 4
    en.wikipedia.org/wiki/Linux_malware - there's been viruses/worms for Unix since a very long time ago (search for "morris worm"). There are antivirus/anti-malware/rootlkit detection software for Linux (and others). I'm not sure I understand what your question is. Commented Feb 4, 2012 at 10:47
  • 2
    It's foolish to think that Linux/Unix has no malware. Commented Feb 4, 2012 at 11:47
  • 1
    then why many linux/unix experts keep saying or lol at Windows by saying "Windows always virus" get Linux. Commented Feb 4, 2012 at 12:14
  • 3
    Because privilege separation is relatively easy to achieve in a unix-like environment. And because there's less malware existing for these platforms. And because really a few things get started automatically on unix-like systems. It's easier to configure, administer and secure. That's why. Now if everyone starts using a GNU/Linux, you'll get the same problems as on windows, sorta: users are not admins and attackers are smarter than them. Commented Feb 4, 2012 at 19:51

5 Answers 5

Reset to default
11

There are scanners and tools. But it's not worth the hassle to develop them more.

No system is immune to viruses, trojans, malware. In the end it's just some piece of code that runs, but doing things you don't want. It happens in every systems and 99% of the world is probably vulnerable at some point.

Android has become a really interesting target, this explains why you can see some media activity about vulnerabilities targeting android systems. But it's really nothing special, and the best defense is as always stay up to date, do backups and be alert of suspicious programs/links/activities.

I have been running windows 7 for 2 years without an anti-virus. My system is fast and I never had any problems. It's easy if you know where to look, I know exactly what's executed, and why. If I don't know, I look for it, and I may remove it from my system.

On Unix it's way easier to monitor a system and find suspicious programs/activity. Most people using Unix are competent (more than windows uers) so malware writers will not change their targets that easily, because less chances of success.

So yes, virus are potentially everywhere. But using some diagnostic tools will probably reveal them. On a noisy system as windows and android, viruses' noise will be hard to spot, and at this point it's realistic to consider that you are already infected. Never think you are safe except if you are sure you know what is going on. It takes years of studies and experience to be a competent system administrator, if you install an Unix system, it's your responsibility to become administrator. Or else, accept the fact that you'll never be safe, especially against targeted attacks.

Now let's talk about rootkits. This is the next level, if you get one, you will probably be specifically targeted by someone very competent. As most working rootkits are very recent and kept hidden. You will probably never notice it. If you're lucky your system will crash and this may alert you. There have been rootkits targeting Unix for years, Mac OS X, FreeBSD (There's a book to learn how to write them, very fun, Designing BSD Rootkits), GNU/Linux, etc.

Improve this answer
4

You seem to think that 1) a system can be virus-free; 2) antivirus can catch all threats. If you have really sensitive information and you are relying on antivirus or on the fact an operating system is not as used as others or less targeted by script-kiddies, you're doing it wrong.

For short, no, GNU/Linux, Solaris and BSD aren't virus-free. And will never be. We just don't usually have people running their mail client with administrative priviledges and running whatever Visual BASIC script arrives embedded in an incoming mail message.

There are scanners and tools, that can hash binaries and check for changes, look for setuid programs, and tons of other fingerprints. If you think lack of antivirus means you can't find threats, then you don't know what the real threat is (it's not the script kiddie who just builds a self-replicating worm, it's the guy who's so devoted to build your data that he builds a specially-crafted tool just to attack you, so no antivirus will ever get the fingerprint in their database).

Improve this answer
4

Why are there viruses found on Android, but not so much on FreeBSD, Solaris, Fedora, CentOS, ArchLinux and Ubuntu Desktop systems?

There are several conditions which are important to spread a virus. The most important one is IMHO the infection way.

On servers, for example web servers, there are root kits in the wild for a long time, but not for Desktop systems. Why is that?

A server has to be reachable from the outside, so if there is a known vulnerability, it can be infected. On a desktop system, foreign users can't run code. It's hard to make you step into a trap, for example to let you open a manipulated, broken, malicious image with a certain, known to be vulnerable program, and if you do so, you do it with restricted rights. And from outside, it is hard to tell which version of a program you use, or whether the problem is already fixed on your system. On a server, the software version can often be detected from outside.

Because desktop users mainly use a repository, where they get software from the authors, legally and for free. There is no reason to use a crack for a otherwise expensive software, but on windows, there are much warez circulating where nobody knows where it origins, nobody is responsible, and nobody can complain while using a cracked tool.

On android, the repository and free software idea is given up. There is no central, trusted place where you get your software, but it is an unorganized mess. You often can't investigate, where it's coming from. And the idea to save some money by using a cracked software makes the people vulnerable for letting malicious code on their devices.

Improve this answer
3

First of all - there are the virus-like apps for linux desktop/server. They are named rootkits.
As far as linux has another security model then windows and android, rootkit often are targeted against applications and not against system at all. I mean, for example there are special rootkits which infect server/desktop via apache or php.
Secondary, "Android is a software stack for mobile devices that includes an operating system, middleware and key applications". It uses modified linux kernel but it has completely different security model, so far it's more vulnerable for different threats.
And as final point - viruses are developed for wide distributed platform. And as far as linux is not wide distributed in end-user world. So there are not many desktops runned linux but there are a lot serevers runned linux.
So far, there are not viruses (in windows meaning, the user runned process which can affect system at all) for linux based desktops, but there are rootkits which are able to infect linux-based servers. From other hand, Android is a wide distributed platform, that's why peoples create the windows-like viruses (runned by end-user) for this platform.

Improve this answer
1

First of all, this question shows a lack of research. Yes, there is some misconception of unix systems like Linux and Mac "not getting virus's". Some people think that's because just there's more Windows systems out there to target. However, if you consider that probably 90% of all the servers and embedded devices on Earth run some form of Linux, than it's clear there's plenty of Unix/Linux systems to target as well. Servers also often have valuable information on them, fast internet connections, and are on 24/7, and thus are valuable targets. And while Linux systems totally are targeted and compromised all of the time, I'd bet that the percentage of compromised Windows machines is much higher for a couple reasons. First, as mentioned, a Unix system is just easier to secure, mainly because of the way permissions are handled. The second factor, in my opinion, is that people running Linux are typically more informed, and thus security aware. System compromise happens because the user either did something they should not have, or didn't do something they should have. Android is currently the most popular OS in the world, so the percentage of security aware users is inevitably going to be lower.

Often times in the Linux world, compromise happens because of lazy IT technicians, and is not the system's fault. Most of the time, these incidents totally could have been prevented, take for instance the recent US government hacks. With Windows and Android, it's a totally different story. The Windows community doesn't have hundreds of thousands of eyes scrutinizing it's source code all of the time, so bugs and vulnerabilities go overlooked and Android, being an embedded system, does not get kernel updates and such as often as desktop systems. In a proprietary world, you also have to wait for the developer to issue a patch because nobody has the source code. So, when a vulnerability is found, it can be like open season till Microsoft or whoever patches it.

Because Linux is free for anyone to use, it's often used to power embedded devices.Android is indeed a unique situation, because it's driven by a Linux kernel, and while it does have a pretty good permissions system that could help to prevent the spread of trojans and viruses, that system has been completely perverted. Apps tend to ask for way more permissions than they need, and people tend to do things like 'Sure, I'll give this flashlight permission to access the internet and read my location, why not?'

Android is also a high value target, as cell phones tend to carry more personal information than personal computers ever did, after all we have them with us all of the time, pay for stuff with them, do our banking on them, etc. Also, while it's technically Linux powering the Android system, the actual apps running in userland are written in Java, which is something else entirely.

Finally, the reason why we don't have gigantic anti-virus databases filled with signatures of every bad thing that ever was is because (wouldn't you know it), it turns out that's a hell of a lot easier to just white-list the stuff that should be allowed to run on your Linux machine than it would be to try to identify and enumerate all of the badness in cyberspace and than rely on software to blacklist it. AV is a counter productive (and expensive) approach to the problem. This is just an opinion, but the billion dollar market for anti virus software is likely part of the reason there's so many viruses out there. It's business.

There is stuff like chkrootkit and rkhunter out there, but most of the time all it will give you is false positives. With Linux, it's much easier to see what's happening on your system, so there is not as much need for something like AV. Most of the few programs that do scan for bad things are looking for rootkits. Ironically, the rest are actually looking for Windows viruses, for instance mail servers may run clamav to make sure Windows or Android clients don't get infected by something they transmit. It's also worth mentioning that cell phones have always been extremely insecure to begin with. GSM has been broken since it was invented, the feds now want Apple to put an 'encryption backdoor' in the iphone, and basebands are remotely manipulated through ISMI catchers by criminals an police alike. None of that is Linux's fault. Like others have said, the system is only as secure as the weakest link.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.