Bert said:
If that attitude becomes widespread as more and more non-technical folks
start using Linux, you can be sure Linux will become a target.
Remember, the first reported Internet worm selectively infected Vaxen and
Sun boxes running Berkeley BSD UNIX.
I've never claimed that Linux/Unix viruses are impossible. However, the
basic design philosophy of Unix & Linux makes it extremely difficult for
one to propigate. For example, IE is tightly coupled to the Windows
kernel, which means that if it gets compromised, the whole system is. Then
there's ActiveX, which relies on trusting the source for security, or the
old default behavior of Outlook to automatically run executable
attachments, limitations that encourage users to run as admin, etc. On the
other hand, Linux & Unix are designed in a modular fashion, which limits
the ability of a malware to do damage, a user has to a) detach an
executable b) make it executable and c) run it. Even then it can only
affect his own files and not the whole system. Also, users are discouraged
from running as root, except as necessary. Security in Linux & Unix was
built in from the start, as they were intended to be multiuser. Windows
however, was originally designed as a single user, non networked system,
with security controls tacked on later. You might also take note of the
fact that about 70 - 75% of all web sites are running Unix or Linux, yet
have the fewest successful attacks. Incidentally, many of those commercial
firewall/router boxes run Linux or Unix.