July 30, 2004

Survey says over 90% of Linux systems have never had a virus

Author: Robin 'Roblimo' Miller

This headline paraphrases one on a blurb for a report from Evans Data Corporation that goes on to say, "3 in 5 non-Linux developers reported a security breach," and "78% of Linux developers say that their Linux systems have never been hacked." Let's take a deeper look at those figures.The virus figure

"Ninety-two percent of survey respondents indicated that their Linux systems have never been infected with a virus, according to Evans Data's new Summer 2004 Linux Development Survey."

Okay. I personally figure the other eight percent were giggling too hard to put the right mark in the right place. Or maybe they thought the question said, "Have you ever had a virus sent to you by email?" and checked "yes" even though their Linux machines weren't infected by those viruses.

There has been exactly one (1) virus -- Bliss -- ever found in the wild that could affect Linux, and you had to run as root to have it infect your computer in any meaningful way. If you were operating as a regular user, all it could affect were binaries for which you had read and write permissions. It is barely conceivable that eight percent of the developers surveyed by Evans Data got this virus (or trojan, or whatever you want to call it), but it is also unlikely that this is a true figure. I have met thousands of Linux users at meetings and conferences all over the world, and not one of them has ever told me he or she has gotten a virus infection on a Linux computer.

Of course, it's entirely possible that some fevered person with nothing better to do is sitting in a dank basement right now perusing The ELF Virus Writing HOWTO and cackling gleefully as he prepares to bring all the world's Linux computers to a screeching halt. But that Evans survey also says:

"'It's not surprising that Linux systems aren't hacked to the degree that Windows-based machines can be exploited. The reasons for the greater inherent security of the Linux OS are simple, more eyes on the code means that less slips by and the OS is naturally going to be better secured,' said Nicholas Petreley, Evans Data's Linux analyst. 'As also found in Evans' recently released Security Development Survey, the mechanism by which a Linux machine can be compromised is by users inadequately configuring security settings. Ironically, the other flaws that crackers use to compromise Linux servers are flaws in applications which run on competing operating systems, so those vulnerabilities are not specific to Linux.'"

Hacking Linux

"...78% of Linux developers say that their Linux systems have never been hacked and less than 7% were hacked three or more times. Of the 22% that have been hacked, 23% of the intrusions were by internal users with valid login IDs."

I think the problem here is that some Evans survey respondents confused hacking with cracking.

I'm writing this while waiting for my friend Logan to come over and hack some code on one of my computers so we can use it to take video screenshots with accompanying voice narration. My wife and I own a total of five working computers between us, so later this evening we'll be able to safely say 20% of our computers have been hacked. And we'll be among the 23% who are hacked by people who have valid login IDs, since I plan to give my root password to Logan as soon as he gets here. (For those of you who are curious, that root password is *******.) Of course, I'll probably change that password after he leaves, not because I don't trust him but because it's good general security practice.

I've made two previous attempts, myself, to hack the code needed to run this video capture software. Logan's attempt -- which is almost certain to work because he's a lot smarter than I am -- will make hack number three, which will put me into the elite seven percent of Linux users who have been hacked three or more times. W00t!


I've been running Linux since 1997 and I have never gotten a virus or had my computers cracked. I have no anti-virus software and I take no extraordinary security measures. My computer has no spyware or adware on it.

So, despite my primary computer getting "hacked" three times -- in less than a week, mind you -- I think I will go on using Linux.

Has *your* Linux box ever been cracked or gotten a virus? Take our poll!


  • Humor
Click Here!