Author Topic: Linux more secure than Windows because of the way mail attachments are handled?  (Read 216 times)

Offline fox

  • Posting Member
  • Sr. Member
  • *
  • Posts: 361
    • View Profile
In this article, posted this morning in lxer, the author claims that one of the reasons Linux is more secure than Windows is because:

"... social engineering is much more difficult to carry out. Social engineering is when worms and viruses are spread by convincing computer users to carry out an action that they shouldn’t, for example, open an attachment. The chances of this happening with a Linux system are reduced because the user would need to read the email message they received, after which the attachment would need to be saved, the user would then need to grant executable permissions, and finally, they would need to launch the executable. This is very unlikely. However, with Windows systems, all they need to do is open the email and click on the attachment."

Is this really true? I never click on attachments I have suspicions about because I assume that they could then be executed, but the author of this article says that they can't on Linux. This doesn't seem right to me, given that I could be using the same email client on either system (in my case, Thunderbird), or on the Mac for that matter. Why would the same program treat email attachments differently on different operating systems?
Mac user running Ubuntu 16.04 (Unity, Gnome) and Arch on Dell XPS 13 (4gb RAM, 250gb SSD)
Ubuntu 16.04, Bunsenlabs Linux and Arch on upgraded 11.6" Acer 1810TZ Olympic Edition (4gb RAM, 240 SSD)
Ubuntu 17.04 on 2012 Mac mini and 2010 & 2012 iMacs

Offline elpresidente

  • Administrator
  • Sr. Member
  • *****
  • Posts: 418
    • View Profile
I believe that is accurate. I'm not sure if I understand this well enough to explain it but its the file handlers within Thunderbird combined with the underlying operating system that decides how attachments are opened. If there is nothing within the handlers in Thunderbird for Linux to handle executable files (and I doubt there is), it will ask you what to do with it. Windows likely tries to run it but I don't know that for sure. I haven't used Thunderbird in ages.  They may likely warn you that this is an executable file and to be very careful. Add to that that I don't know if anybody is passing shell scripts or other Linux executables, it's likely a lot safer. This is usually a Windows problem.

That's not to say that executable attachments are the only way to get infected but they are the most common. Programs that handle files can be overwritten in such a way to allow the program to be taken over. So even an image file could hurt you. And this isn't just theoretical. It has happened (in Windows, not sure about Linux). It'd probably be a lot harder to create in Linux though because you'd have to figure out what program is being used to open the file and what version (since you'd likely need a code vulnerability). Since there are so many desktops and programs used in Linux, it'd be hard to make any assumptions. Whereas, in Windows, it comes with a whole bunch of programs such as a viewer and a video player, that a lot of people don't bother installing alternatives to, so it'd be an easier target.

Speaking of attachments, I received one from you via a text sent a few days ago (May 23rd 5:58 PM). It wanted me to download it. What is it? It's 134 KB in size.
Jason

Offline buster

  • Posting Member
  • Jr. Member
  • *
  • Posts: 95
    • View Profile
As far as I know, all executables in Windows 7 and up post a warning 'Do you want to install this program' after you click on them. Because you are root you can click yes, though the highlighted choice is no.

Where I have run into problems in the past occurs when I install a downloaded program and then absentmindedly just click yes to all the stuff at the beginning, finding out that there was a spot that had two or three boxes checked for 'other' programs to be included. Not malware exactly, but pain in the ass stuff.

I agree with Jason that there are other ways they get the bad stuff in rather than a simple click in an email. I used Windows for 22 years and had only one serious problem requiring a reinstall. For the life of me I can't figure out how that happened. But a commonly used program that is compromised at source goes out to millions of Windows users - flash for example. Could have been something ike that.

I disagree with the Linux article a little. While Linux is more secure in its install processes, the Linux desktop has never had the malicious creativity of hundreds of thousands of hackers attacking it. Not worth the effort. Make Linux the default desktop of the world and see how vulnerable it is to the gifted black-hat hackers of the world.



Offline elpresidente

  • Administrator
  • Sr. Member
  • *****
  • Posts: 418
    • View Profile
I used Windows for 22 years and had only one serious problem requiring a reinstall.

You're not a usual Windows user and not representative of the general population of computer users. Ask Scott about how most of their business is in reinstalling Windows and transferring data for customers who have messed up their machines because of viruses. I would guess that you probably don't get a lot of attachments either.

Even if Linux became the choice desktop, it would still be a more complicated target because there are many different kinds of Linux. Linux isn't homogenous like Windows is. Who would you target? Ubuntu? Debian? Linux Mint? Which desktop environment? Which kernel version? In Linux, virtually everything runs as a unprivileged user which makes it very hard to infect the system which would help a virus to spread. Not so with Windows (unless that has changed, and maybe it has). I do think that Linux is helped by being a smaller target but Linux the web services space and you don't see anywhere the number of widespread viruses like you do in the Windows space.
Jason

Offline buster

  • Posting Member
  • Jr. Member
  • *
  • Posts: 95
    • View Profile
You are probably right, but for argument's sake -

If Linux was used by almost everyone, I suspect one distro who reign supreme, (One ring to rule them all. :) ) if only so businesses could train people easily, or friends could help one another. Even if 50% of the world used the same distro (which seems probable to me), the attacks would have a target of billions.

The browsers and other apps would be common throughout probably. Unlike us, people would gravitate to apps that 'everyone uses'. We sort of like it when no body else uses  something we use. I think most people don't want to play with their computers, they just want to use them.

Conceivably, some flaws in a major distro like Ubuntu, would show up in the children of Ubuntu - Mint, Mate and so on. If the derivatives in that type of world are flawed, maybe the offspring would be too. If there were any derivative distros of any significant numbers left. I mean, even if Ubuntu Mate, which you and I use, doubled in popularity, the number would be insignificant in the world.

However, I do suspect you are right Jason, and I also think we will never get to test the theory. And you can't count Apple out, though if it had 80% of the business market, a whole new game would start for the bad guys.


 

SMF spam blocked by CleanTalk