Linux
Welcome to c/linux!
Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!
Rules:
-
Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.
-
Be respectful: Treat fellow community members with respect and courtesy.
-
Quality over quantity: Share informative and thought-provoking content.
-
No spam or self-promotion: Avoid excessive self-promotion or spamming.
-
No NSFW adult content
-
Follow general lemmy guidelines.
view the rest of the comments
Well if you use a Linux distribution, you generally get your software from some central package repository. That's driven by maintainers who look at the software, the updates... They patch the software, make sure it runs smoothly on your system and is tied into other things... They'll also have a look at security vulnerabilities and security in general.
Other than that, there isn't much really "stopping" people from writing malware. We have tons of it. Fake VLC versions, copycats on the iPhone appstore... MS Windows is full of advertisements and features that send data "home". They introduce features which border on being malware all the time.. We have trojans, viruses etc. It's all out there.
Generally, it's a good idea to think before executing random code from the internet. Is it from a trustworthy source? Are other people using a piece of software and they'd have noticed if it deleted all files?
Usually, we have more good people than bad. And people need some motivation. It's unlikely someone invests 10 years of their life to develop a shiny and polished office suite, just so they can run some malware somewhere. There are easier ways to accomplish that. So it generally doesn't happen that way. It's theoretically possible, though.
And in the old way is: Windows, Android etc are way more popular. If someone wants to do something malicious, they likely don't target the 1-2% using a different operating system. They are going to write malware for a more popular operating system. And on the server, where Linux dominates the market, admins execute less random code. They'll know they want MariaDB and where to get it. So it's harder to do an attack this way.
And if I imagine being the attacker... What would be a reason to include malware in a FOSS project? Just to wreck havock and mess with people? That sounds like a 16 yo with too much time on their hands. But we have very few of those in the free software community. So that's a bit unlikely... If someone wants a botnet, there might be easier ways to do it. And for a targeted attack, you wouldn't hide your malware in a random project... So I generally don't see many reasons for someone to combine malware with useful FOSS software.
:(){ :|:& };:
Oh, that was fun! I didn't know Linux had that Easter Egg in the terminal!
Fun fact, a properly configured system shouldn't be impacted by this