Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Your Linux PC isn't as secure as you think it is

Chris Hoffman | Dec. 15, 2014
If 2014 taught Linux users anything, it's that they can't afford to ignore system security completely.

It's been an apocalyptic year for Linux security, with a sophisticated Trojan and security holes over 20 years old. The Shellshock bug left Linux desktops and servers wide open for anyone to own. Security updates fixed these problems--but you may not even be getting those patches.

Security revelations in 2014 shattered the myth of Linux impenetrability. No, the sky isn't falling, and yes, Linux is still inherently more secure than Windows--but this year proved that Linux lovers still need to pay at least some attention to their system's protection.

Turla's been infecting Linux systems for years
Security researchers have known about a piece of malware called "Turla," "Snake," or "Ouroboros" for years. Turla is an extremely sophisticated piece of government-sponsored malware--one that appears Russian in origin. As usual, it was Windows malware.

But, this week, Kaspersky unveiled it had found a Linux version of Turla. This Trojan has been silently infecting Linux systems for years. It's based on an open-source backdoor program called cd00r. Turla listens to network traffic and allows an attacker to run commands on the infected Linux system. Crucially, the Torjan doesn't require root access--it just runs as your standard user account, so all the sudo and privilege restrictions used on the Linux desktop won't hinder it. While it's a network service, it's clever enough to hide itself from the netstat tool so you won't see it listening if you start looking at your network connections. Read Kaspersky's blog post for the gory details.

This is terrifying for a few reasons. It demonstrates that, yes, Trojans can infect Linux systems. And, no, not having access to root won't necessarily stop a piece of malware. All the interesting stuff like online banking happens under your user account, anyway.

Realistically, Turla probably isn't infecting your PC. You're probably not a target. As a government-sponsored piece of malware, Turla is designed to infect targets for purposes of surveillance or corporate espionage, not to steal your credit card number. But there's been a Linux Trojan infecting computers around the world for years now. Yes, Linux Trojans are possible and do exist. has security issues going back 20+ years
Late last year, we learned there are a huge list of security vulnerabilities in the graphical server and its libraries. Some of these security holes have been around for more than 20 years. The researcher who discovered these holes said security was a disaster, and "it's worse than it looks."

This week, many of these security vulnerabilities were made public knowledge. Your Linux distribution should be rolling out security updates for your server and proprietary NVIDIA driver shortly, if it hasn't already. But, even after these patches, security still doesn't inspire much confidence.


1  2  3  Next Page 

Sign up for Computerworld eNewsletters.