After the Shellshock exploitation on Linux, security experts are claiming that the Linux desktop OS is not the most secure OS on the planet. Shellshock bug in Bash shell of Linux had affected over 90 per cent of Linux users in the world. Windows PCs don’t have Bash. Mac does but only advance users enable it.
Linux consistently needs to use Bash as every DHCP request is filtered through Bash. So in case you are connected to public Wi-Fi network using your Linux computer, DHCP server can secretly run an arbitrary command to download some Trojan to exploit your system. This is called as Shellshock vulnerability, it was present in Linux desktop environment for over 20 years but yet, it went unnoticed. There hasn’t been any report of threat due to Shellshock vulnerability but the possibility still exists.
Linux packaging and software repositories are maintained on regular basis. Users get security patches every other day. But this doesnt cover the packages that are released and maintained by the community. Cloud packaging mess in Ubuntu continues to persists. Cloud server version of Ubuntu wasn’t getting latest updates. Some not-so-famous distros like Manjaro has horrible update schedule. Developers are not as active on these small distros as they are on the big distros with high market share.
That does mean that Linux is the only system that’s completely broken. According to computer security researcher, Quinn Norton, everything is broken. The lady had published an article with the title ‘Everything is Broken.’ Her paper makes you believe that all computer security is in pretty bad shape.
Linux will continue to have some security holes, researchers will keep finding new things. Better yet, Linux system is still far more secure than Windows desktop environment as attackers are more interested in attacking Windows PCs because of large install base. The security architecture that Linux features lacks in Windows PCs. Simplest example of Linux’s security measure is centralized software repositories.
Just like Mac and Windows, Linux is full of security loopholes. Researchers are still searching for them. Even though Linux is better than in terms of security as compared to Windows PC, Linux users shouldn’t take security for granted. The Shellshock bug has proved shocking state of Linux architecture.