Amongst the endless reactions on social media to the unprecedented WannaCry ransomware attack, one peculiar notion popped up again and again. Is this a wake-up call to move to Linux? Is a Linux-based operating system completely immune to ransomware attacks? Are Linux-based distros any better than Windows operating systems as far as cyber-security is concerned? There are several aspects to these queries waiting to be addressed.
Firstly, it should be understood that Linux has a very miniscule market share in operating systems. If we discount the market share of Google’s Android, as of April 2017, Linux approximately has a 0.77% market share. Any cyber-criminal will always aim to target as many users as possible, and that’s why they attack the player holding the largest market share – Microsoft Windows. The WannaCry ransomware won’t affect Linux-powered machines because it was not made for Linux-based machines. Moreover, it’s not as if there have been no ransomware attacks on Linux. In November 2015, a ransomware named Linux.Encoder.1 made headlines as it affected dozens of Linux users.
Earlier, it was believed that Windows XP machines were being targeted. This implied that Windows XP and other unsupported versions of Windows were naturally vulnerable to the ransomware. Costin Raiu, director of Global Research and Analysis Team at Kaspersky Lab, apparently brought a new twist to the story claiming that about 98 percent of computers infected were running Windows 7, and the effect on Windows XP was almost insignificant.
Windows updates and other aspects
Microsoft keeps frequently releasing patches for security and other system related improvements for supported operating systems. Most of the annoying updates that you receive now and then serve a crucial purpose of overcoming critical (sometimes fatal) security flaws. Windows 7 still runs approximately half of the world’s desktops. Moreover, its extended support ends on January 14, 2020, meaning the operating system must have received a security patch against the ransomware in March itself. So, how did it all happen? Well, it’s obvious. People did not update their devices.
Microsoft’s software is quite famous for being easily pirated and capable of running almost everything a genuine copy would have allowed. However, it won’t receive Microsoft’s official updates, including its security patches. Windows updates are known to be time-consuming, and unreliable. They used to be optional earlier but Windows 10 onwards they have been made compulsory. Although it’s a good security measure, the machines are rendered useless while updating since the updates won’t install in the background. Recently, there has been issues with software compatibility as well. More and more programs written for previous versions are failing to run on the latest builds of Windows 10. Kaspersky Lab even filed a complaint with Russian Federal Antimonopoly Service, contending that Microsoft’s anti-competitive practices have made it nearly impossible for developers to keep their products compatible with Windows 10. There have indeed been cases where programs that managed to run on an initial build of Windows 10 have failed to run on an updated build.
So, is Linux the answer?
It has been claimed for a long time that Linux is innately more secure than Windows. Although there is some truth to the claim, due to Linux’s origin in Unix, and the way it handles administrative privileges, that’s not the point of this discussion. The fact is that WannaCry broke out not because there is some innate security flaw in Windows, but because people failed to update their Windows devices.
The idea is simple. If you don’t have the money to upgrade to the latest Windows operating system, move to Linux. Linux-based OS are mostly free to use. Even the enterprise solutions, like Ubuntu Server, OpenSuse Linux Enterprise, and Red Hat Enterprise, come at a fraction of what Microsoft charges.
Even the process of security updates is plain and simple on Linux. They can be updated with one or two lines in the Terminal. And if you are allergic to the command line, the latest Linux based distros have a GUI-based update option for you. The most important benefit that comes with updating on Linux is that they can be installed in the background. Simply put, Linux machines can run for years without any reboots.
Finally, we arrive at the tough part, software compatibility. One must plainly state the problem of software available on Linux. It can’t offer you the plethora of software that Windows offers. This is the main problem faced by businesses which need personalised solutions.
The perfect distro
The most common problem faced by someone who’s new to Linux is selecting a distro. Linux distros like Ubuntu, Linux Mint, and Fedora have been quite popular in the desktop market. We would, however, like to highlight the new kids in town that are reinventing the Linux desktop environment: elementaryOS and Solus OS. Solus even boasts of a Store application that allows you to install 3rd party applications like Slack, Spotify, Teamviewer, WPS Office, etc. Then, there is our own ‘BOSS’ (Bharat Operating System Solutions), developed by the Centre for Development of Advanced Computing (an R&D organisation of the Ministry of Electronics and Information Technology). BOSS offers everything you could expect of a Linux distro, along with support for 19 Indian languages.
One cannot sum up this discussion without mentioning Chrome OS. Your favourite Chrome browser is the beginning and the end of the operating system. The obvious limitation is that you don’t have offline native applications like you do on Windows and Linux distros, but even that equation has changed with the arrival of Android apps on certain Chromebooks. If you could work mostly online, a Chromebook could very well rock your boat. Business users can even consider ChromeBoxes as cheap thin client systems. Also, if you want to run ChromeOS without having to buy a new machine, you can try Neverware’s CloudReady, which caters to the need of both home users (free home edition), and the business users (affordable Enterprise & Education editions).
Note: This section is written and contributed by Digit readers who are part of the Digit community. The section intends to showcase writing talents from readers who wish to contribute to the magazine. None of the above is to be construed as technical advice. The views expressed are of the contributors alone and not necessarily endorsed by the publisher.
This article was first published in the July 2017 issue of Digit magazine. To read Digit’s articles first, subscribe here or download the Digit app for Android and iOS. You could also buy Digit’s previous issues here.