For years now, we’ve been told about the dangers of how various types of malware like worms and other threats were going to catch the growing Linux user base off guard. As of the year 2014, nothing remotely close to this has happened. Malware exists, but for desktop Linux users, it’s a non-issue.
Despite this fact, there continues to be rumors that malware “could” affect desktop Linux users. It seems the mere “threat” holds greater proof of concept than the reality that no one is actually seeing malware threats on their Linux desktop.
In this article, I’ll examine current threats to the Linux desktop and explain why I believe phishing is far more dangerous to most Linux users than malware.
One of the first things I’d like to point out is that when it comes to the exploits targeting Linux, it’s the server – not the desktop – that is at the greatest risk. Servers are front-facing appliances exposed to the web. This means patches/updates must be applied on a regular basis to minimize the risk of the server being exploited.
While it’s true that the desktop is also facing the web, it’s not the same sort of destination as a web server. See, Linux desktops are far more likely be exploited by an open port and poor firewall settings than an actual “in the wild” exploit. Obviously, there may be exceptions to this in the future. But for the time being, the most dangerous exploit I’ve found with the Linux desktop is human error and complacency, not malware.
As it turns out, the real threat is more human than machine. And the name of that threat is phishing.
I don’t care how savvy you happen to be, most of us have had close calls with phishing schemes. Some of the easiest to fall into are those shared via social media. A trusted friend shares a link on Facebook, not thinking much of it when you’re asked to log back in and then it hits you — that wasn’t really Facebook that asked you to login.
Even for advanced users on the Linux desktop can fall prey. Perhaps you’re multitasking while working on your laptop, maybe a family member asks you a question or you’re watching TV. The above situation can happen very easily and while you will catch on, it might already be too late. Another example might be Amazon asking you to re-affirm your payment info. Then it hits you that the link you rolled your mouse over in that email isn’t really Amazon at all.
As you can see from my above example, phishing schemes aren’t something that only affect those falling for faked banking emails or spoofed PayPal alerts. Sometimes it’s stuff that’s mundane enough to seem legit, worse yet, these things can happen when you’re not paying close attention.
Where things can go from bad to worse, is when the media gets ahold of something legitimate that happens to something with technology. Cross-platform, state-sponsored spying becomes “Linux malware threat.” When we read stuff like this, it’s important to take a step back and examine the facts. More often than not, stuff being reported in this space is a non-issue or is simply taken completely out of context.
Making matters worse is when the tech media perpetuates this kind of nonsense. This is the segment of the media we like to believe knows better than to perpetuate Linux FUD. Sadly though, this isn’t always the case.
Personally, I believe the tech media has been chomping at the bit to see Desktop Linux experience one really big malware outbreak. This would serve two ways: One, it provides really juicy news stories for tech writers. And two, it does wonders for writers who have claimed that Linux is just as insecure as other operating systems.
Old code, new code, if it can be executed, the device running said code is potentially at its mercy. So while there have been great strides in OS security, app containers, and other safety layers from which to feel safe with — anything that executes code “could” be a risk. The key thing to remember however, is just because something is possible doesn’t mean it’s going to happen. It’s possible I might win the lottery and buy a small island. Yet, when we look at the odds, the numbers simply don’t add up.
Therefore, while malware scares such as Turla might indeed be frightening to think about, one must remember you’re not likely the target of such an attack. In short, this worm simply isn’t targeting end users — you don’t have data that the creators of this worm are looking for. Sorry to disappoint you, but unless you work for the government or a pharmaceutical company, this isn’t the worm you should be watching out for.
Realistically, the most likely malware you “could” stumble upon is from an unchecked, hacked user-specific software repository or a software package designed to run code to screw up your Linux install. However, neither of these things are common or very likely to happen.
Like I mentioned previously, the most likely attack vector is going to be a combination of human distraction and a phishing scheme. After all, it requires far less coding skill to craft a clever looking webpage to mirror a legitimate one, versus constructing a highly advanced piece of malware.
Still think I’m wrong and you’re too smart to fall for a phishing scheme because Linux users are so tech savvy? How about this: Right now, there is a report going around on Google+ that Google is offering users a free gift credit for using Google Wallet. It’s a legit campaign, but now let’s look at how easily this can be exploited. On G+, you can post a url to your status and remove the actual address itself. The image or title, will show instead. On a smartphone, you’re not going to think twice about clicking this address.
Oops, sorry, that link was in fact a fake. But don’t worry, while you were casually logging into your Google account on that page, your login was being recorded. It happens and it happens all too easily. The same can happen just as easily on the Linux desktop.
Malware a threat on the Linux desktop? Perhaps someday, as malware for Linux technically exists. But it’s going to be phishing schemes on social media that are the bane of our existence. Just watch, it’ll happen sooner than later. My advice is to think twice before clicking on a link. Just because we enjoy the greatest platform in the world doesn’t mean we can’t fall victim to our own egos.
Also see: Best Linux Desktop: Top 10 Candidates
100 Open Source Replacements for Expensive Applications
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
