Not by making a virus and sticking it on my machine or specifically looking for a virus, how likely would it be for me to get a virus on Ubuntu by purposely going on the most shady websites I can find and downloading random crap. I was just trying to find things that would try to give me a windows virus and it turns out it might take longer then you expect to get a virus on purpose. By the way, I guess I should mention that I am not logged in as root.

Or even further, would it even be hard to find a virus for linux to download if I were specifically looking for one?

As far as I know, if you really look for a Linux virus, you could find some. There were a few articles (complete with PoC) which showed how exploit stupid design decisions in KDE and Gnome to make something you could download to Desktop and "open". They demonstrated how it would look just as it was an innocent image and how it would be opened in your image viewer - while in fact it would open the image an hijack your account.

Actually, for the reasons of gain per unit effort, most of the shady websites that actually infect user's computer persistently (as opposed to JavaScript popups until browser is closed) target IE on Windows. I think that the real threat you are likely to face is a site infecting Firefox with JavaScript payload working on all platforms. That would give malicious people some degree of control over your browser.

Linux viruses do exist (there seemed to be a few dozens, I think, in the wild), but they are either PoC-written (they still can kill user data, though..) or server-targeted. Or maybe targeted at OpenWRT routers with default passwords. Targeting the distribution zoo of desktop Linux users? When it constitutes only a few percentage points of the market? When software is updated more often than by Windows users (so high-profile exploitation of publicly unknown vulnerability cannot last really long)? When many of the users find some fun in mounting a great defense from some threats (OK, not seeing other threats, but still being hard to hit from some directions)? It is rarely more profitable for bot net herders than spending extra effort for Windows malware. Of course, easy and uniform targets still attract attention (so I would not be surprised by a spam wave trying to exploit a Thunderbird vulnerability in Ubuntu).

well you would have to build the virus install it then execute it but it would never do anything to the system because it would need

root permission so then actually you are the virus messing things up that you want messed up. Impossible. thank you. At the point of root since you built the program that is a virus you know what it does so your the one doing things that you want to do. NADA


as far as security there are issues that can be exploited so it is nice to make sure your date is write protected. so if some one ports your computer and try to extraxt data the person on you system is seen as a different user so the simple default user ID should not be used. as far as Ubuntu and there system if kept up date these should never happen but your question was about a virus

I hate to disappoint you, Drakeo, but virus needs no root permissions to make Firefox launch a background process sending spam each time you start Firefox.

By the way, some viruses with high survival skills can work from Wine; although they cannot affect the rest of your system, they can spread themselves, send spam, attack innocent servers with flood of requests and so on.

I know our right but I am talking about system files and read write permission. Even at a user level the we are talking about read write permission to change things. So please explain the read and write and how the program can send with out my knowledge becauss everything is kept in your /var/log and if this is true to close this security hole is quite simple from the end user but from a server it can be more complicated.

Trivial. Let us assume for simplicity there is an arbitrary-code execution vulnerability in Firefox yet unknown to Mozilla, but actively exploited in the wild. Installing an extension doesn't require any extra permissions - yours are enough. Now that extension can run arbitrary JavaScript in background. There is a working SimpleMail extension, so a malicious party could reproduce that functionality. Of course the display functionality can be removed. So you would get a mail-sending code running without notifying user.

You basically can't prevent a "rogue program" from reaching your user-account and trying to do something nasty. If the "nasty act" requires only user-level privileges, it might well succeed. If it requires super-privileges, then it ought to fail, because ...

... of course you would never run with escalated powers "on a regular basis," now would you?

So:

1. Always run as a regular, limited user.
2. Use automatic backup software. (Windows has a very fine program too, by the way... has had it for years.)

Even with a Windows box you'll find the propaganda surrounding viruses and crackers to be blown way out of proportion. If you keep up-to-date with fixes and patches that'll plug 99.9% of the holes out there. The other .1% you really can't do anything about except be prepared (have a good/clean backup available at all times).

If you actively looked for a virus that works on linux and didn't do anything in special to infect yourself... weeks/months/years? If you just went to shadey sites in general and downloaded things and ran them... who knows? Never in all likelihood... get on irc and take binaries from people and about a day I'd guess :P Most viruses are written for windows and exploit windows vulnerabilities, a targeted attack is a more likely scenario than a random virus from a web page or download on linux. A non-root exploit on linux doesn't typically have the catastrophic results of a non-administrator exploit on windows. Even if you got a 'virus' you more than likely rm the file and kill -9 it unless it managed to escalate to root privs and mask itself in between at some point. Shrug.

I've been doing linux since ~1994, I've seen dozens of root kits on machines i was hired to cleanup, I've seen a single worm, but I've never seen any functional infection on a linux system from a web page and I've only seen a root kit installed via an unknown executable a few times and they were always from binaries gotten from irc.

Good luck... I think?