Rogue Linux distributions aren't something that I tend to put much thought into. After all, considering that Linux distributions make their source code open and transparent, how effective would it be for developers to attempt to include harmful elements?
Yet despite this commonly held belief, it appears that one new Linux distribution wasn't exactly it what claimed to be.
The distribution referred to as anonymous OS wasn't what many of those who downloaded it thought it would be. Those who tried the Ubuntu-based release thought they were going to be testing a distribution centered around personal privacy and remaining anonymous online.
Unfortunately, reports began streaming in that anonymous OS was loaded with malware of various sorts. SourcForge decided to take the project offline, an unusual step. To be fair, the true nature of anonymous OS remains unclear, with mixed reports. Yet a leading security expert was quoted by the BBC as warning, “Folks would be wise to be very cautious.”
So, this begs the question: when should we trust a distribution of Linux and when should we remain guarded about trying something new?
One bad distribution doesn't spoil the bunch
The one thing that is important to remember here is this is the first time I've heard of a Linux distribution of this type having this level of doubt cast over it. This isn't to say that it won't happen again in the future or it hasn't happened in the past. I'm simply pointing out that this isn't generally something that happens, or something that is going to stop people from trying out new Linux distributions.
Desktop Linux distributions have been generally immune from most large scale malware issues. Any exceptions to this statement have been far and few between. Therefore, I don't see any reason why distribution-hopping users would start concerning themselves with the idea of possibly threatening distributions.
A more likely scenario is that these same users will simply avoid politically-charged distributions and stick with Linux releases of a more mainstream nature.
Rethinking Linux security
During the past few days, I've spoken with a few people who are wondering if they should begin rethinking their approach to securing their Linux desktop. My answer is largely the same as it's always been: simply apply commonsense to any distribution or software you use.
If you're interested in installing software onto your Linux distribution, I recommend sticking to the software repositories that come with that distribution. A secondary recommendation, for those who are willing to risk it, is to look for applications via Google Code or SourceForge. Both portals have great stuff. Ubuntu users have also been reporting great success with a site called GetDeb.net, but this isn't a site I personally have a lot of experience with.
If you think it's absurd to worry about where software is installed from, then clearly you must be examining the source code for every application you install. Because Linux distributions, like any OS, can be exploited. And individuals wishing others malicious intent don't care what platform you use. They will wreak havoc using whatever is available to them.
Since there is no way to effectively stop those who will do us harm, the best alternative is to act with wisdom when selecting, using and updating your Linux installations. Remember, if software can execute code, you had better trust the application in its entirety. This idea that some platforms are immune to malicious code is nonsense. Just because Linux isn't the target that Windows is, doesn't make it bulletproof.
To be best protected, use iptables, run an open source anti-virus application, and keep your system updated. By following these simple suggestions, you’ll find that your Linux experience remains a positive one.
Linux and anti-virus software
Since I am sure this will be addressed in the comments later if I don't tackle it now, let me be ultimately clear on why it would be beneficial to use anti-virus software on the Linux desktop.
Unless you live in a magic bubble, and you never send email attachments to non-Linux desktop PCs and/or don't share files with other non-Linux workstations, your system is most defiantly putting non-Linux PCs at risk. This isn't just my opinion, it's a simple matter of reality. While the likelihood of threat is certainly unlikely, the fact that it's possible remains something that should be considered.
One of my favorite examples of this is an infected file that originated on my wife's Mac. The file was shared with my Linux box, and just before it was about to be uploaded to our Windows PC, my automated clamtk scan found the infected file and took care of it. I was actually quite surprised, since I don't run into threats like this very often. What was really fortunate was that I didn't send the file to the new, unprotected Windows PC. It could have created some real headaches.