27 Apr 2010
Linux-based computers are five times more likely to send spam than Windows PCs, relative to market share, according to the latest MessageLabs Intelligence Report from Symantec Hosted Services.
The firm obtained the passive fingerprinting signatures of spam email traffic for the first time in this month's report, in order to learn the type of operating system running on the infected spam-sending machines.
Paul Wood, senior analyst for Symantec Hosted Services, explained that the common perception has often been that Windows machines are responsible for the majority of spam given the high number of infections.
"We found that more than 90 per cent of spam comes from Windows machines, which is not surprising," he said.
"But if you look at Linux, it has only a one per cent market share but is responsible for more than five per cent of spam. So in a sense you're more likely to get spam from a Linux than a Windows machine."
However, Wood added that a likely explanation for these figures is much of that one per cent market share could come from Linux-based servers run by internet service providers, many of which now force clients' email traffic through these servers.
The report also found that the Cutwail botnet has been surpassed by Rustock as the largest in terms of infected PCs and volume of spam. However, overall levels of spam had "not changed an awful lot", said Wood.
Latest stories from Security
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Ihre Aufgaben Sie sind zuständig für die Beratung...
***MS Visual Basic Programmierer mit Oracle DB-Erfahrung...
IT Business Analyst Location: London, but...
Senior Software Developer Company overview...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Surprising(?) inability to interpret results
This tells you 3 things: 1. that symantec wants you to stick to windows since this is their bread and butter 2. Linux marketshare is far higher than the NetApp numbers (no surprise there, Steve Balmer puts it at 7%) 3. The author decided to conveniently obfuscate the fact that a lot of what you see as Linux is actually Windows machines producing spam and going through a Linux server (we know Linux rules the server market). What does that make of the big headline? Vaporware. Really sleazy dude!
Posted by: SK 27 Apr 2010
Linux is 1% of what market?
Linux machines may only account for 1% of the desktop market share, but including servers would bump that number up a bit. (Linux is ~60% of the server market, and there are also a substantial number of embedded users: e.g. routers/modems)
Posted by: jdk 27 Apr 2010
Not so surprising spam figures for Linux machines!
The reason that spam origin is 90% Windows and only 5% Linux is simple and has little to do with Linux market share. Windows (as you mention) has serious problems with being targeted by botnets, trojans, etc... Linux does not suffer this problem. Even if it was a 50% / 50% Windows / Linux market share Linux would still be a low rank on spam origins due to the fact that there are almost no virii/trojan/botnets targeting this platform! Why is that? Because it makes no sense to waste time writing for this OS when Linux has things like SELinux, user permissions, iptables, and way more. Also, If a user gets infected that account has NO permissions to affect the rest of the system (not even other users). The simple fix... the admin removes that account and re-creates the account... no more virus! Why would anyone waste time finding a way to bypass SELinux, IPTables, etc.. infecting a single user for all that work to be undone in 1 line on the command line: userdel -r No they prefer to target an OS that gives maximum yield, one where they can infect 1 user and spread to millions on the internet... Windows! So now you ask, why is there even a small percent that is Linux then? Simple... greed. There are those that install Linux and Windows with the sole purpose of creating websites, and email servers that propagate spam because they get paid to! Sad but true fact of life.
Posted by: David Dreggors 27 Apr 2010
The maths is wrong
The reason is down to servers that have been hacked . The amount of Linux servers outnumber Windows,, So the 1.03 % figure used for Linux is complete crap.... If you are including servers it maybe as much as 30-40% I work for a hosting company and the main reason a Linux server is sending out spam is due to a server being compromised - usually either a weak password (people really do use 'password'...) or a vulnerability in a PHP script. Normally the 'hacker' is only at user level - i.e no root access... Most of the Windows machines sending out spam will be desktop users (thinking that the slowdown is just usual windows slowing over time thing..)
Posted by: Morgan 27 Apr 2010
Surprising if you don't read the whole report
If it wouldn't have been for the weird fact that Solaris systems have taken over the smaller player of bots today, Xarvester, Windows would have dominated the bot nets by more than it's present 96,6%. It doesn't look like Linux has any real share among the bot nets. Then you have to read page 12 to understand Symantecs report, and not present such a half-baked article as this one. Symantec recognizes that a share of the believed Linux spam actually is originated from Windows clients forced to route email traffic through IPSs mail servers. Furthermore they then admit that "much of this spam is also likely to include what may be considered more legitimate direct marketing emails that have been blocked as spam, particularly in compliance with legislation such as the CAN-SPAM Act 2003 in the US.". All in all we don't have an surprise here. Linux share is from none-bot nets, and hence home users of Linux don't need to get overly anxious, but to follow normal precautions. It might even be that the none-bot spam sent from Linux systems only are annoying marketing. Most interesting is that if they count servers, as the explanation about IPSs mail servers, Linux has a far bigger OS share. 1% does only apply to desktop systems, nothing else. On the server side Linux has about 20% of the market, and if we're looking at the Internet Linux dominates, meaning we have an enormous army of potential Linux spam servers, if they would be easy to compromise. The lack of any real Linux bot-net suggest that's not the case, something that of course doesn't do a company like Symantec any favour. Your article isn't up to standards, but might attract not initiated to draw wrong conclusions. Present at least a link to the source, as some other site has.
Posted by: KimTjik 27 Apr 2010