That’s the key!

“- On Linux you use the package manager.”

Not ever is true. That’s the matter. If your distro has not packaged the soft, if the propietary driver isn’t available, if you’re new on Linux and all you know to do is the windows way…

And, what’s the difference (again) between “halleberrynude.rpm” (or .deb) and “halleberrynude.exe”. You only need a double-click and a root password?

Well, I’m not really sure that’s a big deal, to be honest. Sure, it’s an issue for legitimate code. But most malicious code is fairly simple. To wipe your hard disk, all it needs is dd and /dev/zero, after all. No APIs or libraries involved. I don’t see package format as a big deal, either. Just pick one and attack it, or provide two malicious packages. Again, a malicious *package* only needs to be very simple, so all the complexities of the different formats don’t really matter.

“or easier : only install packages from trusted sources. However, is Mandriva checking all the code in all of its packages ? I don’t think so.”

No, exactly. I was going to extend the post to cover that, but it was getting rather long. Never mind Mandriva – practically speaking, no popular end-user distribution is remotely close to reliably auditing all the code it contains. I can believe that, say, whatever the NSA runs on its critical systems, that’s 100% audited. But Fedora? Ubuntu? Mandriva? Nope, not a chance. Even if we assume that it would be difficult for a malicious person to become a trusted packager (which, as you point out, isn’t really true), no packager audits all the code they package. They just trust upstream.

In fact the strength of Linux is the fact that … it’s not easy to install third-party applications ! Indeed to install third-party applications you have to deal with several issues : package format ( TGZ vs RPM vs DEB ), API/libraries versions issues, compatibility issue, need to know root password eventually.

So one of the main weakness of Linux to be able to be easy to use for mass consumer market is fact also what allow Linux to be less targeted by malware. When everybody will be running ubuntu with full sudo power for first user, then we will have the same issues than Windows users

SELinux/AppArmor may help, but most of the time only for known applications as you can provide rules saying that application X is allowed to this, but not allowed to do that. But for a third-party application ? as you don’t know, you will let the application do whatever he wants, and then he can just open a port on a unprivileged port and listen or send informations …

The only way to be protected against theses kinds of issues are :
- monitor changes to critic system configuration files or binaries ( chkrootkits for example )

- prevent unknown or unwanted applications from communicating to outside world with a Firewall ( however at one point users will just answer yes to everything ).

- monitor system activity for abnormal ones … in short running an AntiVirus/AntiTrojan/AntiMalware …

- or easier : only install packages from trusted sources. However, is Mandriva checking all the code in all of its packages ? I don’t think so. It’s easy to become the packager for a distribution, doing a good job at the beginning, and when you are ready, ad some subtle change that will allow you to install a rootkit or trojan in the users computers. And you don’t even need to do a “rm -fr /” right after the package installation. Just edit root crontab or put a file in /etc/cron.monthly or cron.yearly.