Linux is the most popular open-source operating system. While it relies on a graphical interface, it relies on open source software code. The Linux operating system puts its users at the helm of a command line interface. The system is open to anyone who wants to install it, and its users are a community of people who are constantly improving and tweaking this open-source robust software.
Linux is More Secure
Linux is more secure than Windows. That would be because there are far fewer Linux users. It’s just not worth it for hackers to target Linux networks. There are even fewer Linux users than MacOS. In fact, Linux owns only about three percent of the computer market, compared to Microsoft’s lion’s share of 80 percent. If you’re going to spread a malicious piece of malware, Linux just offers a lower target opportunity.
There are other reasons Linux is more secure—difficulty of planting malware files, lack of automatic admin access, and a vigilant group of open-source developers, to name a few.
However, Linux Is Not Bulletproof
Linux operates in the wild and has about 15,000 developers working for over 1,400 companies, including Microsoft and Samsung. With over 24 million lines of code in its kernel—the core of its operating system—Linux has vulnerabilities and shortcomings:
- Outdated third-party software programs. Those programs can poke holes in Linux and open it to exploitation. Programs like MySQL with unsecured user access permit unauthorized entry to the user’s Linux network.
- Data loss by Linux admins. This has been a byproduct of poor data backup practices prior to system crashes. For example, many users typically back up files rather than the entire operating system. They fall for the myth that Linux-based systems are 100 percent secure.
- Poor password practices and enforcement. Linux administrators often use easy-to-decipher user credentials and passwords that are easy to crack.
- An alarming lack of security patches and patch management. Windows employs frequent security patches as a matter of self-preservation. Linux does not share anything near the same level of patch management. Many Linux systems can be exploited with malware like the Messaploit tool used to attack Android systems.
- Common vulnerabilities and exposures (CVE). The top 5 Linux vulnerabilities are technical flaws that plague Linux users. See this web articleat SecurityTraining.com for a list of the top 5 Linux vulnerabilities.
Finally, Linux provides free and open access to its core services. Making those core services available to anyone who has access to the system provides evil-doers with the keys to the kingdom. Those vulnerabilities can be:
- Exposed sensitive files
- User Account Infiltration
- Intercepted communications
Linux VPN to the Rescue
A VPN (virtual private network) provides a private connection to the internet. The user’s internet traffic arrives at its destination through another computer at a location selected by the user. Hackers and spies observing the user’s online activity can only know that the user’s computer is online and communicating with another computer on the network. The communications are encrypted and the user’s location is spoofed.
When the user connects to the VPN client, all internet traffic goes through the VPN service, which offers the aforementioned privacy and security. The user can either install the VPN from the Linux command line, or subscribe to a VPN service like Surfshark.
A Linux VPN client like Surfshark is a line of defense for heavy web users, who access multiple networks with unknown security and trustworthiness. Whether working from home or logging on to public WiFi hotspots, or simply wanting to screen a home internet service provider from the user’s online activity, VPN provides the means to do all that.
5 Advantages of VPN
- A VPN bypasses user logs and ISP snoopers.Website providers frequently maintain logs on user behavior and sell the data to marketers. Without VPN, the user’s net activity and data downloads become a permanent record on sites the user visits. Net activity is the basis for big data that internet providers collect and sell to marketers. A VPN masks that activity and protects the user’s privacy and vulnerability to targeted online advertising.
- A VPN defeats net censorship. Some governments restrict access to political websites they don’t want their citizens visiting. That blocking can go beyond simply protecting copyrights and licensing and becomes censorship. Since a VPN disguises the users’ location, it can defeat censorship. A VPN redirects the user to a server beyond the control of the censoring government.
- A VPN will defeat a so-called man-in-the-middle attack. Logging into a non-secure public Wi-Fi connection opens the user to compromise of passwords, log-in credentials, and online financial transactions/communications. Tech-savvy hackers lurk in coffee shops, airport lounges and other places waiting for users to log in.
Those attacks consist of:
- rogue Wi-Fi networks that spoof the local unsecured website. The hacker intercepts the user’s connection and routes the victim to the fake network to do all kinds of damage.
- malware and open-sourced software installed on the user’s device
- theft of browser session cookies, which consist of unsecure login information and email account access
The best precaution against someone inserting themselves between the user and the online destination—in addition to malware protection and commonsense precautions—is to use a VPN.
- A VPN by passes geo-restrictions.Geo-restrictions block users from accessing outside websites based on the user’s location. VPNs bypass those restrictions by logging in with an allowed IP address. By redirecting the internet connection to a remote server, the VPN spoofs the user’s IP address as if the user is logging locally.
- A VPN thwarts abusive sales practices. Some online vendors use geo restrictions to post different prices for specific geographical areas. That practice results in the posting of higher product prices for more affluent areas. Using VPN, comparison shoppers can compare prices by logging into geographically separated servers. This also applies to shopping around for the best prices for airline and hotel prices.
How to Install a VPN on a Linux System
- A do-it-yourself Linux VPN setup
To install VPN on Linux the user needs to be fairly skilled in Linux programming and understand command line language. Of course, the user must have a computer with Linux OS (Ubuntu, for example) with admin/sudo privileges. A working knowledge of VPN is also helpful.
The process initially involves changing the user’s domain name server to provide the first level of VPN privacy. That first step drops the user’s internet connection temporarily and requires a restart. Next, any DNS leaks—disconnects or drops from the VPN server—have to be fixed on the web browser.
The final step is to download and install a free VPN and select an OpenVPN server, which will relocate the user’s connection elsewhere. Each of the foregoing steps require Linux command-line entries, for example, “sudo apt-get install openvpn.”
Follow-up steps require performing DNS leak tests. The process can be complicated through configuration glitches that could cause Terminal failure. In the latter case, the user has to resort to a different VPN with a command like “sudo openvpn vpnbook-ca1-tcp443.ovpn.” Also, the user might be able to troubleshoot the installation through hints in an error message.
- Subscribe to a VPN service like Surfshark
For Linux users neither adept nor interested in the intricacies of do-it-yourself VPN installation, Surfshark provides a native app for Linux. The VPN app comes with more features and requires less complicated configuration. For example, Surshark offers a command-line app that works on the popular Linux Ubuntu and Debian systems. According to Comparitech.com, the Surfshark VPN app:
- allows the user to select from a list of server locations to mask the user’s IP address
- capitalizes on the VPN’s capability to unblock overseas, geographic restricted services like Netflix, Hulu, Amazon Prime, etc.
- is the only VPN provider that allows an unlimited number of simultaneous connections on the user’s account
Steps to set up VPN for Linux
The first step is to download the Linux VPN client (Surfshark, for example.) Next, perform the simple install and update steps from the Linux command line.
Essentially, the instructions involve downloading and installing the setup package. Next, the user opens the Linux terminal to get the update and installing the VPN. Once the app is installed the program accepts the VPN executor.
In the next step, the user can choose from a variety of VPN server locations. If the VPN is OpenVPN, the user can choose between two protocols, UDP and TCP. UDP has better speeds. When connected the terminal will display the user’s connection status with the new IP that masks the online address of the user.
There are an important series of Terminal commands in Surfshark VPN for Linux. They all begin with “sudo Surfshark-vpn” and include the suffix keywords: help, status, down (for disconnect), attack (for connection to an optimal location), and forget (for logout).
For an illustrated walkthrough of the Surfshark VPN process log on to the Surfshark article “How to set up Surfshark app for Linux.”
Summary and Takeaways
The Linux operating system is an open-sourced, robust operating system. It is more secure than other operating systems by virtual of its vastly lower number of users. However, Linux is not invulnerable. Outdated third-party applications can poke holes in Linux, and user carelessness in password security and sloppy backup can also compromise Linux devices.
Installing VPN on a Linux device can shore up security by providing a secure connection between the user and the internet. VPNs thwart snooping, net censorship, and man-in-the middle attacks. VPNs also bypass net censorship, local entertainment streaming restrictions, and abusive online sales practices.
The Bottom Line
The easiest way to install a VPN on a Linux system is through a VPN provider like Surfshark. Surfshark provides an affordable, and feature-rich VPN for Linux systems that:
- has a variety of server location access
- is especially robust in accessing geo-blocked entertainment streaming services (Netflix, for example)
- allows an unlimited number of connections on devices owned by the subscriber