this post was submitted on 06 Aug 2023
84 points (91.2% liked)

Linux

48328 readers
95 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Do you have any antivirus recomendations for Linux.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 14 points 1 year ago (4 children)

I don't understand why we keep telling new users that it is useless to use an antivirus on Linux. For people with computer knowledge, sure. However more widespread Linux adoption will mean more casual users will start using it. Most of them don't have the "common sense" that is often mentioned ; these users will eventually fall for scams that tell them to run programs attached in emails or random bash scripts from the internet. The possibility is small, but it's not zero, so why not protect against it?

[–] [email protected] 17 points 1 year ago (3 children)

Because snake oil is not helping our a substitute.

Security is a process, not a solution.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

[This comment has been deleted by an automated system]

[–] [email protected] 1 points 1 year ago (1 children)

The problem with AV s/w in my experience, is that they do not work very well, and hinder the system’s functioning, because they provide duplicate behaviour of existing solutions and compete with them directly.

In one instance I discovered McAfee to disable write access to /etc/{passwd,shadow,group} effectively disabling a user to change their password. While SELinux will properly handle that by limiting processes, instead of creating a process that would make sure those files aren’t modified by anyone.

People need to understand Linux comes pre-equipped with all the necessary tools and bolts to protect their systems. They just don’t all live in the same GUI, because of the real complexity involved with malware…

[–] [email protected] 2 points 1 year ago

Security is a process, not a solution.

Well put!

[–] [email protected] -1 points 1 year ago (1 children)

You might be legitimately annoyed by the amount of free antivirus software on Windows that don't offer good protection, on top of being filled with ads. But I don't agree that scanning for malicious files and preventing dangerous commands (regardless of how good the implementation is) can be labelled as snake oil.

[–] [email protected] 11 points 1 year ago

Same thing happened on macOS. We used to say it’s immune because everything was written only for Windows. That stopped being true a long time ago and the majority of web servers have been running Linux for a decade. Doesn’t seem so crazy to me that someone would want to regularly scan their Linux boxes for bad code.

[–] [email protected] 7 points 1 year ago (1 children)

You should protect against it, but antiviruses are not the answer. It's more efficient to prevent breaches by building good security into software by design (and keeping your system up to date) than to play an endless game of catch-up enumerating pieces of malware after they're already circulating.

Windows tried this approach and it turned into a mess, antivirus companies turned into villains themselves and it still didn't fix the underlying problems. Eventually they came around to actually fixing security problems, and keeping Windows up to date, and offering a curated source of apps and so on.

You can still use scanning on Linux, but apply it efficiently on entry points, like attachments in your email client or your Downloads dir. Don't run a scanner all the time on all your processes and files, that's a gross waste of resources.

It also makes no sense for a properly secured modern system. Take for example Android, where a userspace antivirus can't work because userspace processes are isolated from each other, and a system level antivirus cannot be trusted because it needs to download signatures externally and can (and probably will) be a breach of privacy.

[–] [email protected] 1 points 1 year ago

I basically agree with all the points you are making. Only scan downloads, email attachments and whatnot. Don't try to play cat and mouse with sophisticated malware because that's a waste of resources. I don't think software like this exists?

Perhaps SELinux on desktop is the way to go as other posts are suggesting, although I heard that it has some usability problems and can break some programs.

[–] Potatos_are_not_friends 3 points 1 year ago* (last edited 1 year ago)

Schrödinger's Linux fanbase

Linux is so much better and easy to use for casual users. But in order to use it, you have to understand terminal, bash scripting, understand permissions, understand the difference between various flavors, etc