I'm about to install bazzite on my wife's older (2017) Windows 10 machine, and I've been going over how to recreate everything she currently has. Most programs (even proprietary ones) are not an issue, but I'm not finding much in the antivirus department.
I never even thought to install one on my Linux machine (also on bazzite, but I have used other distros in the past). So although I am no stranger to Linux, this issue blindsided me.
I know clamav exists, and I'm educating myself on how to use it, but a GUI would be nice for the wife. She's not afraid of the terminal, but she likes the convenience of GUI programs.
Any suggestions? What do you use? Or is it just generally accepted that one should be careful and keep things up-to-date and that's enough?
No av on my machines on Linux.
What I understand, av on Linux is used to protect windows.
Use an ad blocker when surfing (ublock origin), install only via official repos and set up a DNS server with decent blocklist and you should be fine.
Yeah, that arrogance will hit you sooner or later.
As the popularity of Linux increases, so will the malware situation worsen.
What makes you think that a "antivirus" is going to do anything?
Security is hard
Security is hard and as Linux becomes a more lucrative target for malware something will slip through. We've already seen attempted supply chain attacks with xz and we know that Linux ransomware is out there. AV isn't a silver bullet; it's another layer in your defences.
This is exactly my point
Your comment seemed like you were saying not to have AV at all
I am not the guy you replied to, I am the guy calling out arrogance for not using AV
ah, sorry about that, I should have read the username...
No worries, shit happens, have a lovely day!
No, that's a different person
More lucrative target, than running most of the internet?
Ransomware is the money maker, and websites rarely contain valuable enough data that companies can't just rebuild the site in an afternoon.
What will a antivirus do? It would just bork the system.
What arrogance?
As I have been told, for years, av on Linux is used to protect windows machines on the network. Companies use clamav to scan files on network shares used by windows machines. Also, what about virus database/definitions, are they having Linux signatures?
Since I have no windows machines on the network, why? Has this changed and I should run clamav to scan for Linux viruses? Do signature files actually have signatures for Linux viruses?
Android most often is compromised by malicious apps, not viruses, which is not really (yet) a problem on Linux. Once it becomes a problem, I will install av. So far it has not been an issue.
Anyway, effectiveness here is interesting
https://en.wikipedia.org/wiki/ClamAV
What do you run?
The reason that Linux systems are less prone to malware is twofold, historically Linux users have been more technical, but foremost due to it's lower marketshare of desktop users, giving malware devs a lower return on their time writing software.
This is changing rapidly now, less technically skilled people are switching to Linux and more are running it on their desktops.
This makes for a more interesting target meaning more time is devoted to writing malware for Linux.
So, a good AV should now be used ahead of the incoming malware wave, ignoring it and suggesting that other's do the same is arrogant.
Yeah, I'm fine without one two, I just:
1: want my wife to feel secure with her system, which I am setting up for her.
She's more likely to be the target of a phishing campaign or malicious mobile app.