this post was submitted on 24 Nov 2025
97 points (91.5% liked)

Linux

14484 readers
14 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
97
Linux Antivirus? (lemmy.wtf)
submitted 1 month ago by UNY0N@lemmy.wtf to c/linux@lemmy.world
77 comments fedilink hide all child comments
 

I'm about to install bazzite on my wife's older (2017) Windows 10 machine, and I've been going over how to recreate everything she currently has. Most programs (even proprietary ones) are not an issue, but I'm not finding much in the antivirus department.

I never even thought to install one on my Linux machine (also on bazzite, but I have used other distros in the past). So although I am no stranger to Linux, this issue blindsided me.

I know clamav exists, and I'm educating myself on how to use it, but a GUI would be nice for the wife. She's not afraid of the terminal, but she likes the convenience of GUI programs.

Any suggestions? What do you use? Or is it just generally accepted that one should be careful and keep things up-to-date and that's enough?

you are viewing a single comment's thread
view the rest of the comments
[–] frongt@lemmy.zip 3 points 4 weeks ago

Yeah, that's out of date. While AV still uses file signatures, the modern stuff is behavioral. If you have a file whose instructions use undocumented or low-level APIs, it can look like an exploit and the AV flags it. Endpoint protection products like Sentinelone also take the role of endpoint firewall, managing access to network resources, not just the OS, disk, etc. So if you start sending encrypted requests through uncommon APIs to a cloud server in China, it's gonna get you blocked.