Do you have any antivirus recomendations for Linux.

  • Processes alone don’t warn you when your browser gets exploited or when npm install/pip install/cargo install triggers a cryptolocker/credential stealer/cryptowallet stealer. And yes, you could containerise everything and separate everything in virtual machines and run QubesOS and whatever, but most people don’t do that because that’s a terrible pain in the ass.

    Security is a process, and smart use of antivirus software is just one step of that process.

    • bushvin@pathfinder.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The problem with AV s/w in my experience, is that they do not work very well, and hinder the system’s functioning, because they provide duplicate behaviour of existing solutions and compete with them directly.

      In one instance I discovered McAfee to disable write access to /etc/{passwd,shadow,group} effectively disabling a user to change their password. While SELinux will properly handle that by limiting processes, instead of creating a process that would make sure those files aren’t modified by anyone.

      People need to understand Linux comes pre-equipped with all the necessary tools and bolts to protect their systems. They just don’t all live in the same GUI, because of the real complexity involved with malware…