Please stop oretending Linux was imune to viruses. A virus can do many things, perhaps even more on Linux than it could on Windows.
Not running an AV only borks because viruses nowerdays are much less common, especially if you follow some best practices (Adblock, no piracy sites, recognize sketchy stuff).
A single .sh file with exec permission that asks for sudo will easily download appimage keyloggers and then set a cron job to run it every X time to keep it alive and sends it all to whatever remote location. Or whatever else you let the appimage do.
95% of regular users will double click that, and then write their pass in the popup without blinking twice and that will work in most Linux systems.
Most viruses don’t target Linux, sure, but that’s wishful thinking. Always be creful with what you run.
ClamAV in the corner, visibly annoyed
Its powerful but sadly not realtime
Oh, not true anymore:
https://docs.clamav.net/manual/Usage/Scanning.html#on-access-scanning
That’s great news thanks for telling
Linux has viruses. Always protect yourself…
Just have backups and know what you’re downloading.
I mean, that logic also applies to Windows and Mac. This meme is just stroking the Linux ego.
Yes, that also works in Windows and Mac. When I still dual booted Windows, I gave up on anti-viruses and just didn’t download suspicious things and used Firefox with all the regular blockers. Never had a problem.
What if I know I’m downloading a virus?
Honestly, I use Linux and I need VirusTotal scans for side-loading .deb packages. It’s because I’m not a coding expert, auditing every code of the packages before installing it. So, I think it’s myth that Linux do not need antivirus or anti-malware. We have other different approaches too such as using anti-malware DNS servers.
An antivirus is mostly just a blacklist of known malware. Sometimes heuristics are used such as ‘this piece of software isn’t installed on many PCs, and it appears to be doing shady stuff like, monitoring keystrokes or listening to your microphone’. But unless your antivirus is actually sentient there’s no way for it to really distinguish between a chat application that listens to your microphone so you can talk to your friends / monitor your keystrokes to know when you’ve hit the push-to-talk key, and a piece of actual malware that intends to spy on you and blackmail you.
What you have with a package manager is a whitelist of programs that have been selected by your distro maintainers. Is it completely impossible for someone to sneak malware into a distro’s repository? No, but its a lot easier to maintain a list of known good software than it is to maintain a list of known bad software. And in that situation your antivirus isn’t going to help you anyway, since the people maintaining its malware list aren’t going to magically know that something is malware before the distro maintainers do.
So, generally, just using your package manager instead of running random shit you find online is going to be a lot better than any antivirus. With things like Wayland and Flatseal becoming more common we’re heading towards a situation where fine-grained per-package permissions will become the standard way distros do things, making antivirus even more unnecessary.
We should have done that a long time ago, as the security model of ‘any program you run can do anything you can by default’, then blacklist the ones that inevitability abuse that privilege, is completely backwards.
What’s the difference between that and a walled garden like apple?
In addition to what groet said, I’ll add that this is a little bit like asking “what’s the difference between a public library and Amazon?”.
Yes, there are other public libraries you could go to if the one you subscribe to didn’t have something you wanted or ‘went bad’ somehow, but the most important difference is you don’t have an antagonistic relationship with your public library. Your public library doesn’t have a financial incentive to try to trap you or screw you over.
I’m not super familiar with Apple as I am with Android so take what I talk about iOS with a grain of salt, and Macos with a shovel of salt.
Android permission model is a bag of different layers, and some specific permissions have shifted to more strict layers over the years. For example, in the beginning all apps had a private space that other normal apps could never get into, and public space that everyone would be able to read and write provided they made such “request” at download time. For some time after that I think they moved it to next level, so you " requested" that both at download time AND with a pop up to the user. Currently you have to do all that AND not be a normal app and fill some forms and Google has to agree with you.
Camera, microphone and GPS has been for a long time in the middle tier of requesting at download time and with pop up, for both Android and iOS. But I think not on Mac os, and certainly not on Linux, with the exception of browsers, that have their own security models rolled up on top of whatever their os imposes, since they execute code from total strangers every time you open a page for the first time.
Some permissions like send and receive Internet data are still in the lightest tier, only asked at download time, for both Android and iOS.
I recently wanted to put my Linux obsidian without Internet access, and had to learn how to do that with a script that calls bwrap that in its turn calls obsidian. I wasn’t comfortable otherwise, because I wanted the freedom to run as many community plugins as I wanted, and this is strangers javascript code running in my machine, and I didn’t want it accessing random folders and uploading things.
If I ran vscode I’d do the same, since I’m not familiar with the vetting process for its plugins. Same for gimp, but I never needed plugins in it.
I recently learnt you can fully delete your root account. Can that fully deter viruses? (Assuming viruses need root access to cause damage)
Can’t run a Linux virus if your Linux doesn’t run
As someone who may obtain games and shows/movies through less than rights holder approved methods, ClamAV is a necessity.
Clamav?
This argument is 30years out of date. I haven’t installed antivirus software since WindowsXP. And I don’t think it was necessary for an experienced user then.
Not having inter-distro binary compatibility is a blessing in disguise.
Y’all just have too many dependencies
Different glibc version says hello.
libc is a dependency
Reject C and go back to assembly I guess
Oh, you can write C without the standard library. That’s how I first learned it.
It is, isn’t it.
I just switched to linux and totally forgot about this. Do I really not need one? 99% of what I do is steam gaming anyway so I’m not too worried, worst case I just format and reinstall, but still…
better be safe than sorry so get Clamav and scan your system frequently
Does anyone have an idea what would happen if one runs a Windows virus with Wine ?
Can only access Wine’s directory not your actual Linux files
That’s just not true in many cases. It can usually access your home directory.
Nope. With a stock wine prefix it can access anything you have the permission to access. Your FS root is mapped to the
Z:\drive by default.And the viruses that write themselves to the boot sectors of the hard drive?
They simply can’t because its designed to do that on windows not on Linux because they are different. Plus use ClamAV and you should be good. (I am not an expert in this)
Some interesting answers.
EDIT: even better.
