LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 09-20-2011, 07:25 AM   #16
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,727

Rep: Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367

Antivirus on a linux desktop is a complete waste of time, effort and resources. On e.g. a mail server it's a whole different story. Ultimately it's up the individual though.
 
Old 09-21-2011, 10:11 AM   #17
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS,Manjaro
Posts: 5,511

Rep: Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656
Really?

What theYinYeti said is the popular perception, but not exactly true. (Caravel is just wrong.)

IF a user is in a CHROOT jail, it is very difficult for anyone who breaks that account to do much to hurt the host machine. If you have a normal user or account with any significant rights on the system, there will always be vulnerabilities that can be leveraged to damage the system. There are software packages floating around DESIGNED to make this EASY for script-kiddies!

If there is nothing you value on the system, and you can clean and reinstall it quickly and without significant loss, then that makes a fine protection plan and you need no antivirus or other protection. If that is not the case, then you need antivirus, root kit detection, and backups. No reputable system administrator will advise you otherwise.

Possible exception: there are people who never install an OS to the hard drive. They run from CD, DVD, or USB using a live-cd image (ALA Puppy, TinyCore, or DSL) that is read-only. SOME administrators still claim that those should be secured: I agree ONLY if there is data there that you would not want exposed. If someone breaks that system, you are one reboot away from painless recovery. Just be aware that any data on a hard drive on that system may be at risk.

The decision factor is not what OS you run, it is what value and risk is involved in the data that may be exposed or destroyed. If it has value, protect it.

As the owner of the data and the person at risk: it is YOUR choice!

Last edited by wpeckham; 09-21-2011 at 10:15 AM.
 
Old 09-21-2011, 10:37 AM   #18
linuxpokernut
Member
 
Registered: Jul 2007
Distribution: Slackware 14
Posts: 237
Blog Entries: 8

Rep: Reputation: 59
Quote:
If there is nothing you value on the system, and you can clean and reinstall it quickly and without significant loss, then that makes a fine protection plan and you need no antivirus or other protection.
Which is true of any OS.
 
Old 09-21-2011, 01:16 PM   #19
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233

Rep: Reputation: 406Reputation: 406Reputation: 406Reputation: 406Reputation: 406
Quote:
Originally Posted by theYinYeti View Post
Sure.
Thanks to Linux security, if a malware of any sort comes to your account, the worst it can do is delete files under your own name, such as all your personal data, years of mail exchanges, years of family photographs. No big deal.
Thankfully, the OS is safe! Else you’d have to loose 20 minutes reinstalling from USB or DVD, which would be a shame…
um, that's what regular backups are for, because if your hardware fails or is destroyed for some reason your files are just as toast regardless if you were using windows or linux or mac.
 
Old 09-23-2011, 08:32 AM   #20
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 66
frieza, you’re absolutely right. However, although I know about computers, and I do backups, I certainly know no one in my family, and very few among my coworkers, who do backups. People just don’t think about it; it is somehow believed that computer backups are an enterprise-thing, not a personal-computing-thing… :-(

As for the chroot jail (wpeckham), sorry but hardly any process is chrooted in a normal user environment.

My point is simple: too many people wrongfully believe (are made to believe) that Linux is safe, and neglect any form of protection… Some Linux enthusiasts are just too optimistic in their almost-religious converting of newbies to Linux.

Not to say that you should install an anti-virus; certainly not! Issues are different, but they exist.
 
Old 09-23-2011, 09:43 AM   #21
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,727

Rep: Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367
Quote:
Originally Posted by wpeckham View Post
(Caravel is just wrong.)
The average Linux desktop user does not need to to run an ati-virus. In a corporate environment it's a different story...

Quote:
Originally Posted by wpeckham View Post
My point is simple: too many people wrongfully believe (are made to believe) that Linux is safe, and neglect any form of protection… Some Linux enthusiasts are just too optimistic in their almost-religious converting of newbies to Linux.
There are also those that try to make users believe they need an anti-virus... No one said it was infallibly secure, I certainly made no such claim, but running an AV software just on the off chance that you just might get a virus (if you're installing software from only official repos and other trusted sources, that's highly unlikely) is over kill. It's down to personal choice. If you want to run AV software go ahead.
 
Old 09-25-2011, 08:24 AM   #22
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS,Manjaro
Posts: 5,511

Rep: Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656Reputation: 2656
running naked in the hailstorm?

@Caravel
Quote:
There are also those that try to make users believe they need an anti-virus... No one said it was infallibly secure, I certainly made no such claim, but running an AV software just on the off chance that you just might get a virus (if you're installing software from only official repos and other trusted sources, that's highly unlikely) is over kill. It's down to personal choice. If you want to run AV software go ahead.
You could say the same when discussing any operating system. Windows for example.

Who has the end users interests at heart: those who tell them to run without protection, or those advising them to take reasonable precautions?

I stand by the advice I have given, it was good advice. I agree that it is personal choice, but I also believe that it should be an informed choice. Protection is available, and should be used where the risk justifies using protection.
 
Old 09-25-2011, 12:29 PM   #23
aysiu
Senior Member
 
Registered: May 2005
Distribution: Ubuntu with IceWM
Posts: 1,775

Rep: Reputation: 86
Antivirus is neither protection nor a reasonable precaution. Examples of reasonable precautions:
  • Firefox with NoScript
  • Education about social engineering and trojans
  • Installing software only through software repositories
  • Using strong passwords
  • Not enabling SSH Server and other outward-facing services unless you fully understand the implications and know how to lock those services down
Example of placebo that doesn't actually protect you:
  • Install "antivirus" software
 
Old 09-25-2011, 04:35 PM   #24
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,727

Rep: Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367Reputation: 2367
Quote:
Originally Posted by wpeckham View Post
You could say the same when discussing any operating system. Windows for example.
Windows is a bad example. Windows users download software from unreliable sources and run it as root... this is why windows has gazillions of viruses in the wild and why it's users require anti-virus by design.

Quote:
Originally Posted by wpeckham View Post
Who has the end users interests at heart: those who tell them to run without protection, or those advising them to take reasonable precautions?
Having the "end users interests at heart" also means avoiding spreading fud. Running a program like clamav won't stop these "end users" getting hacked. At the end of the day though it's still down to personal choice. If I run debian and only install singed packages from the repos, I probably don't need AV software, if someone else uses 'buntu and installs a lot of shit from PPAs they might need it, but chances are it won't protect them from a malicious script anyway. Reasonable precautions are: don't install software from sources that you don't trust. Don't run an X session as root, only use root privileges when necessary. Run behind a nat rooter and firewall, not directly connected with a modem. Run script blocking so as to only allow javascript for the sites you trust. Set up a good hosts file to block the hosts you certainly don't want to be connecting to.

Quote:
Originally Posted by wpeckham View Post
I stand by the advice I have given, it was good advice. I agree that it is personal choice, but I also believe that it should be an informed choice. Protection is available, and should be used where the risk justifies using protection.
Personally I have no time for the type of advice that is both absolute, simplified and overly paranoid, i.e. targeted at protecting idiots from themselves. I can see no need for an AV on the desktop. I have been running Linux distros since 2002 and have never heard of a virus, trojan or rootkit. If I had been installing random crap or running a webserver which someone might be interested in breaking into, then perhaps I would have run into something.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: On Bugs, Viruses, Malware and Linux LXer Syndicated Linux News 0 08-11-2009 06:00 AM
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM
Linux malware on the go TigerOC Linux - Networking 3 11-07-2004 02:31 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 02:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration