GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Antivirus on a linux desktop is a complete waste of time, effort and resources. On e.g. a mail server it's a whole different story. Ultimately it's up the individual though.
What theYinYeti said is the popular perception, but not exactly true. (Caravel is just wrong.)
IF a user is in a CHROOT jail, it is very difficult for anyone who breaks that account to do much to hurt the host machine. If you have a normal user or account with any significant rights on the system, there will always be vulnerabilities that can be leveraged to damage the system. There are software packages floating around DESIGNED to make this EASY for script-kiddies!
If there is nothing you value on the system, and you can clean and reinstall it quickly and without significant loss, then that makes a fine protection plan and you need no antivirus or other protection. If that is not the case, then you need antivirus, root kit detection, and backups. No reputable system administrator will advise you otherwise.
Possible exception: there are people who never install an OS to the hard drive. They run from CD, DVD, or USB using a live-cd image (ALA Puppy, TinyCore, or DSL) that is read-only. SOME administrators still claim that those should be secured: I agree ONLY if there is data there that you would not want exposed. If someone breaks that system, you are one reboot away from painless recovery. Just be aware that any data on a hard drive on that system may be at risk.
The decision factor is not what OS you run, it is what value and risk is involved in the data that may be exposed or destroyed. If it has value, protect it.
As the owner of the data and the person at risk: it is YOUR choice!
If there is nothing you value on the system, and you can clean and reinstall it quickly and without significant loss, then that makes a fine protection plan and you need no antivirus or other protection.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
Quote:
Originally Posted by theYinYeti
Sure.
Thanks to Linux security, if a malware of any sort comes to your account, the worst it can do is delete files under your own name, such as all your personal data, years of mail exchanges, years of family photographs. No big deal.
Thankfully, the OS is safe! Else you’d have to loose 20 minutes reinstalling from USB or DVD, which would be a shame…
um, that's what regular backups are for, because if your hardware fails or is destroyed for some reason your files are just as toast regardless if you were using windows or linux or mac.
frieza, you’re absolutely right. However, although I know about computers, and I do backups, I certainly know no one in my family, and very few among my coworkers, who do backups. People just don’t think about it; it is somehow believed that computer backups are an enterprise-thing, not a personal-computing-thing… :-(
As for the chroot jail (wpeckham), sorry but hardly any process is chrooted in a normal user environment.
My point is simple: too many people wrongfully believe (are made to believe) that Linux is safe, and neglect any form of protection… Some Linux enthusiasts are just too optimistic in their almost-religious converting of newbies to Linux.
Not to say that you should install an anti-virus; certainly not! Issues are different, but they exist.
The average Linux desktop user does not need to to run an ati-virus. In a corporate environment it's a different story...
Quote:
Originally Posted by wpeckham
My point is simple: too many people wrongfully believe (are made to believe) that Linux is safe, and neglect any form of protection… Some Linux enthusiasts are just too optimistic in their almost-religious converting of newbies to Linux.
There are also those that try to make users believe they need an anti-virus... No one said it was infallibly secure, I certainly made no such claim, but running an AV software just on the off chance that you just might get a virus (if you're installing software from only official repos and other trusted sources, that's highly unlikely) is over kill. It's down to personal choice. If you want to run AV software go ahead.
There are also those that try to make users believe they need an anti-virus... No one said it was infallibly secure, I certainly made no such claim, but running an AV software just on the off chance that you just might get a virus (if you're installing software from only official repos and other trusted sources, that's highly unlikely) is over kill. It's down to personal choice. If you want to run AV software go ahead.
You could say the same when discussing any operating system. Windows for example.
Who has the end users interests at heart: those who tell them to run without protection, or those advising them to take reasonable precautions?
I stand by the advice I have given, it was good advice. I agree that it is personal choice, but I also believe that it should be an informed choice. Protection is available, and should be used where the risk justifies using protection.
You could say the same when discussing any operating system. Windows for example.
Windows is a bad example. Windows users download software from unreliable sources and run it as root... this is why windows has gazillions of viruses in the wild and why it's users require anti-virus by design.
Quote:
Originally Posted by wpeckham
Who has the end users interests at heart: those who tell them to run without protection, or those advising them to take reasonable precautions?
Having the "end users interests at heart" also means avoiding spreading fud. Running a program like clamav won't stop these "end users" getting hacked. At the end of the day though it's still down to personal choice. If I run debian and only install singed packages from the repos, I probably don't need AV software, if someone else uses 'buntu and installs a lot of shit from PPAs they might need it, but chances are it won't protect them from a malicious script anyway. Reasonable precautions are: don't install software from sources that you don't trust. Don't run an X session as root, only use root privileges when necessary. Run behind a nat rooter and firewall, not directly connected with a modem. Run script blocking so as to only allow javascript for the sites you trust. Set up a good hosts file to block the hosts you certainly don't want to be connecting to.
Quote:
Originally Posted by wpeckham
I stand by the advice I have given, it was good advice. I agree that it is personal choice, but I also believe that it should be an informed choice. Protection is available, and should be used where the risk justifies using protection.
Personally I have no time for the type of advice that is both absolute, simplified and overly paranoid, i.e. targeted at protecting idiots from themselves. I can see no need for an AV on the desktop. I have been running Linux distros since 2002 and have never heard of a virus, trojan or rootkit. If I had been installing random crap or running a webserver which someone might be interested in breaking into, then perhaps I would have run into something.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.