Should You Run Anti-Virus On Linux?

Поделиться
HTML-код
  • Опубликовано: 23 ноя 2024

Комментарии • 393

  • @0x007A
    @0x007A 2 года назад +310

    Short answer: No.
    Long answer: No. However, do not copy and paste random commands found on the World Wide Web, and only use sudo privileges sparingly.

    • @samsh0-q3a
      @samsh0-q3a 2 года назад +24

      right... "sparingly"

    • @drishalballaney
      @drishalballaney 2 года назад +2

      But you would need an AV only if you are a pirate
      Like just incase if something happens

    • @chocoblan4288
      @chocoblan4288 2 года назад +1

      i use sudo all the time. and i reformat my PC always (✿◠‿◠)

    • @jared.mohammed
      @jared.mohammed 2 года назад +14

      Most of the documentation of programmes or general troubleshooting on Linux requires copying and pasting commands on the terminal. It is not like Windows where you can use the GUI for most functions.

    • @moister3727
      @moister3727 2 года назад +3

      just call it web nerd

  • @sohypeak432
    @sohypeak432 2 года назад +180

    As a *relatively* new Linux user, the advantage of having the device running without antiviruses or data collection (both consuming so much of the resources) breaks any disadvantage.
    Been quite the journey switching to Linux, but the worthiness and the end result is what makes all the effort feel like nothing.

    • @kendarr
      @kendarr 2 года назад +3

      Where did you start? What where the main issues? I'm curious, I'm 2 years now running the penguin I belive

    • @sohypeak432
      @sohypeak432 2 года назад +3

      @@kendarr Nice! I started around 3-4 weeks ago on a virtual machine on Windows. Tried Arch and Manjaro for Unity and sound production purposes, but turned out rough. Tried Ubuntu Studio, Kubuntu, Mint, and Xubuntu, and I seemed to settle down on Ubuntu Studio, as it provides the best backend for sound production.
      I felt ashamed, at first, of being a developer that can't deal with Linux, but as soon as I learned the basics, it turned out way better and more fun than Windows.

    • @kimorlandonilsson1196
      @kimorlandonilsson1196 2 года назад +2

      I feel the same way.

    • @greglocker2124
      @greglocker2124 2 года назад +6

      @@sohypeak432 you've only seen the light, now you must walk into it! Wipe that spyware off your disk and treat yourself with some love and respect - you deserve to use an OS that actually works.

    • @notrockstar1
      @notrockstar1 Год назад +1

      I just switched today to Zorin OS based on Ubuntu 20.4 LTS and I'm really enjoying it , is just amazing.
      Also Zorin is friendly UI for those that always use mac os or windows

  • @notuxnobux
    @notuxnobux 2 года назад +68

    I worked at a very large company and we had windows and linux users in the same network. The internal servers that ran linux did have anti virus to hinder the distribution of windows and mac malware (mostly ransomware) because we were sometimes attacked by hackers.

    • @RobertJohnson-lb3qz
      @RobertJohnson-lb3qz 2 года назад +6

      Excellent. As a noob to Linux and a very long time Windows user this is reassuring. I’ve brought up the Typhoid Mary-ish aspect in a couple of different places and most everyone couldn’t care less. But with all the crap that’s happened and will happen, better to harden things in my view!

  • @act.13.41
    @act.13.41 2 года назад +200

    I have been using computers since the DOS days, so I have been running Windows since Windows began. In all that time, I have had 1 virus and that was on Windows 95 and I would say it was my fault that I got that one. No anti-virus program can protect you from yourself. Not a single one can stop a virus that you give permission to run. I have reloaded many PCs that had hundreds of virus and malware programs on them at the same time. The users waited till they could no longer use the PC before doing anything at all. I did a clean install of all their stuff and gave them a stern talk about their habits. Most "got it" and I never had to deal with their PCs again. Some were back in weeks with the same infections. They could not stop going to the places that got them infected. They are their own worst enemy. "I just need a better anti-virus program," is all they would say. For these people, it wouldn't matter if they were running Linux, they would still find a site that would infect them.

    • @OcteractSG
      @OcteractSG 2 года назад +20

      For the vast majority of people and circumstances, what you said is absolutely true. However, there are still attacks that can infect devices without user action. One of the most high-profile examples is the Pegasus spyware that targeted smartphones. Despite the existence of such threats, though, it’s unlikely that antivirus would be equipped to handle them in a timely manner, and they are rare enough that we could almost move them into the tinfoil hat category of security.
      Consider my comment a mere asterisk on a generally true statement.

    • @maninthecrowd5076
      @maninthecrowd5076 2 года назад

      @@OcteractSG there is rarely anything you can do in these cases even with the antiviruses. Pegasus for example is a targeted malware to spy on state leaders so run off the mill stuff mostly won't work.

    • @andreobarros
      @andreobarros 2 года назад +14

      This makes me remember, one time I was an undergrad student, the new guy on the IT of the chemistry dpto of my university, as a sort of temp scholarship.
      The previous person (also undergrad student) was talkin to me how their PC(windows) was slow, that to even open the browser it was slow.
      Fast forward a bit, to my first day. I enter the PC, now under my responsibility, try lookin around, everything is kinda slow, then I look at the pc specs. It was an i5, with 4GB ram, for the time, waaay beyond anything you would ever need.
      I notice that Avast was having issues to start with the system, and google chrome was really slow.
      I was like "How is this even possible, this thing is a beast and its slow, I will do a malware check just in case, you never know, things are weird here"
      I download, I think malwarebytes, at the time they weren't so annoying about their free version.
      I shit you not, it had **+6000 infections**. Avast was compromised, also the browser was fake. And better yet, the things on the machine were somewhat sensible (not money worth sensible, but if lost, there was no backup). It took me 3 days to clean that thing completely.

    • @RobertJohnson-lb3qz
      @RobertJohnson-lb3qz 2 года назад +1

      The only time I ran into a virus was when I received, what looked like an email from my sisters work email address. I forget the way I was tricked into clicking on it. I think it said “Check this out, or pics” or something like that. After clicking on it the HD quickly became unusable slowing to a crawl. I forget what program I was using at the time that I was using to take a “snapshot” of the system but I kept going back to a good version of the Windows os and after an hour or so, I was back to the same messed up situation. I went to the local computer store and bought a new hd and just reinstalled the os. Problem solved. But I can’t help myself, based on what you have seen what do we noobs do that get our systems infected?

    • @act.13.41
      @act.13.41 2 года назад +11

      @@RobertJohnson-lb3qz For most people that are constantly infected, they love porn sites. For the rest, they click anything that says "FREE!" 🤣

  • @_DT_
    @_DT_ 2 года назад +24

    Most users use their OS as a bootloader for their browsers. If you use linux I recommend that instead of intalling an antivirus you do what's said on the video + hardening your browser like installing an adblocker and blocking popups

  • @silicoid
    @silicoid 2 года назад +21

    I would say "do you need" and "should you" are very different questions. You don't need but you should consider it.
    Yes, there are not many linux based viruses, but as you said, if you use linux as a file server it makes a lot of sense. So it depends.
    The other thing to keep in mind is, that when it comes to security it doesn't hurt to be ahead of the curve.
    Since you mentioned firewalls. Do you need to run a firewall: no. If you are a regular desktop user then there should be nothing configured that listens on external ports. Everything should only use loopback. Yes, firewalls are a lot more common. The reason is that there are a lot of systems that need it thats why it is rather easy to do. It would be nice if that happened with virus scanners as well. Make it a lot more easy and accessible to use them and that only happens when a lot more people use them.

  • @ivanretrobit
    @ivanretrobit 11 месяцев назад +5

    i still install ClamAv into any linux distro to check drives i plug in, its helpful if you want to check a windows drive externally.

  • @run3676
    @run3676 2 года назад +14

    There are tons more attack vectors that are very hard to protect against. Imagine a malicious npm package repository gets hijacked and it has millions of installs. If a software previously known to be legitimate pushed some malicious updates you're going to get infected no matter the OS you're running. Having an AV may protect you against some obvious malicious behaviour or known malicious files and that's good on any OS.

  • @scheimong
    @scheimong 2 года назад +29

    Note on ClamAV: it actually ships with an "on-access daemon" (at least it does on RHEL & Fedora) that uses kernel APIs to scan and block access to malicious files when users try to read them. If you are deploying Clam on a server that accepts arbitrary data upload, this is likely what you want to set up (of course, alongside regular full disk scans).
    I've had Clam deployed in this configuration on a file server for a small office for more than a year now, and I've had significantly reduced number of virus-related tech support calls. But again, this is only to protect Windows clients in the network. TBH it was quite a hassle to set up correctly (especially with enforcing SELinux), so if you've got a Linux desktop instead of a server, it's most likely more work than it's worth.

    • @RobertJohnson-lb3qz
      @RobertJohnson-lb3qz 2 года назад +1

      I’m a new user of Linux and the AV issue keeps crossing my mind. Correct me if I’m wrong but your saying that ClamAV is more helpful when used on servers as opposed to the desktop. Using an AV on servers to prevent a Typhoid Mary-ish situation seems like a good idea.

    • @reoencarcelado5904
      @reoencarcelado5904 2 года назад +2

      @@RobertJohnson-lb3qz I’m still a Linux newbie so please don’t quote me on this. I’m only paraphrasing what I’ve learned from people WAYY more knowledgeable about Linux than me and whom I have asked the same darn question [(about ClamAV)] to:
      ClamAV is a AntiVirus software-program written for the “Linux” operating-system (ie. actually “GNU+Linux”) that scans for Windows viruses.
      So that you don’t accidentally transfer Windows viruses into someone-else when sharing files between Windows-users and yourself.

    • @RobertJohnson-lb3qz
      @RobertJohnson-lb3qz 2 года назад

      @@reoencarcelado5904 Good info, thanks.

    • @reoencarcelado5904
      @reoencarcelado5904 2 года назад

      @@RobertJohnson-lb3qz you're welcome :-)

    • @TheMadRocker
      @TheMadRocker 2 года назад

      I run ClamAV on my NAS since windows machines do access it.

  • @Azmodaeus49
    @Azmodaeus49 2 года назад +7

    I've noticed that, when I immigrated (moved from windows to Linux full time) I realized Linux doesn't really need AV, so that put my digital brain/heart at peace.

  • @Not-THAT-ChrisPratt
    @Not-THAT-ChrisPratt 2 года назад +47

    I appreciate not only the definitive answer but the reasoning behind the answer.
    Again, thank you so much for your videos and all you do for the Linux/FOSS community, esp us noobs out here. 🙂

    • @silicoid
      @silicoid 2 года назад +2

      To be honest. The answer in my opinion was flawed. Need to: no. Should you: you should consider it.

  • @rui.craveiro
    @rui.craveiro 2 года назад +8

    One of the things I became used to is to always install software from either Fedora's repository or from Flathub. The sensation I have nowadays when occasionally running Windows and I need to download an application and install is of the same nature of the sensation I have if I forget to buckle my seat belt before driving... It feels unsafe and unnatural. If the day comes when we will really need an anti-virus (I don't think we're there), for me it would be enough that the repositories had an anti-virus scanning every application that is added to the store (if they don't have already). Using Linux is implicitly trusting the repositories and I'm fine with that. Users who download ELF files elsewhere do it at their own peril.

  • @Sumire973
    @Sumire973 2 года назад +17

    Antiviruses may be useful in scenarios where automation is needed, at the end user level in many cases they generate a false sense of security and unnecessarily consume system resources, which is bad for low-end computers, although they can help people less experienced it should be noted that false positives are not uncommon either.
    Another important thing is that most antiviruses programs are proprietary software, and together with controversies such as the Avast issue, they may not be as reliable as they seem at first glance.

  • @dappermuis5002
    @dappermuis5002 2 года назад +4

    I'm one of those that use clam Av, because I'm pretty much the only one around me in regular contact, that uses Linux. It has saved me from passing on a virus or two to someone on a Windows machine. As many I know don't know computers well and am more likely to get something from them, that I could pass onto someone else.

  • @gregcampwriter
    @gregcampwriter 2 года назад +7

    I have ClamAV set to run and update at times when I'm unlikely to be using my computer. For me, it's like the grip safety on an M1911: It's not hurting anything to have it, and it might help.

    • @Afriqueleblanq
      @Afriqueleblanq 11 месяцев назад

      That thing is a joke. Now really.....😊

  • @grandpaspaintingstudio
    @grandpaspaintingstudio 2 года назад +6

    This was so funny. I was do a Linux Mint install on my stream today and we got talking about viruses and malware on Linux. At the end I always tell people about your channel and low and behold here you are talking about the same thing.
    I remember back in college, in one of my classes about operating systems, someone asked "Why does Windows get all of the viruses and Linux gets none?" I raised my hand and told the class that the reason for this is because all of the viruses are written on Linux and we are not going ti infect our own systems.
    Joking aside, if Windows users treated their system the same way those of us on Linux do, update the system every time it shows one available, use strong password, stop auto logging in , and stop downloading stuff without knowing who or where it came from, then they would not have to user anti-virus. Using common sense is the biggest thing you can do to stop, I am guessing, 90% of the viruses out there.

  • @SgtRamen69
    @SgtRamen69 2 года назад +12

    I'm someone who does like having AVs just in case, cuz the best viruses are the ones you can't see/expect and I reckon Linux will see more of those in the future.
    If you're already "nerdy" enough to use Linux though you might as well harden your system security by yourself, run everything in a VM and make (preferrably external) backups. That's pretty much the foolproof way for any PC user imo

    • @julietlouisatravels
      @julietlouisatravels 2 года назад

      Which AV do you use?

    • @SgtRamen69
      @SgtRamen69 2 года назад

      @@julietlouisatravels Well I'm a Windows user so Defender, but also Malwarebytes for scanning every now and then and VirusTotal for everything I download.

  • @troytaylor1913
    @troytaylor1913 2 года назад +7

    Having an anti-virus program on Linux is the best way to scan a hard drive with Windows on it. A Windows virus or trojan is totally dead and can't hide while being scanned from a Linux OS. I either take the drive out and plug it in a Linux desktop or use a bootable USB or CD Linux distro with an antivirus on it. Other than being used as a tool to fix Windows I really don't need an antivirus.

    • @fugedaboudit
      @fugedaboudit 7 месяцев назад +2

      Can u ellaborate? I'd like to use my Linux distros to scan my Windows PC from time to time or the CD method. Please tell me the exact steps it might help others too.

    • @troytaylor1913
      @troytaylor1913 7 месяцев назад

      @@fugedabouditAvira rescue disk is a good one. ruclips.net/video/JbTc2ytl314/видео.html

    • @JacobNintendoNerd99
      @JacobNintendoNerd99 3 месяца назад +1

      Seconded. Would like to know how to do this to have this trick in my arsenal

    • @JacobZigenis
      @JacobZigenis 2 месяца назад

      That's only true for static signature-based analysis of malware. Behavior analysis is also very important.

  • @schemage2210
    @schemage2210 2 года назад +7

    Very informative. Thanks for the video. Was surprised to see that SELinux wasn't mentioned though I understand that that precaution is mainly designed for the server space.

  • @jasonstiles7978
    @jasonstiles7978 2 года назад +8

    The only problem I can foresee as a Linux user when they were sending out cd's. My first taste of Linux was Saboyan, adding unknown 3rd party repos. Hackers at least imhop are poisoning the repo in order to infect your computer. Windows uses .exe and the like. Whereas Linux uses packages and tarballs. Not really much of a chance of getting infected, but it's still possible and hackers are writing progs to do that more often now.

  • @SpyderGamer
    @SpyderGamer 2 года назад +6

    Thank you for this! I've been having this question on my mind for a few weeks now, glad to have it answered. Great video, keep it up! :D

  • @BWGPEI
    @BWGPEI 2 года назад +5

    Just FYI: We have a hardware firewall, and the log shows many "Ping of Death" packets dropped in the last week.

    • @reoencarcelado5904
      @reoencarcelado5904 2 года назад +1

      @BWGPEI:
      Really handy 🙂 (to have a hardware-firewall).
      In my case I have both a hardware-firewall (in this particular case, it’s built-in to the router I currently-use) and a software-firewall installed in each of the computers I use 🙂.
      Double the protection 🙂.

  • @samsh0-q3a
    @samsh0-q3a 2 года назад +38

    AV is only a safety net for those that just randomly click on things and dont pay attention to what they're executing, you dont really need to run it on anything technically. The main issue is primarily the user's habits and how the software is distributed and obtained.

    • @boody8844
      @boody8844 2 года назад +4

      when you are installing a cracked software you are basically crossing your fingers hoping it is not a virus every time

    • @doooofus
      @doooofus 2 года назад +4

      @@boody8844 thats why i always reverse engineer and binary analysis my pirate software in a virtual machine jk i dont know what any of those terms mean

    • @mrnulll
      @mrnulll 2 года назад +8

      This isn't entirely true either though. There are ways your machine could become compromised just from visiting sites as you normally would. Updating your machine can also cause this. While an AV isn't going to protect you from everything it can help mitigate certain attacks.

    • @robonator2945
      @robonator2945 2 года назад

      @@boody8844 eh? I mean not really. The piracy community is generally pretty bloody good at filtering out all the spam, you just need to know the right places to look. It's honestly not even a hassle to learn, you just need to know a few site names and you're set. Some are specifically curated, others run on a reputation system so people who have been frequently posting for several years with thousands and thousands of upvotes have functionally a 0% chance of containing malware, etc.
      Honestly I'd argue downloading cracked software with a modicum of competency is probably safer than downloading obscure freeware you can find online to do similar tasks.

    • @Sumire973
      @Sumire973 2 года назад +1

      @@mrnulll An antivirus can actually make you more prone to such attacks by giving you a false sense of security, which in turn leads you to visit those sites because "well, I have an antivirus, nothing will happen" without knowing that there are ways to bypass AVs, including infecting GPU VRAM, malware developers are totally aware of this.

  • @ringo8410
    @ringo8410 2 года назад +2

    Linux Cast, another great Linux youtuber, recommends updating your system once a week or every couple of weeks. I've set up a crontab to do it automatically.

  • @jordanhildebrandt3705
    @jordanhildebrandt3705 2 года назад +6

    I've been using a hosts file to block ads and unwanted sites for years. It makes the Internet a much nicer place, and makes a lot of the initial infection vectors simply unavailable. I use the winhelp2002 file, although the maintainer has kind of abandoned it at this point.

    • @Bob-1802
      @Bob-1802 2 года назад +1

      I wonder if hBlock would do what you seek for. It seems to be maintained.

  • @obsoletepowercorrupts
    @obsoletepowercorrupts 2 года назад +4

    Great video and a good topic for commenters bouncing ideas of each othe when thinking about solving problems. Sometimes the linux box is the firewall or squid proxy (or similar) and so antivirus is on there generally anyway as an option. Extra layers of security are not a replacement for security though. For example, making a choice between dependency tree and containers is an example because containers are not a replacement for security but an extra layer of security. Encouraging distros that still use dependency tree installs for software already on the (CD/DVD) ISO file _(rather than deprecating old software in favour of assuming an app-Image or SNAP packake or Flatpak as a future of application distribution)_ prevents an eggs in one basket scenario. It is often more lightweight on hardware generally and keeps older microarchitectures that stood the test of time _(and old architectures in general)_ as an extra string to the bow even if the processing power and storage are older and humble, rather than having all eggs in one basket with the latest approach of early adoption. A method of application distribution that can give you everything is also a method of application distribution that can take everything away from you. If using SSL, ask yourself if you want to use LibreSSL. Likewise SSH and secure sockets are useful so that not everything has to be done by tunnelling which after all can potentially hide a hack that somehow manages to get in. There are pros and cons to VPN. It is not to say bad things about VPN but rather to be mindful of taking a nuanced approach to having the right tool for the job at hand. The compromises of today become the standards of tommorrow. A password is one way to use an identity layer. An OpenPGP card might include GnuPG. It is not just what you are signing into but by what mechanism you do so which you take into consideration. LAM MPI (See Open MPI) comes from excellent work at Indiana University as in Open Indiana OS. sometimes looking out side of linux _(even if only to return to linux perhaps)_ for an OS and technology is a way to keep options open.
    Using a Linux antivirus is an opportunity to reach out to and donate a few dollars to those linux coders, keeping them in the loop. Antivirus software exists not only to protect against a malicious software but to write malicious software preemptively sort of like ethical hacking. Even if those "potential" malicious softwares never pop into existence, the knowledge of what thet technology can do thereby does come to pass. As such there is utility in the existence and publicising of the software which is also a body of knowledge in that form. This software technolgy and spreading of an idea (sometimes including peer review) can influence future hardware design for example of a custom microarchitecture. Ironically, that very microarchitecture _(for example of a CPU, gate-array or some other component)_ also may never come into existence in a more tangeable real-life (such as hardware) form but may remain in emulation forever more. Preemptive distributed "ethical hacker" hacks against ledger poisoning and DHT attacks are another way to anticipate and prevent malcious software events. Speed of scanning with ClamAV _(or some other antivirus)_ can be planned for when building your computer such as whether or not you desire a filesystem which does a lot of its work in memory (like ZFS) because do rmeber that will use memory even though you might desire that for something else at that moment. So consider using a fast journaling system like Reiser4.04 (e.g. for Debian10 see metztli) and whether or not you want to thereby use a magnetic HDD rather than a SSD (or NVMe) since journaling can be hard on the NAND semiconductors for wear and tear. The HDD also avoids the namespace passthrough mess of NVMe for virtualisation.
    Some might say an antivirus for a virus that does not exist yet is unnecessary detail, an answer to a question nobody asked, however, also, they say there is no such thing as bad data. Many a prototype in software exists and becomes useful later and that is not exclusive a concept to merely an antivirus software. For example the notion of voxel graphics being used on old dumbphones retroactively was an example of that happening. Remember what license you might sek for software (and it can affect antivirus too). Ask yourself of a license you seek to use, "Is there a GPLv2 or GPLv3 or or MPL or MIT or Apache or BSD and so on?"_ The Botan software library can be an impressive software where people desire that license. If you adopt container distribution, ask yourself if you seek to forever relying on the fastest for example where BitSwap is IPFS _(a use case being IPFS and Netflix as an example)._ Consider also if you are using encryption that relies on a hardware specific instruction set. Antivirus software can also be a form of proprietary software but also FOSS software (or even Public domain) and so the technology, by means of existing when written as a FOSS (or copyleft, etc.) antivirus software, can be a future contribution to a technology yet to be invented and that might be in the Public Domain such as by Copy-Left. Not only does an antiivirus get written but also some sort of documentation comes with it, be that a manual _(as in the constructive heads up for 'RTFM' meaning 'read the flipping manual')_ or a humble changelog. As somebody with a stationery fetish, knowing that I can have the liberty to draw a chart over time of antivirus changelogs to further embellish the picture-framed graph-paper adorned walls of my catacombs HQ really makes my day. I can sleep like a baby at night knowing that in my world every potential bug is a potential feature. Relax, guys. As I whisper the innoculating sweet nothing of "trust me" into your ears, you can rely on me, just like you can rely on Porton Down.
    My comment has no hate in it and I do no harm. I am not appalled or afraid, boasting or envying or complaining... Just saying. Psalms23: Giving thanks and praise to the Lord and peace and love. Also, I'd say Matthew6.

  • @badpiggies988
    @badpiggies988 4 месяца назад +1

    I hear a couple of years ago Linux servers and even a few Linux PC users in over fifty countries faced their first-ever major worm attack- and it didn't even involve the typical vectors for Linux malware, like infected email attachments from Windows or Mac users with a few lines of code at the end that, upon detecting Linux, contaminate the packages of such machines by abusing the "sudo apt upgrade" command if they see a particular repository vuln, or trojans WINE-ing their way in through infected Windows install packages.
    I see it as a rite of passage for a relatively-obscure type of OS.

  • @anasouardini
    @anasouardini 2 года назад +4

    but behavioral analysis is always a good thing to add to your OS, I mean all EDR solutions have more feature than the behavioral analysis and probably are very stupid(still evolving) features, like the heuristic analysis.
    but when a malware get into your OS, it's not the end of the game(tom and jery as malware analysts say) and should not be, so even if you do a mistake which is really really common. there should be a way to detect that, which is where antiviruses/EDR solutions or any equivalent tool or script you wrote yourself etc comes in handy.
    for example, your got yourself a miner that persists itself by injecting itself in a dependency that must run on the startup of the OS, so would you just consider it the end?
    I don't think it's the good way to think of this, you still can check the integrity of your binaries or analyse behaviors of some binaries (for example some binaries shouldn't be able to spawn other processes).
    so there is another stage after you get "hacked", that's where having an antivirus or any thing similar could be useful.
    so most folks would say, don't download random stuff from the internet. don't just run command... etc. but the person himself don't read source code of a certain 3d party software some of which WMs and status bars, and so on. and to be honest almost nobody does. so we all can get hacked at any point in time.
    now the same person would say that he haven't got hacked ever in his life. but then, he's not a corporation and he's not attracting too much attention to his setup to begin with. so considering yourself(in general) secure just because you are careful of what you download has some shades to it.
    also let's consider you read each package source code before you decide to use it... even then if there is a bug in that package you probably won't know that so vulnerabilities are not a thing you avoid just by downloading the famous packages or reading the code of what you download. I know that nobody can get away form this, so here is where the automation comes in handy, now the vulnerability as simple as a very stupid buffer overflow but the user(even some security specialist) can't notice the exploit when it happens. but the automation can.
    so saying that you don't need an AV/EDR is kinda not really true, I wrote many malware samples on windows and even windows defender(really shitty) caught some of them when I try to do some shady remote execution. where the user won't notice anything while he's watching his cats videos on catshub.com.
    so basically and generaly, automation is a really good thing to have in your poor operating system.

  • @chrissaltmarsh6777
    @chrissaltmarsh6777 2 года назад +4

    Very sensical. I do all of that, and I never have bank details or logins on any computer. In my head or in the little safe at home in case I forget.
    MacOS is in a decent position as well - it is BSD Unix at its base, so also open to eyeballs from the community.

    • @Sumire973
      @Sumire973 2 года назад +5

      macOS is a proprietary product, and it's actually a hybrid between Mach and BSD, macOS and derivatives use code from an old FreeBSD version and beyond that they're completely different beasts, the same goes for Sony's Orbis OS even though the latter is indeed a direct derivative of FreeBSD, since its proprietary stack and display server are completely different from the open source ones.

    • @Sumire973
      @Sumire973 Год назад

      @SusYouAre Cry about it

  • @timothyvaher2421
    @timothyvaher2421 Год назад +2

    Thanks for the overview. It applies to all systems as well! Doing everything you've said will lock down most machines! Could you do a web browser security setup with password management video? Web browser's, portable hotspots & routers such as Net Gear have many settings that are not explained as optimal configs.

  • @thedeefense2
    @thedeefense2 Год назад +2

    Around the 5:40 time mark, disk encryption is talked about. My questions are "Can't someone guess or crack the password for that as well? Does disk encryption stop the files on your drive from being readable when connected to another machine or from a live disk? Am I missing something?"

    • @tactiguay7154
      @tactiguay7154 Год назад

      Usually (in case of Linux disk encryption, but also bitlocker) the startup password is a key to decode a more complicated key that is actually used to encrypt your computer. The thing is that this short "user input" key takes a long time to decode the "large key", that is then loaded in your memory and using a simpler encryption algorithm so your computer runs fast. So, unless you're using a easy password that can be found in a dictionary, even a supercomputer can take an inmesurable amount of time to brute force your short password, just because with every try it has to do very complicated calculations just to try to decode the decryption key.
      I have a slow laptop laying around with full disk encrytion and after inputting a 10 character password takes 30 seconds of iterations to decode the actual encryption key. Even if a supercomputer just takes a nanosecond, it would still take thousands of years. And the actual encryption key is like guessing a bitcoin address - would take a quantum leap or more time that the life of the universe.
      Now, if you use a computer with a TPM module (and I don't trust them) that module stores the decoding keys and is charged to disallow any tampering.

  • @Blackcountrysteam
    @Blackcountrysteam 2 года назад +2

    Interesting video DT how about a video for us newcomers on setting up firewall and disc encryption and maybe SSH although the later maybe for a more experienced user

  • @AceFuzzLord
    @AceFuzzLord 2 года назад +2

    A lot of people bring up good points about the whole "don't visit sketchy websites or download sketchy files" but that doesn't help when more reputable piracy sites can look just as sketchy as any other site out there
    As someone who will openly admit to practicing piracy, I can attest some sites do look a bit sketchy but provide what you're looking for. Some of them look pretty damn legit and professional and you can still get viruses
    If you're gonna pirate something, you definitely need an anti-virus software just in case because it can be a mixed bag for what's safe and what's not safe
    Also- even though sites like VirusTotal exist- VT only works with files of around 660MB, which a lot of modern games and programs exceed in size which makes the website a bit redundant and not that useful
    In general some common sense can help but, it can't always stop a virus if you go through a piracy site for a copy of a game that's $500 for a real copy because of price jackers and scalpers

    • @JamesSmith-ix5jd
      @JamesSmith-ix5jd 2 года назад

      it will detect trojan in 99% of cases, you can't pirate and use AV at the same time effectively. if you add everything to exclusion you might as well not use av to begin with.

  • @WildWestDesigns
    @WildWestDesigns 2 года назад +2

    It depends on the user and the demographic of the user as well (this actually applies to Windows users, and for crying out loud, Windows users, don't have your admin account the same as the first account that you setup, such a simple extra thin layer of protection, not much, but better compared to not doing it and not even having a password). Most of your script kiddies don't mess with Linux, because typically the users are more cautious compared to Windows users. But as far as virus/malware etc, it doesn't even have to directed at Linux specifically, but cross platform software in general. For instance, a few yrs back there was nasty malware being used in PDFs when opend/read in browsers, especially as default. That was no bueno on all 3 systems. Stuff like that.

  • @cavalen
    @cavalen 2 года назад +8

    Use a strong and complicated password just like DT does !

    • @warrenfloyd-i9q
      @warrenfloyd-i9q 19 дней назад

      spot on without being perfect, when this all gets too complicated at least most can do this very good step

  • @petrlosev6611
    @petrlosev6611 2 года назад +1

    Just Linux users don't usually distribute software via executables due to dependencies. It's always packages that are usually from well known repositories. Modern Windows OSs also block exe-files distributed over the net.

  • @Matt2010
    @Matt2010 2 года назад +1

    No sure yes but as a good backup from over network possibly, self-replicating, be a good idea to still have AV on Linux and occasionally run it to scan entire drive.

  • @Raphty
    @Raphty 2 года назад +2

    So agree! Good tips.
    Maybe check out safing Portmaster. Great firewall, blocks all incoming connections by default.

  • @AIC_onyt
    @AIC_onyt Год назад +1

    i am a linux main since 2 years...
    i used to have a bug where windows defender would do a full scan off my SSD while booting.
    literally 100% drive usage all the time..

  • @Slitnical
    @Slitnical 10 месяцев назад +1

    When I switched from Windows to Linux I had a key for an antivirus on Windows which worked on linux as well so I installed it and has so far it has not detected a single threat, I will probably still renew my license after it expires as it is always a good to have.

  • @nosotrosloslobosestamosreg4115
    @nosotrosloslobosestamosreg4115 2 года назад +3

    I love your shirt, man. My exact feelings on Ubuntu.

  • @raughboy188
    @raughboy188 7 месяцев назад

    Since you mentioned ssh there is one thing that is a must to do: Never ever use deafult port for ssh,change it to any other except 22 for security reasons. What i said doesn't come from me but from cisco. I will give you good reason to avoid default port. Few days ago i came across list of trojans and ports they use and one of them used 22. Whenever you're implementing something avoid defaults at any cost especially if you're hardening your security and you as advanced linux user know it but most don't. If you really wanna keep undesirables from your system and network consider using digital certificates. Certificates aren notorously difficult to break through but still not impenetrable but they add layer of security, they are equaly notoriously diffuclt to write.

  • @shridhars6312
    @shridhars6312 2 года назад +8

    Congratulations on 200k ...u really are doing Great 👍

  • @PhoeniXfromNL
    @PhoeniXfromNL 2 года назад +4

    another nice "keep your heads up" video DT ^^
    it's true enough, whatever OS got the most "normie" users, that is what OS you gonna craft your virus for.
    but whatever OS is used, malware that doesn't need user interaction aside.
    the one behind the keyboard tend to be the one that installs them.
    and if Linux ever become the standard desktop, I think it's interesting in the sense of "how do you craft such"

  • @lolocaust4967
    @lolocaust4967 2 года назад +1

    I update at the start of every day. Takes a few minutes to download a couple of small updates rather than a big download of multiple updates plus a bunch of installs once a week or so.
    But that's just me.

  • @Afriqueleblanq
    @Afriqueleblanq 11 месяцев назад +2

    Ubuntu means "I am, because we are." It is a traditional creed here in South Africa 🇿🇦. It is pronounced ooh booon too. 😊

  • @cpt.sl_pirate
    @cpt.sl_pirate 2 года назад +3

    Windows user: wait windows itself is a virus?
    Linux pro: always has been

  • @thesilentgeneration
    @thesilentgeneration Год назад +1

    Linux Mint Cinnamon actually advises you when updates are available. Nice.

  • @OnyxIdol
    @OnyxIdol 5 месяцев назад

    I just installed Mint old my old Thinkpad as a testing ground before a very possible full migration once support for Windows 10 ends next year. The idea that an antivirus is not necessary is so wild to me (but a pleasant surprise of course)

  • @lavamonk2213
    @lavamonk2213 2 года назад +2

    For me, the biggest threat to my Linux distro is me. I tend to manipulate my operating system for fun and experiment. So I had to reinstall or try a new distro at least once a year. LOL :)

    • @eclipse2445
      @eclipse2445 2 года назад +1

      I’m mostly the same way but I’ve never had to reinstall because I know the basics of live system recovery

  • @soanvig
    @soanvig 2 года назад +1

    Yeah, just run all copy-paste scripts from Internet as sudo users :D actually it would be nice if some program could check for the user WHAT is he running from external curled or copypasted script. This would be extremely useful for new users especially.

  • @marol75-l2h
    @marol75-l2h 2 года назад +7

    After I had some issues with external HDD, I felt I have to install clamav on my desktop. No viruses 😀 Although I'm using btrfs, I think DT reminded me about firewall. It's a good idea. Thank you, Derek! 🙂

  • @member5003
    @member5003 2 года назад +3

    Throwing out a generic "you don't need an AV" is throwing out a generic "I don't know who you are but I know you're smarter than any hacker you can find online" which is quite a statement without knowing who you're talking with

  • @thetapheonix
    @thetapheonix 2 года назад +2

    If you update your system regularly and stick to software from official repositories you dont need an antivirus.

  • @Cadey
    @Cadey 2 года назад +2

    You only need antivirus if your compliance requirements force you to have one.

  • @SPLaholic
    @SPLaholic 2 года назад +1

    DT mentions updates in linux. As soon as he mentions the word update, I look and darn sure nuff, I had an update.
    Getting like windows with the updates, honestly

  • @gwgux
    @gwgux 2 года назад +2

    Antivirus on Linux is more for detecting viruses for other operating systems than it is for Linux viruses. Sure Linux viruses do exist, but it's not likely for one to get on your system if you follow the common sense best security practices. I've run Linux on a desktop for over 20 years now and not once have I ever gotten a virus for Linux on a Linux desktop. I've only ever run an AV on Linux to check files for other operating systems. When security bugs are found in software on a Linux system, they are usually patched very quickly with the update available to you on your distro of choice by the time you find out about the bug. Unlike other systems that typically release patches on a monthly basis, in the Linux world a security patch gets made, tested, and pushed out very quickly. It's not just one company with thousands of programmers the hackers are fighting against, it's literally a community across the whole world they're up against so when bugs get discovered, someone is almost always working on it to fix it ASAP.

  • @jamesrichardson8488
    @jamesrichardson8488 2 года назад

    Great vid!
    Where did you get your T-shirt?

  • @bradleyeverson697
    @bradleyeverson697 2 года назад +5

    Great video DT. I use ClamAV which perfect for my system76 machine. Even the support team at system76 highly recommend to use it.
    Funny thing if you look at Norton, Symantec, McAfee, and some of the other big anti-virus software companies. They only support Windows and Mac. LOL 😆 🤣 😂.

  • @rockymargunee9064
    @rockymargunee9064 2 года назад +1

    Hey dt How to load lxpanel in jwm?,and second Q Discover is already install on Devuan_beowulf_3.1 linux but you will not be able to open it!!

  • @irbaboon1979
    @irbaboon1979 2 года назад +3

    In general virus and malware crap is enduser caused - driveby attacks exist though - but if you’re an average user that runs in a highly privileged account because sudo is annoying (which is the main reason why windows was so open in the past until they locked that away behind the uac prompts over a decade ago) you can always cause mayhem, no matter the os - Don’t install random stuff and stay away from dodgy sites and you’ll be fine!

  • @paulb62438
    @paulb62438 2 года назад +2

    Are Linux servers also not being attacked as well? Given servers' prevelance, I'd think they would be.

    • @samsh0-q3a
      @samsh0-q3a 2 года назад +4

      not with "viruses"

  • @whiskeyfur
    @whiskeyfur 2 года назад +1

    Bad advice.
    Yes, you need antivirus, especially if you're using your system to store files for your other systems around the house or business, or store backups of your windows systems. The advantage of running an antivirus software on a NAS box means if your windows machine is infected, the backups will NOT carry it past that point.
    When I worked as a computer lab tutor, we had virus issues on our server on a DAILY basis. The server itself largely isn't affected, but do you really want to be the CAUSE of a campus wide infection?

  • @trp225
    @trp225 2 года назад +1

    Also if you serve any files (exs e-mail, FTP, HTTP/HTTPS) it is suggested to a use virus scanner.

  • @xellaz
    @xellaz 2 года назад +10

    Even in Windows, you don't really need an antivirus as long as you don't do 'stupid' things.
    But yea, get a firewall. Preferably a hardware firewall. I highly suggest Firewalla Purple for Internet speeds < 1Gbit or Firewalla Gold Plus for Internet speeds > 1Gbit.

    • @mickaelsflow6774
      @mickaelsflow6774 2 года назад

      Arguably, a hardware firewall and a well configured (or "notifying") software firewall are nice to have. Can recommend Firewalla for ease of use. Blue or Purple.

    • @bryanbearsley6227
      @bryanbearsley6227 2 года назад

      if you go to the right places on the internet. you will be fine. my parents tell me that all the time. i don't think linus needs an anti virus. but it is my first time using it. and i like it. it is fast on my dell pc

    • @bryanbearsley6227
      @bryanbearsley6227 2 года назад

      and i agree with you what you just said. about not doing stupid things. like going to places your not suppose to go

  • @abhisek801
    @abhisek801 2 года назад +12

    Years ago my laptop had a virus known as Windows. I installed one of the top notch anti virus to get rid of it, "Linux". Ever since then my laptop is virus free and no need of any other AV.

    • @Perry....
      @Perry.... 2 года назад

      @Edward G. Stone Cry 🤡

  • @tristanwait4itlegendary
    @tristanwait4itlegendary 2 года назад +4

    TimeShift or gnome backup is also Great for newbies

    • @fixer1140
      @fixer1140 2 года назад +2

      I'm a newbie and I endorse this message. Timeshift has save my ass more than once.

  • @MeltEmber
    @MeltEmber 2 года назад +1

    Can you tell me where to buy these t-shirts? Asking for a friend and myself

  • @adviththegreat5610
    @adviththegreat5610 Год назад

    The thing is, if you use both windows and linux on different devices, even if a malware doesn't affect linux, your linux device can still be a vector for your windows device.

  • @bufo333
    @bufo333 2 года назад +1

    Its Funny I agree with you, but most enterprise IT shops that have to meet PCI compliance are forced to install antivirus for linux. It is a waste for the most part but compliance is compliance.

  • @skelebro9999
    @skelebro9999 2 года назад +3

    I kinda like the editing of this video. The zoom in and out is pretty nice 👌

  • @leecowell8165
    @leecowell8165 3 месяца назад

    They have a virus checker. I ran it a few years ago and it found a lotta virus's too. But they were all attached to imported Window's files. Not much they can do without the PW. I isolated and deleted the files anyway.

  • @thesilentgeneration
    @thesilentgeneration 3 месяца назад

    Clam AV is not in the App center and I can't get it installed. I was able to install Clam TK, but I have no idea how to activate it on Linux. When I tried to activate it in terminal and something did load, but I never have seen the interface on my machine.

    • @westaus666
      @westaus666 3 месяца назад

      Using Mint, typed clam into software manager, it was 2nd, after clam tk

  • @Rbourk252
    @Rbourk252 2 года назад +1

    In the past I connected into a windows file system to get rid of infected files using Linux

  • @ZenithClarity
    @ZenithClarity 11 месяцев назад

    Im running Linux and a week ago every time i strt the system im getting around 10 notifications that are some type of virus or malware . So linux developers need to rethink not putting some type of protection in as standard.

  • @etopowertwon
    @etopowertwon 2 года назад +1

    I don't run AV mainly because I don't know a good one. (ClamAV doesn't cut it) I certainly would prefer to have AV that integrates with firefox and scans if site has sus javascript. For now I have to rely on uBlock blocklist only.
    Being Uncatchable Joe is not the best form of security.

  • @tiredideabox
    @tiredideabox Год назад +1

    Only wanted to know because i had a nightmare last night that somehow a windows virus ran on my linux mint distro using wine, started installing a bunch of windows 93 apps, and had really weird payloads that were a mishmash of every virus i know (solaris, wannacry, y.exe, youareanidiot, etc)
    thank god that won't happen.

  • @thekeymaker6692
    @thekeymaker6692 Месяц назад

    What I am wondering is when more people migrate to Linux would we then all need anti virus on linux

  • @bryanbearsley6227
    @bryanbearsley6227 2 года назад +1

    i really like linux. it is my first time using it. i didn't know what it was at first. but it has chrome on it and i like it. it kind of sucks you can't put an anti virus on it. but always watch where to go. my parents tell me that all the time. i am really starting to like linux a lot,. but i am still new at it

  • @moc2130
    @moc2130 Год назад +1

    Thanks, very informative and helpful!

  • @Milena-ix5mq
    @Milena-ix5mq 9 месяцев назад +1

    Does Ubuntu come with a built-in firewall?

  • @El.Duder-ino
    @El.Duder-ino Год назад +1

    Another excellent guide, thank you very much👍

  • @ollicron7397
    @ollicron7397 Год назад +3

    100% they absolutely should. It is a misconception that viruses are only related to Windows but now that viruses are targeting Linux based servers, it's becoming a thing to make Linux based viruses for databases that use Linux.
    The problem is there aren't any.

  • @milany08
    @milany08 2 года назад

    I am Decryption my file on fedora but when i use xdm download manager does not work say your file is protected for use

  • @jamesmackinnon6108
    @jamesmackinnon6108 Год назад +1

    Personally I like an av because viruses can infect you through wine, and I like my pirated games

  • @Wanderer2035
    @Wanderer2035 Год назад +1

    I would anyways. You always wanna make it harder for hackers to get into your system. With Linux it’s already really hard, but if you can add an extra wall of security to make it THAT much harder, why not?

  • @DylanMatthewTurner
    @DylanMatthewTurner 2 года назад +5

    Tbh I don't think an antivirus is needed on Windows either. Just don't be dumb

  • @JamesSmith-ix5jd
    @JamesSmith-ix5jd 2 года назад +1

    the first thing I do after installing windows is uprooting windows defender entirely.

  • @himankan
    @himankan 2 года назад +1

    What about uncomplicated firewall?

  • @PerpetualPreponderer
    @PerpetualPreponderer 2 года назад +2

    Could Linux users be vulnerable to malware created for macOS, due to the fact that both are essentially Unix systems?

    • @Anonymous4045
      @Anonymous4045 2 года назад +3

      Are all humans the same, since we all originated from Africa? No, mac and linux were originally based off Unix, since that was a popular and good os in that time. They've grown and evolved mostly separately. Mac binaries can't run on linux and vise versa. Of course the same source code can be compiled into the os specific binaries on both machines, but as far as downloading a file and running it, the binary needs to be formatted in a way specific to that os

    • @thetapheonix
      @thetapheonix 2 года назад +2

      No. Mac is Unix and Linux is Uninx-like. Basically, no.

    • @PerpetualPreponderer
      @PerpetualPreponderer 2 года назад +1

      @@Anonymous4045 well, all humans everywhere no matter how separately they evolved ended up pretty much equally susceptible to covid right?
      That said, the second part of your answer explains it perfectly. Basically any program compiled for macOS cannot run on Linux.
      Thanks :))

  • @CrustyAbsconder
    @CrustyAbsconder 2 года назад +1

    This comment is just a suggestion for a topic. I know you do not like to review Alpha releases. But some Alpha releases are very important. For example, Debian Bookworm. That is worthy of discussion. And talk about what you expect to happen by the time another release is published, such as what version of Qt.

  • @jakobw135
    @jakobw135 20 дней назад

    Can't a HARDWARE firewall conflict with a SOFTWARE one?

  • @pranze3484
    @pranze3484 2 года назад +1

    The only potential issue is password-less sudo for people who aren't very smart.

  • @emem666
    @emem666 2 года назад

    Windows is my main OS and first thing I do after install is to disable antivirus and firewall.

  • @anon_y_mousse
    @anon_y_mousse 2 года назад +1

    What? No final quip?

  • @RevJoyful
    @RevJoyful 4 месяца назад

    What's great is that the welcome screen takes users to enable wirefall AH!! firewall

  • @retrocomputeruser
    @retrocomputeruser Год назад

    Watching this on a Raspberry Pi 4 with Manjaro. All my computers run Linux with no AV installed and have been trouble free for over ten years. I have one hard drive with Win 10 installed just in case I need to run some software which won't run on Linux. Again, no AV installed because I have disabled the network drivers.

    • @anywaytechreview
      @anywaytechreview Год назад

      windows 10 already has build in anti virus software called windows defender

  • @masyola5280
    @masyola5280 Год назад

    The problem is i still need a linux software to delete windows viruses in my external Disk.

  • @mariavanrooyen3750
    @mariavanrooyen3750 Год назад

    When people hear I use Ubuntu since 2014, they think I some expert. Can't even install Sophos AV, too complicated.

  • @TúrósCsusza-o8j
    @TúrósCsusza-o8j 9 месяцев назад +10

    Nice T-shirt. Ubuntu is an Ancient African word meaning "I can't configure Debian."

    • @candyts-sj7zh
      @candyts-sj7zh 9 дней назад

      Debian is an old Greek work for, "I am too dumb for arch"