As some people have noted below, whilst the ClamAV free Linux antivirus application does not have a graphical interface, a program called ClamTK can be installed to provide one (just as GUFW adds a GUI to the UFW). Sorry I missed this. This said, note that ClamAV is no longer maintained, and cannot access all ClamAV functionality. But it is available to install in the Ubuntu and other software centers. And there is also another GUI called ClamAV-GUI . . . Also, whilst I'm here, please note that the opening bullet at 1:00 should read ". . . preventing unauthorized access", as the audio says. My apologies! The following slide headed "Preventing Unauthorized Access" from 1:43 is correct. :)
Just the video I needed. I recently switched all my home systems to Linux based systems. They are not eligible for an upgrade to Windows 11 and I was not going to replace perfectly fine hardware.
There are workarounds for installing windows 11 on older hardware. It just takes a lot of registry editing and it usually works. I installed it on a 12 year old laptop 😂
@TheCowboy4000 the caveat being the workarounds stop larger windows updates being installed like when a new major patch / service package of windows is pushed (like 22h2) you have to, in effect, re-install windows to update.... if you never do, your machine ends up being just as insecure as if left on windows 10. There is a risk that Microsoft might start implementing kernel updates that 'use' newer cpu instructions that are available on the cpus that Microsoft says it supports that dont exist on older CPUs and not have any level of backward emulation (why would they, in the eyes of Microsoft no one should have a windows 11 machine that doesn't have a supported CPU), this would not be bypass-able at all as this is a core hardware limitation of the older cpus (ie they can't run an assembly instruction that doesn't exist in their instruction set). All I'm saying is: yes its possible, and many have done it, BUT the caveats should always be stated when proposing it so people can make informed choices and not realise the potential negatives of an action when they do it.
I am a computer engineer and I work in scientific software. We normally use Apple as our workstation and Linux as our computing computers. During the pandemic, my MBP broke down, so I was forced to buy a PC while waiting for the M1. I installed Linux Mint on it, and guess what? I still use it today as my personal computer. I have bought more Macs for my daughter, who is studying sound engineering, and for her grandmother, because that's what she knows how to use. Today, I would only use Windows for gaming.
i love how everyone on the internet is pouring out their brain juice with so much passion. from experts sharing knowledge, to experts working hard on distros to make them more user and gaming friendly. it's like a collective loud NO to microsoft, and i just love it.
Microsoft: the biggest unintended supporter of Linux. There are governments already setting up plans or the groundwork to move their governments IT systems away from Microsoft Windows towards Linux, in part due to the moves of Microsoft. This artificial crisis created by Microsoft is also an incredible opportunity for the Linux community worldwide, and with wider adoption of desktop Linux will come a greater number of cybersecurity threats specific to Linux. Videos like these are basically ahead of the curve for some, and what many others already need.
I also recently installed linux in order to reduce M$ Windows time and use, but unfortunately it's still quite far away being able to fully throw away Windows as many software alas just aren't available for linux, which many of us require and want to use. However we can limit the use of Windows to only when we need it and the rest of the time use linux. Hoping for a day when all software developers will by default provide linux versions as well, but we are still a long way from that. Although more and more software are becoming available for linux and the more the users there are the more companies will start providing as well. M$ has just gone too far now with all the "AI", account forcing, data collecting and spying and getting their tentacles even in the hardware as well controlling people and their devices more as if they owned them instead of the people and more and more of this garbage is planned and coming. So it's time to at least reduce Windows use as much as possible and move to linux.
@-Mohogthis is actually what i personally did to some extent for over a year, but for sure for the past few months. I would recommend dual booting, if possible, from 2 separate physical drives (like 2 SSD's), but times are tough rn so for many, that's not an option. Main reason why i advise against dual booting on the same ssd is because Microsoft windows has a tendency to erase linux partitions if they are on the same drive. Still, it is better to dual boot that way than to simply stick with windows. Im fortunate enough to have a laptop with 2 SSD slots and a spare ssd when i got my laptop. A lot of the issues of software compatibility though can be addressed either by switching to a linux open source alternative, using wine or proton as a compatibility layer, or if you have a pc strong enough, running windows on a Virtual machine inside linux just for those programs. Ultimately it is better to start the transition small than to stick with windows, because that OS just keeps getting so much worse in multiple different ways. Also if you decide to go the VM route, you can buy a windows key online from a key reseller for a fraction of the price that you would get if you bought it directly from Microsoft. Microsoft doesnt deserve a cent if they are gonna fill the OS with adware, spyware and AI anyway.
Welcome to the channel. That is what makes Mr Christopher unique among RUclips tech educators, his demeanor and calmness and at times his excitement makes us coming back for more.
Outstanding content, Chris. As a retired information security consultant, the last bullet (user behavior) was found to be the main security threat at the desktop, mainframe, and network levels. In software and social engineering white hat attacks, user behavior accounted for the majority of security vulnerabilities.
Absolutely. I'm retired now after 20 years as a Database Admin. Thankfully the company realised that the guy responsible for multi-terabyte databases should probably be out of the regular command structure. i.e, should have the ability to say NO more often than YES to anyone.
I just bought a 'cheap' windows laptop (£179) and put Linux Mint on it. It boots and runs faster than my 'high spec' windows desktop without having to deal with an account or annoying pop-up adverts etc.
Remember, if you have any very low spec hardware - check out Linux Mint Debian Edition which made a massive difference with my Netbook and old tower PC from 2010 era when compared to classic Mint. It's more stable because of debian base but because of that it won't have a lot of feature updates due to Debian philosophy of going the stable way instead of rolling release. LMDE is a backup plan for the case of Canonical going crazy with their (proprietary) package system.
Im a more experienced Linux user in that ive used linux on servers for years, but with Microsoft killing windows 10 and forcing me to use windows 11, a paid OS that sends telemetry data to Microsoft, has ads everywhere and installs applications I never asked for by default (I know W10 did the same thing, but it was much less egregious. That said, having apps like candy crush saga randomly appear on my start menu well after OS install was really frustrating for me.) I made the switch to using desktop Linux. This is a great video that clearly lays out some very good tips on Linux security and is a good reminder to even the more experienced users. Great Job!
My big reason for avoiding 11 was "Recall". I'm not using an OS that has such blatant 'spyware' on it, and does everything it possible can to prevent you from using a LOCAL account.
@beakingsman777 Im currently running Linux Mint as it is simple and easy to use; most things just work. I like tinkering with computers, but when it comes to my main machine, I want it to just work
What a wonderful and extremely helpful guide. And even this old techy who's been in IT for donkey's years learned something - the firewall in Mint is off by default. I switched to Mint from Windows over a year ago and just assumed it was enabled! Needless to say it has now been turned on. Thanks Chris, you're a treasure.
Does Enabling MINT firewall require any configuration to allow file sharing to continue working on the local LAN (e.g. SMB, etc)? That's one big thing I noticed with a MINT install. All my shares and printer are available. Other distros do too, but LM does which makes it a go to Linux. Not to mention media support.
@spacecadet4876 No it should behave similar to Windows. Outbound traffic is allowed through along with any received data from those requests. You only need to configure the firewall if you need to open ports on a server. A server responds to requests and doesn't make the request so without opening the port, the firewall will stop the access. In general you normally don't open ports on the desktop system, but for servers most likely need to configure open ports. I haven't come across a Linux distro that automatically enables the firewall.
WOW, an absolute perfect video to send out to my Linux Mint customers. You answer every question they ever have for me!!! You are truly the reason I make an appointment to watch your videos every Sunday Morning. I learn something new or extremely helpful on a weekly basis!! This one is getting shared to dozens of my Mint customers. Cheers Dr. Barnatt!!
Greetings from across the pond near Albuquerque, New Mexico, USA. What a super-max-groovy channel. Can't help but agree with all positive comments about subject matter and presentation skills, and all of this every Sunday. Thanks for all the hard work you do. 🙂
Thanks for your support and kind feedback. I was very concerned about the tone and level of detail to include in this video -- so much so that exported a final version, and then completely re-edited it!. So it's great to get the positive comments.
I wish I had you in my CS classes back then. First, a british accent is always a win, second, your teaching is incredibly motivating and paced on point. Thank you so much for your content!
Very useful video indeed, thank you, as our household laptops are switching to linux these days. Sorry microsoft, you guys went too far ignoring our wishes and annoying us with ads.
I’d like to point something out here. This is fabulous advice for most users. However, the problem I have with it is, it doesn’t have a discussion around threat models. Yes, desktop Linux viruses are rare. But, if you’re someone who is being targeted for whatever reason (journalist/activist etc) PLEASE don’t think this rarity gives you protection. It doesn’t. As someone who has been the target of a cyberstalker for many years, the threat model and how you protect yourself is very different to the standard ‘don’t worry, Linux never gets targeted’ advice. Peace.
small typo on first slide, first sentence: "Computer security is concerned with preventing data loss, and preventing authorized access" if we prevent authorized access everyone is a hacker ☺️ Is that the famous British humor that we always laugh about here in Germany? 😅 love your videos ❤ keep up the good work
I’ve asked for such a video before so thanks for this. With Windows 10 becoming unsupported very soon I think there will be quite a few people trying Linux on laptops that cannot be upgraded to Win11, and this kind of video will help them understand Linux security better.
Thanks. There have been many requests for this video, and as you say there are lot of new Linux users out there at the moment. I hope that this video helps to get a lot of firewalls turned on! :)
I am the “in-law” in the home I helped my son and his family get into. At first our options were DSL or Cable internet. At the time DSL was all I needed to SSH into our hosts at the regional ISP I worked at. Then when it became available switched to a 500/500 fiber connection, which is now with ziply fiber. Did this because grandson started gaming on the Internet, and both sides of the house moved to streaming services for our entertainment. Only issues was in getting them to install fiber as our address did not show that we qualified for it. Even with every house around us were shown as being able to get the service. Had to get to the Engineering department to go over this with them, and they finally found what the problem was. Even though they had put copper to the resident, they did not show my section as being connected to the network. After they found this mistake, they were able to pull the fiber to the house.
More people need to watch this. Some Linux distros like Arch are more of a DIY than say Fedora or Ubuntu, not even the firewall is turn on by default. Also dont worry about the different distros. 99.9% are systemd anyway, it's the same on and off switch.
I am about to install Linux Mint on an old Windows 10 desktop and appreciate your clear explanations for making things secure. I am mainly an end user who is not afraid to troubleshoot, so am looking at making an elderly friend's 10 yo Windows 10 machine usable and more secure rather than having to buy a new computer. Automating updates is a must have for someone like her, and this is the first time I've seen it mentioned. Thank you for taking the time to address issues that are important to people who use computers as tools to accomplish tasks rather than as gaming devices.
As usual, excellent. Perhaps worth pointing out that, when newly installed, Mint prompts with its Welcome screen to set up Snapshots and the Firewall. When we're welcoming people taking the path to freedom (follow the green brick road), perhaps we should explicitly tell them to use the Welcome screen, and do everything it suggests: this is Linux, and you can trust the defaults to be in the user's best interest.
Thank you for explaining a very important issue. I’m a MS user for 35 years and are strongly considering going over Linux , Ubuntu to be exact. I’m tired and mad at ms for the tpm2 requirement and lack of support for win10. Antivirus is very important to me and your information is very helpful. Thank you 🙏
Great timing and great content as always, thank you so much! 😊 Just moved several computers to Linux Mint, using most measures you describe, but I still learned a few new things! Keep this type of content coming, I'm sure lots of new Linux users will find it helpful! 👍🏻
Yeah I had a hard drive die on me last week. It wasn't fully backed up but what I lost was just a nuisance rather than a disaster. Plus it was literally today that I enabled the firewall on my server and added the rules needed to get my services running again.
Quite a good video for newbies. A few simple rules to add:- Learn to harden and recompile your running kernel. That is a critical skill. Do not install any closed source software. Stay away from all and any Distros that have jumped on the systemd (IBM/Micro$oft) bandwagon, it's a huge risk
Just what I needed! I've signed up to help my father transition to mint from win10, and he was nervous about the lack of antivirus. Thanks to this video, I now know of an AV solution I can recommend to him and have a canonical source that AV is probably not needed! I already knew about the security update management and firewall, but it's still useful to have confirmation that I wasn't missing anything important with those :)
Greetings from Mexico. As many here in the comments, my other machines that run fine with W10 are at risk thanks to the decision from Windows. I'll start by installing Mint in a laptop to get myself comfortable and configure the security-related features with this video. 👌
Very sensible advice, as always. Thank you! When installing Linux, I poked around through all the settings and found and enabled the firewall, but I don't think everyone would have the patience. :)
My new pc will be complete next Monday. Starting with 2 hard drives, one for windows and one for linux to test the waters, and eventually switch to linux permanently. Thank you for your help and effort sir.
As a Linux Mint user, I dislike complex and difficult explanations. EC is always clear and understandable for anyone working with the Linux desktop. I find myself automatically returning to EC whenever I want to learn something clear and concise about Linux. Thank you, Mr. from EC.😎
Thanks for another great and informative video. A tiny error that you may have found out about is at 1:09, in the first written paragraph: "authorized" should be "unauthorized". The voice-over is correct. Thanks again ❤
I just switched to Linux myself and am trying out Ubuntu now before trying mint and others, this video was a big help especially with showing different distros much appreciated
Christopher's point about Veracrypt (container encryption or drive encryption) is REALLY REALLYI important. If your laptop is stolen, "borrowed" or taken in for repair the likelihood of people having a hunt through your files is remarkably higher than most expect; I've heard of technicians or colleagues looking for embarrassing photos, memes, movies, music, etc. Generally speaking - the person looking through your files sees it as a MUCH lesser crime than you would finding out they'd done so; this is ALWAYS the case. Veracrypt lets you create a giant file that the system turns into a "disk" of its own and everything you put on there is encrypted, it's like working out of a properly secured filing cabinet. As soon as you shut down that "disk" is "dismounted" - a bit like unplugging a USB stick. To open it again they must provide the password (you can also tie access to the presence of a selected file, a bit like using a file as a key) - you can do both as well (so someone must have the special file and the the password to get in). Always assume your personal files are sensitive - even if you don't think they are I guarantee you haven't sat and thought about nefarious ways to use them as much as someone trying to access them, even things you think are entirely innocent like photos are important to secure. A photo you took at a party 3 months ago could become suddenly hugely problematic later on for reasons you'd never have expected; by encrypting everything you're guarding against what you can't forsee and imagine. You can also encrypt entire drives (and even the boot drive) but this is a little messier. Veracrypt is actually freeware (costs nothing) and Christopher has a video on how to use and install it; you can get it from veracrypt.io/en/Downloads.html If you have a laptop you take out and about with you - it's an essential additional protection. Also great for using on USB sticks and portable drives too.
Great advice. Agree that Veracrypt, which replaced TrueCrypt a few years ago, is a great way to go for encrypting files. Easy to use. Highly recommended.
Photo's at parties...... they are always great on the web.... "Linked In", Facebook or where ever.... Apply for a job.....2 weeks later the referee checks and Web searches about you come in. Do you think you are going to get that important phone call...... nope. OH, it's there for ever.... didn't you know that..... ??
@colonelfustercluck486that you can't necessarily control all wider tagging of photos online isn't a reason to forgo security and containment procedures for your data; that'd be like leaving your front door open because someone can see in a window. Security is about mitigation and containment and risk minimisation through surface restriction, there will be elements you can't control but you can always de-link tagging and even run cycles of searches for your details online (some AI engines are being used for this now as well). You need to perform this in sweeps and cycles.
I've been using various Linux distros for over 20 years and never had any problems Linux is far better than Windows for everything as far as I'm concerned.
Love the text at 1:10 "Computer security is concerned with. . . preventing authorised access". Quite like a BIOS here on one PC "Advanced Settings: Warning! A wrong parameter may cause the system to function". I reckon the man in Taïwan wrote it deliberately to make us techhies laugh.
I salute your concise and easy to follow guidance.. having watch several of you're posts, the way forward seems like winding the clock back MS XP days.. thank you!
Immutable distros are another option for security. Core OS components are stored on a read-only partition that only gets updated when the entire OS is (new release). I'm not sure how effective it is against external threats, but it does prevent users from mucking about with stuff like the kernel.
Thank you for all this useful advice. I'm changing from windows to Linux. So I need to learn more about how to manage security in these new operative systems. I'm mainly concerned about what antivirus or antimalware to install, I'll keep researching that topic.
Never a more appropriate time with windows 10 ending and windows 11 requiring hardware from no older than 8 years ago (TMP 2.0 was standard on Intel 8th gen, released 2017)
This is really helpful! I'm really new to Linux and I've been using Mint for a month now. Tried distro hopping but ended up staying with Mint. Thanks for this!
This is a particularly good video with excellent demonstrations. Lots of good information was presented in a well organized fashion. It had the tone of a class, but that is fine with me because he is a fast presenter who doesn't waste our time.
For security It's important to verify a Linux distro download, I always use the sha256 sum & gpg sum to make sure it hasn't been corrupted or malicious code added!
But how do you know that the hash is legitimate? People will usually use a hash from the same source as the iso file. Besides, this is also valid for gpg keys, since you don't know if they truly belong to the developer.
Because people like this see SHA256, not understand what a hash is and then go “oh, they put the hash on the same page as the download link, this is legitimate”
@tablettablete186 that all goes back to using a trusted source. I torrent images but get hash keys from official sites. Mostly I'm checking to make sure there was no download error.
Thanks EC - as always, very much 'on message' and clearly explained (and without a disco blaring out in the background as with so many other channels!). With the probable growth in Linux usage as people switch from Windows, malware is going to become more and more of an issue and Linux isn't going to be able to hide behind 'security through obscurity' for much longer; as such, your video is a welcome and timely wake-up call.
I have a 2012 Mac Mini running Linux Mint 22 as my main desktop. I also have an older MacBook running Monterey I use for 2 specific apps. I like both , but I’m really impressed with Mint and how well it runs on older hardware. Actually Mint runs better on the Mini than either MacOS or Windows 10, and W10 runs pretty good.
Thanks for this. Your videos are engaging to watch. There is always something new to learn, in just the right amount of detail. And the retro style rocks!
@ExplaingComputers: The "... preventing authorized access" vs "...preventing unauthorized access" was a perfect check if everybody was being with you on both audio and visual ... 🤣😂🤣😁 ... SCNR As always: Very well prepared with lots of vital hints ! 🙏🙏🙏 Thank you very much, Christopher !!!
just choose one of the O/S's that were mentioned in this video..... and Debian and Fedora> All of them are great, safe O/S's. All are open source. No telemetry or spying. Being open source means that people from around the world can see what is these programs.... if anyone starts to try to insert malware, it is discovered and corrected so fast, it would make your head spin. A five yr Linux Mint User..... and I also don't use anti-virus and malware programs......... and I have never had a problem like that since changing to linux. It just works. There can be issues, but bare with it, and search on Google or check in with the forum for your O/S.... many helpful and generous people there who will help you out debugging or explaining how things work. There are comments on some web pages that Linux users are all 'snarky' or difficult or obnoxious or up themselves...... But I have never, so far, in my 5 yrs using Linux, experienced this. If I asked a question I got a considered and reasonable answer. Just fully describe your problem and miracles happen. It's a good community from my experience.
great content, as always. Especially with Linux systems, it is very easy to get appropriate security in place (and it doesnt impact the system as negatively as it does on other commercial platforms). The only think I[d suggest as a change is the advice for "sudo" - only give sudo to those that absolutely need it, and that you trust. (E.g. household members, children, etc likely do not need sudo!). The advice on user behavior is excellent! I just wish that my bank and the like would _stop_ sending me links to click 😞
![100 Days - [Hardcore Herdcraft]](http://i.ytimg.com/vi/pdJodaIFklg/mqdefault.jpg)
![Hardnard - Butta B (Official Music Video) [Dir By Kharkee]](http://i.ytimg.com/vi/W3EDlWKUnw4/mqdefault.jpg)
As some people have noted below, whilst the ClamAV free Linux antivirus application does not have a graphical interface, a program called ClamTK can be installed to provide one (just as GUFW adds a GUI to the UFW). Sorry I missed this. This said, note that ClamAV is no longer maintained, and cannot access all ClamAV functionality. But it is available to install in the Ubuntu and other software centers. And there is also another GUI called ClamAV-GUI . . .
Also, whilst I'm here, please note that the opening bullet at 1:00 should read ". . . preventing unauthorized access", as the audio says. My apologies! The following slide headed "Preventing Unauthorized Access" from 1:43 is correct. :)
My advice: "sudo apt-get install clamav clamtk" that way you have all you need. ^^
My problem with Clamav was updating virus database can you show us how that can be done.
Wait, is ClamAV or ClamTK unmaintained?
Can you recommend an encryption app for home users?
@JerryDX It's ClamTk that's no longer maintained. Last update dating to last year.
Just the video I needed. I recently switched all my home systems to Linux based systems. They are not eligible for an upgrade to Windows 11 and I was not going to replace perfectly fine hardware.
There are workarounds for installing windows 11 on older hardware. It just takes a lot of registry editing and it usually works. I installed it on a 12 year old laptop 😂
@TheCowboy4000 the caveat being the workarounds stop larger windows updates being installed like when a new major patch / service package of windows is pushed (like 22h2) you have to, in effect, re-install windows to update.... if you never do, your machine ends up being just as insecure as if left on windows 10.
There is a risk that Microsoft might start implementing kernel updates that 'use' newer cpu instructions that are available on the cpus that Microsoft says it supports that dont exist on older CPUs and not have any level of backward emulation (why would they, in the eyes of Microsoft no one should have a windows 11 machine that doesn't have a supported CPU), this would not be bypass-able at all as this is a core hardware limitation of the older cpus (ie they can't run an assembly instruction that doesn't exist in their instruction set).
All I'm saying is: yes its possible, and many have done it, BUT the caveats should always be stated when proposing it so people can make informed choices and not realise the potential negatives of an action when they do it.
@TheCowboy4000 What about Tiny11?
I am a computer engineer and I work in scientific software. We normally use Apple as our workstation and Linux as our computing computers.
During the pandemic, my MBP broke down, so I was forced to buy a PC while waiting for the M1.
I installed Linux Mint on it, and guess what? I still use it today as my personal computer. I have bought more Macs for my daughter, who is studying sound engineering, and for her grandmother, because that's what she knows how to use.
Today, I would only use Windows for gaming.
Welcome aboard! Hope you are having a good time with whatever distro you choose.
i love how everyone on the internet is pouring out their brain juice with so much passion. from experts sharing knowledge, to experts working hard on distros to make them more user and gaming friendly. it's like a collective loud NO to microsoft, and i just love it.
Yes, we are certainly witness to a Linux wave . . . :)
This is why I'm here. After over a year with a steam deck I'm taking the plunge to turn my office PC to Linux.
Microsoft: the biggest unintended supporter of Linux. There are governments already setting up plans or the groundwork to move their governments IT systems away from Microsoft Windows towards Linux, in part due to the moves of Microsoft. This artificial crisis created by Microsoft is also an incredible opportunity for the Linux community worldwide, and with wider adoption of desktop Linux will come a greater number of cybersecurity threats specific to Linux. Videos like these are basically ahead of the curve for some, and what many others already need.
I also recently installed linux in order to reduce M$ Windows time and use, but unfortunately it's still quite far away being able to fully throw away Windows as many software alas just aren't available for linux, which many of us require and want to use. However we can limit the use of Windows to only when we need it and the rest of the time use linux. Hoping for a day when all software developers will by default provide linux versions as well, but we are still a long way from that. Although more and more software are becoming available for linux and the more the users there are the more companies will start providing as well. M$ has just gone too far now with all the "AI", account forcing, data collecting and spying and getting their tentacles even in the hardware as well controlling people and their devices more as if they owned them instead of the people and more and more of this garbage is planned and coming. So it's time to at least reduce Windows use as much as possible and move to linux.
@-Mohogthis is actually what i personally did to some extent for over a year, but for sure for the past few months. I would recommend dual booting, if possible, from 2 separate physical drives (like 2 SSD's), but times are tough rn so for many, that's not an option. Main reason why i advise against dual booting on the same ssd is because Microsoft windows has a tendency to erase linux partitions if they are on the same drive. Still, it is better to dual boot that way than to simply stick with windows. Im fortunate enough to have a laptop with 2 SSD slots and a spare ssd when i got my laptop. A lot of the issues of software compatibility though can be addressed either by switching to a linux open source alternative, using wine or proton as a compatibility layer, or if you have a pc strong enough, running windows on a Virtual machine inside linux just for those programs. Ultimately it is better to start the transition small than to stick with windows, because that OS just keeps getting so much worse in multiple different ways. Also if you decide to go the VM route, you can buy a windows key online from a key reseller for a fraction of the price that you would get if you bought it directly from Microsoft. Microsoft doesnt deserve a cent if they are gonna fill the OS with adware, spyware and AI anyway.
Seriously, your writing and production is so high level. This could be a BBC program.
Thanks for your kind feedback, much appreciated. :)
It seems your new to this Computer Science RUclips channel. Christopher is the Mentor when it comes to computers 😊😊
BBC programme
Yes like high quality 90s educational shows.
Don't disrespect him by comparing him to a commie terrorist network like bbc
Seems like a 70s time traveler went to 2025, researched Linux, went to the 90s, recorded the video, and scheduled the release. 😳
And it great!
I love everything about this video. The way of presenting, the little animations, and the information itself. 10/10
Wasn't that Doctor Who?
@crummymudd8625 Christopher Barnatt is a Time Lord?
Welcome to the channel.
That is what makes Mr Christopher unique among RUclips tech educators, his demeanor and calmness and at times his excitement makes us coming back for more.
Your ability to simplify concepts is remarkable, much appreciated
I really enjoy his very clear speech which is easy to follow for non native English speaker. He has a gift as a teacher.
This channel proves true mastery is explaining complex things in simple terms.
Outstanding content, Chris. As a retired information security consultant, the last bullet (user behavior) was found to be the main security threat at the desktop, mainframe, and network levels. In software and social engineering white hat attacks, user behavior accounted for the majority of security vulnerabilities.
PEBKAC, as usual.
The dreaded I D Ten T error.
Absolutely. I'm retired now after 20 years as a Database Admin. Thankfully the company realised that the guy responsible for multi-terabyte databases should probably be out of the regular command structure. i.e, should have the ability to say NO more often than YES to anyone.
PICNIC
I just bought a 'cheap' windows laptop (£179) and put Linux Mint on it. It boots and runs faster than my 'high spec' windows desktop without having to deal with an account or annoying pop-up adverts etc.
Cool.
Remember, if you have any very low spec hardware - check out Linux Mint Debian Edition which made a massive difference with my Netbook and old tower PC from 2010 era when compared to classic Mint.
It's more stable because of debian base but because of that it won't have a lot of feature updates due to Debian philosophy of going the stable way instead of rolling release.
LMDE is a backup plan for the case of Canonical going crazy with their (proprietary) package system.
My 15 year old linux laptop runs better than my windows desktop did... So I switched that too!
Me too...
Microsoft: "Resistance is useless. You will be assimilated!"
Linux: "Aw, that's cute when you pout, Microsofty!"
Very pertinent considering the number of folks jumping over this month
Linux Mint saved my Asus Vivobook’s life.
Im a more experienced Linux user in that ive used linux on servers for years, but with Microsoft killing windows 10 and forcing me to use windows 11, a paid OS that sends telemetry data to Microsoft, has ads everywhere and installs applications I never asked for by default (I know W10 did the same thing, but it was much less egregious. That said, having apps like candy crush saga randomly appear on my start menu well after OS install was really frustrating for me.) I made the switch to using desktop Linux. This is a great video that clearly lays out some very good tips on Linux security and is a good reminder to even the more experienced users. Great Job!
My big reason for avoiding 11 was "Recall". I'm not using an OS that has such blatant 'spyware' on it, and does everything it possible can to prevent you from using a LOCAL account.
For real!
Which Linux OS did you choose for your primary driver, and what do you like best about it?
@beakingsman777 Im currently running Linux Mint as it is simple and easy to use; most things just work. I like tinkering with computers, but when it comes to my main machine, I want it to just work
What a wonderful and extremely helpful guide. And even this old techy who's been in IT for donkey's years learned something - the firewall in Mint is off by default. I switched to Mint from Windows over a year ago and just assumed it was enabled! Needless to say it has now been turned on. Thanks Chris, you're a treasure.
You're old enough to not assume something in IT.
Yes, I would have assumed the same.
To be honest I have never bothered with desktop firewalls: my router has all that stuff.
Does Enabling MINT firewall require any configuration to allow file sharing to continue working on the local LAN (e.g. SMB, etc)?
That's one big thing I noticed with a MINT install. All my shares and printer are available. Other distros do too, but LM does which makes it a go to Linux. Not to mention media support.
@spacecadet4876 No it should behave similar to Windows. Outbound traffic is allowed through along with any received data from those requests. You only need to configure the firewall if you need to open ports on a server. A server responds to requests and doesn't make the request so without opening the port, the firewall will stop the access. In general you normally don't open ports on the desktop system, but for servers most likely need to configure open ports.
I haven't come across a Linux distro that automatically enables the firewall.
Thanks, Chris. As more and more users are abandoning the proprietary OSs we need to help them when we can. You are right on task.
WOW, an absolute perfect video to send out to my Linux Mint customers. You answer every question they ever have for me!!! You are truly the reason I make an appointment to watch your videos every Sunday Morning. I learn something new or extremely helpful on a weekly basis!! This one is getting shared to dozens of my Mint customers. Cheers Dr. Barnatt!!
Thanks for this, most appreciated.
Greetings from across the pond near Albuquerque, New Mexico, USA. What a super-max-groovy channel. Can't help but agree with all positive comments about subject matter and presentation skills, and all of this every Sunday. Thanks for all the hard work you do. 🙂
Thanks for your support and kind feedback. I was very concerned about the tone and level of detail to include in this video -- so much so that exported a final version, and then completely re-edited it!. So it's great to get the positive comments.
@ExplainingComputersyou've got it just right, thank you.
30% for RUclips
Soon, we've planned a Linux install day for Windows 10 users. This video will be of great help.
Very useful information. I didn’t know about the firewall in Linux, now I do.
Been in the industry for a good while and as soon as I saw the video opening I knew this guy is the real deal
I wish I had you in my CS classes back then. First, a british accent is always a win, second, your teaching is incredibly motivating and paced on point. Thank you so much for your content!
Very useful video indeed, thank you, as our household laptops are switching to linux these days.
Sorry microsoft, you guys went too far ignoring our wishes and annoying us with ads.
Good luck with Linux on your laptops. You are not alone! :)
I’d like to point something out here. This is fabulous advice for most users. However, the problem I have with it is, it doesn’t have a discussion around threat models. Yes, desktop Linux viruses are rare. But, if you’re someone who is being targeted for whatever reason (journalist/activist etc) PLEASE don’t think this rarity gives you protection. It doesn’t. As someone who has been the target of a cyberstalker for many years, the threat model and how you protect yourself is very different to the standard ‘don’t worry, Linux never gets targeted’ advice. Peace.
Always good to review security practices, even when you think you know it already.
Hello guys 🤗! Another Linux video on the channel, yay 😊.
Switched completely to linux a week ago. Never going back. Thanks for great vid.
small typo on first slide, first sentence:
"Computer security is concerned with preventing data loss, and preventing authorized access"
if we prevent authorized access everyone is a hacker ☺️
Is that the famous British humor that we always laugh about here in Germany? 😅
love your videos ❤ keep up the good work
I’ve asked for such a video before so thanks for this. With Windows 10 becoming unsupported very soon I think there will be quite a few people trying Linux on laptops that cannot be upgraded to Win11, and this kind of video will help them understand Linux security better.
Thanks. There have been many requests for this video, and as you say there are lot of new Linux users out there at the moment. I hope that this video helps to get a lot of firewalls turned on! :)
Also, for home networks make sure your WiFi router is configured correctly and the firmware is up to date
new video from EC! Let's goooo!
I am the “in-law” in the home I helped my son and his family get into. At first our options were DSL or Cable internet. At the time DSL was all I needed to SSH into our hosts at the regional ISP I worked at.
Then when it became available switched to a 500/500 fiber connection, which is now with ziply fiber. Did this because grandson started gaming on the Internet, and both sides of the house moved to streaming services for our entertainment.
Only issues was in getting them to install fiber as our address did not show that we qualified for it. Even with every house around us were shown as being able to get the service. Had to get to the Engineering department to go over this with them, and they finally found what the problem was. Even though they had put copper to the resident, they did not show my section as being connected to the network. After they found this mistake, they were able to pull the fiber to the house.
More people need to watch this. Some Linux distros like Arch are more of a DIY than say Fedora or Ubuntu, not even the firewall is turn on by default.
Also dont worry about the different distros. 99.9% are systemd anyway, it's the same on and off switch.
I am about to install Linux Mint on an old Windows 10 desktop and appreciate your clear explanations for making things secure. I am mainly an end user who is not afraid to troubleshoot, so am looking at making an elderly friend's 10 yo Windows 10 machine usable and more secure rather than having to buy a new computer. Automating updates is a must have for someone like her, and this is the first time I've seen it mentioned. Thank you for taking the time to address issues that are important to people who use computers as tools to accomplish tasks rather than as gaming devices.
As usual, excellent. Perhaps worth pointing out that, when newly installed, Mint prompts with its Welcome screen to set up Snapshots and the Firewall. When we're welcoming people taking the path to freedom (follow the green brick road), perhaps we should explicitly tell them to use the Welcome screen, and do everything it suggests: this is Linux, and you can trust the defaults to be in the user's best interest.
Good advice! :)
Thank you for explaining a very important issue. I’m a MS user for 35 years and are strongly considering going over Linux , Ubuntu to be exact. I’m tired and mad at ms for the tpm2 requirement and lack of support for win10. Antivirus is very important to me and your information is very helpful. Thank you 🙏
Happy cyber-awareness month !
sudo actually stands for "substitute user do", because sudo can be used to run a command as any user.
Outstanding video.
I am moving to Linux soon as win 10 is now toast.
Thank you so much. As a newbie 50’s something old timer, I find you videos very helpful and informative.
Great timing and great content as always, thank you so much! 😊 Just moved several computers to Linux Mint, using most measures you describe, but I still learned a few new things! Keep this type of content coming, I'm sure lots of new Linux users will find it helpful! 👍🏻
Thanks for your support, most appreciated. :)
Hope to see your cyberdeck project video soon
Yeah I had a hard drive die on me last week. It wasn't fully backed up but what I lost was just a nuisance rather than a disaster. Plus it was literally today that I enabled the firewall on my server and added the rules needed to get my services running again.
Quite a good video for newbies.
A few simple rules to add:-
Learn to harden and recompile your running kernel. That is a critical skill.
Do not install any closed source software.
Stay away from all and any Distros that have jumped on the systemd (IBM/Micro$oft) bandwagon, it's a huge risk
Two of my favorite topics in one. ❤
Just what I needed! I've signed up to help my father transition to mint from win10, and he was nervous about the lack of antivirus. Thanks to this video, I now know of an AV solution I can recommend to him and have a canonical source that AV is probably not needed!
I already knew about the security update management and firewall, but it's still useful to have confirmation that I wasn't missing anything important with those :)
Very useful for the future when I finally bite the bullet and move to Linux ( probably next year).
Thank you. I’m transferring to Linux soon as my laptop won’t take Windows 11. So glad I found your channel. It’s making me feel more confident.
Always makes my Sundays complete when the new EC video drops
Greetings from Mexico. As many here in the comments, my other machines that run fine with W10 are at risk thanks to the decision from Windows. I'll start by installing Mint in a laptop to get myself comfortable and configure the security-related features with this video. 👌
Very sensible advice, as always. Thank you!
When installing Linux, I poked around through all the settings and found and enabled the firewall, but I don't think everyone would have the patience. :)
My new pc will be complete next Monday. Starting with 2 hard drives, one for windows and one for linux to test the waters, and eventually switch to linux permanently. Thank you for your help and effort sir.
Good information in this Video. Any standard Linux user should watch this Video.
As a Linux Mint user, I dislike complex and difficult explanations. EC is always clear and understandable for anyone working with the Linux desktop. I find myself automatically returning to EC whenever I want to learn something clear and concise about Linux. Thank you, Mr. from EC.😎
Thanks for another great and informative video.
A tiny error that you may have found out about is at 1:09, in the first written paragraph: "authorized" should be "unauthorized". The voice-over is correct.
Thanks again ❤
I just switched to Linux myself and am trying out Ubuntu now before trying mint and others, this video was a big help especially with showing different distros much appreciated
Christopher's point about Veracrypt (container encryption or drive encryption) is REALLY REALLYI important. If your laptop is stolen, "borrowed" or taken in for repair the likelihood of people having a hunt through your files is remarkably higher than most expect; I've heard of technicians or colleagues looking for embarrassing photos, memes, movies, music, etc.
Generally speaking - the person looking through your files sees it as a MUCH lesser crime than you would finding out they'd done so; this is ALWAYS the case.
Veracrypt lets you create a giant file that the system turns into a "disk" of its own and everything you put on there is encrypted, it's like working out of a properly secured filing cabinet. As soon as you shut down that "disk" is "dismounted" - a bit like unplugging a USB stick. To open it again they must provide the password (you can also tie access to the presence of a selected file, a bit like using a file as a key) - you can do both as well (so someone must have the special file and the the password to get in).
Always assume your personal files are sensitive - even if you don't think they are I guarantee you haven't sat and thought about nefarious ways to use them as much as someone trying to access them, even things you think are entirely innocent like photos are important to secure. A photo you took at a party 3 months ago could become suddenly hugely problematic later on for reasons you'd never have expected; by encrypting everything you're guarding against what you can't forsee and imagine. You can also encrypt entire drives (and even the boot drive) but this is a little messier.
Veracrypt is actually freeware (costs nothing) and Christopher has a video on how to use and install it; you can get it from veracrypt.io/en/Downloads.html
If you have a laptop you take out and about with you - it's an essential additional protection. Also great for using on USB sticks and portable drives too.
Great advice. Agree that Veracrypt, which replaced TrueCrypt a few years ago, is a great way to go for encrypting files. Easy to use. Highly recommended.
Photo's at parties...... they are always great on the web.... "Linked In", Facebook or where ever....
Apply for a job.....2 weeks later the referee checks and Web searches about you come in. Do you think you are going to get that important phone call...... nope.
OH, it's there for ever.... didn't you know that..... ??
@colonelfustercluck486that you can't necessarily control all wider tagging of photos online isn't a reason to forgo security and containment procedures for your data; that'd be like leaving your front door open because someone can see in a window. Security is about mitigation and containment and risk minimisation through surface restriction, there will be elements you can't control but you can always de-link tagging and even run cycles of searches for your details online (some AI engines are being used for this now as well). You need to perform this in sweeps and cycles.
Thank you. This information makes the desire to switch to Linux much greater.
Love the Linux content. I recently dropped Windows 11 for Mint Linux 22 and not looking back.
I've been using various Linux distros for over 20 years and never had any problems
Linux is far better than Windows for everything as far as I'm concerned.
Thanks for pointing out veracrypt. I was looking for a good file encrytion app on Linux.
Love the text at 1:10 "Computer security is concerned with. . . preventing authorised access". Quite like a BIOS here on one PC "Advanced Settings: Warning! A wrong parameter may cause the system to function". I reckon the man in Taïwan wrote it deliberately to make us techhies laugh.
I salute your concise and easy to follow guidance.. having watch several of you're posts, the way forward seems like winding the clock back MS XP days.. thank you!
thanks, this is really helpful to a novice user like me
Excellent video Chris! Well done! Excellent timing too, now when more and more people making the jump because of Windows 10 ending.
As always, clear, professionally structured and well presented information!
Immutable distros are another option for security. Core OS components are stored on a read-only partition that only gets updated when the entire OS is (new release). I'm not sure how effective it is against external threats, but it does prevent users from mucking about with stuff like the kernel.
Thank you very much! I was hesitant about switching to Linux because I was worried about security, but your video made everything very clear!
You're the greatest computer teacher i've seen on RUclips.
Thanks. :)
Thank you for all this useful advice. I'm changing from windows to Linux. So I need to learn more about how to manage security in these new operative systems.
I'm mainly concerned about what antivirus or antimalware to install, I'll keep researching that topic.
Super excellent video Chris!
*Windows 10 dies
"So let me tell you about safety on Linux..."
This is a wonderful topic. Many of us Linux users have a vague idea about Linux security. This video clarifies many concepts about this topic.
Would love to see a follow-up video with more details 😊
Never a more appropriate time with windows 10 ending and windows 11 requiring hardware from no older than 8 years ago (TMP 2.0 was standard on Intel 8th gen, released 2017)
This is really helpful! I'm really new to Linux and I've been using Mint for a month now. Tried distro hopping but ended up staying with Mint. Thanks for this!
Fantastic video this one. Should help a load of folk out.
This is a particularly good video with excellent demonstrations. Lots of good information was presented in a well organized fashion. It had the tone of a class, but that is fine with me because he is a fast presenter who doesn't waste our time.
that's certainly answered a few questions
Finally somebody that shows how to use Linux not just open up terminal and throw in a bunch of commands that make zero sense to the noob
For security It's important to verify a Linux distro download, I always use the sha256 sum & gpg sum to make sure it hasn't been corrupted or malicious code added!
But how do you know that the hash is legitimate? People will usually use a hash from the same source as the iso file.
Besides, this is also valid for gpg keys, since you don't know if they truly belong to the developer.
Because people like this see SHA256, not understand what a hash is and then go “oh, they put the hash on the same page as the download link, this is legitimate”
Decent Linux installers hash check themselves before they run. Or there will be a menu entry on boot to check the integrity.
@tablettablete186 that all goes back to using a trusted source. I torrent images but get hash keys from official sites. Mostly I'm checking to make sure there was no download error.
just download it from the official site seems to work for me..... never had any issues
Thanks Chris. Started Ubuntu playing a round as per what I have seen here. It will do what I need just was worried about security issues.
I've been meaning to prevent authorised access...
Great video, thanks for all your good work :)
It's the Authorized Access that always gets you in the end... especially by undependable actors like one's self.
Linux works to prevent authorized access.
Thanks EC - as always, very much 'on message' and clearly explained (and without a disco blaring out in the background as with so many other channels!).
With the probable growth in Linux usage as people switch from Windows, malware is going to become more and more of an issue and Linux isn't going to be able to hide behind 'security through obscurity' for much longer; as such, your video is a welcome and timely wake-up call.
You are a great teacher. Thanks.
Thank you. I'm starting to move from Win11 to Mint, so this was very helpful to me.
right on!
I thoroughly enjoy your presentations. They are informative and entertaining. Thank you!
I have a 2012 Mac Mini running Linux Mint 22 as my main desktop. I also have an older MacBook running Monterey I use for 2 specific apps. I like both , but I’m really impressed with Mint and how well it runs on older hardware. Actually Mint runs better on the Mini than either MacOS or Windows 10, and W10 runs pretty good.
Found this while coming to grips with my shiny new linux box, actually pretty helpful 👍
All very good and useful tips Chris!
Thanks for this. Your videos are engaging to watch. There is always something new to learn, in just the right amount of detail. And the retro style rocks!
Great video. You've prompted me to check a few things on my systems since I've never bothered with security on them 👍.
Thank you, I now feel more confident with my choice to switch to Linux mint in a couple of week knowing about these security measures.
Excellent! Thank you!
@ExplaingComputers: The "... preventing authorized access" vs "...preventing unauthorized access" was a perfect check if everybody was being with you on both audio and visual ... 🤣😂🤣😁 ... SCNR
As always: Very well prepared with lots of vital hints ! 🙏🙏🙏 Thank you very much, Christopher !!!
Thank you so much, this was just the sort of info I have been searching for and all packaged up in a very understandable video. Much appreciated.
Very useful video. I'll watch it through again later and double check my Zorin OS settings. Thank you.
Linux alternatives to Windows 10 are a hot topic these days, and let’s be honest, open is better than closed.
just choose one of the O/S's that were mentioned in this video..... and Debian and Fedora> All of them are great, safe O/S's. All are open source. No telemetry or spying. Being open source means that people from around the world can see what is these programs.... if anyone starts to try to insert malware, it is discovered and corrected so fast, it would make your head spin. A five yr Linux Mint User..... and I also don't use anti-virus and malware programs......... and I have never had a problem like that since changing to linux. It just works. There can be issues, but bare with it, and search on Google or check in with the forum for your O/S.... many helpful and generous people there who will help you out debugging or explaining how things work. There are comments on some web pages that Linux users are all 'snarky' or difficult or obnoxious or up themselves...... But I have never, so far, in my 5 yrs using Linux, experienced this. If I asked a question I got a considered and reasonable answer. Just fully describe your problem and miracles happen. It's a good community from my experience.
Love the channel and the video. Keep up the good work 👍
great content, as always. Especially with Linux systems, it is very easy to get appropriate security in place (and it doesnt impact the system as negatively as it does on other commercial platforms). The only think I[d suggest as a change is the advice for "sudo" - only give sudo to those that absolutely need it, and that you trust. (E.g. household members, children, etc likely do not need sudo!). The advice on user behavior is excellent! I just wish that my bank and the like would _stop_ sending me links to click 😞
As usual a very helpful, easy to understand video from Chris.