Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 44

Thread: anti-virus program

  1. #31
    Soul-Sing is offline Chocolate-Covered Ubuntu Beans
    Join Date
    Aug 2006
    Beans
    1,374
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: anti-virus program

    1. It bogs down my Linux box with worthless bloatware that pointlessly increases complexity and saps performance.
    2. It gores a straw man.
    3. It diverts limited resources and attention from real security threats.
    4. It perpetuates delusions of safety, especially among new users.
    5. It co-opts Linux into acting as enablers for the bad habits and deficiencies of others.
    6. It burdens me with someone else's shortcomings.
    1) No, an ondemand antivirus scanner takes no resources. Nothing. A realtime/on acess will, don't use them. (There are some around)

    3) Referring to a false security sentiment, as in Microsoft systems?

    4) There are many linux users, using antivirus, because they are aware of risks of file sharing files/etc. between linux and windows machines.

    5) Why is that?

  2. #32
    Join Date
    Mar 2011
    Location
    19th Hole
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: anti-virus program

    Quote Originally Posted by Soul-Sing View Post
    1) No, an ondemand antivirus scanner takes no resources. Nothing. A realtime/on acess will, don't use them. (There are some around)

    3) Referring to a false security sentiment, as in Microsoft systems?

    4) There are many linux users, using antivirus, because they are aware of risks of file sharing files/etc. between linux and windows machines.

    5) Why is that?
    1. ...except that we are told by many of those who use them, and certainly by antivirus vendors, that on-demand scanners are less effective (and, by implication, less safe) than memory resident autoscan types. And they have a point--if we accept the premise that they do any good in Linux--one of the key features of antivirus programs being their ability to be on constant alert versus the the human propensity to procrastinate or forget.

    3. ...if I was making such a reference, it would have been #4, but I was not referring to any system but Linux. Numerous new users ask about antivirus on these forums and it is evident in the way they phrase their questions that they feel the installation of antivirus is their foremost (and for too many, their only) concern. Whether they inherit such attitudes from proprietary systems is a topic for another day. The fact is they approach antivirus that way, which is an attitude that all of the security stickies and primers on this very forum and other sites seek to change. Developers are not the only people who have limited attention and resources: users do to. And when these are directed at non-problems, the real problems don't get addressed.

    4. ...then they should install it on the Windows side where it belongs. I operate mixed OSes. The Windows boxes have not only antivirus, but all the malware scanners that are unfortunately needed for Windows. The Linus boxes do not.

    5. ...the prevalent attitude among users of proprietary OSes is that virii are an unavoidable consequence of computing in general and part of the natural computing landscape. It is, in fact, a form of normalizing the abnormal. Yet, in Linux, we have an OS that stands as a stark counterexample to that fallacy. If Linux must saddle itself with pointless bloatware for the sake of another's deficiencies, then what is this but further enabling of those deficiencies? If proprietary OSes have a virus problem, fix it. It is nothing less than enablement for Linux to participate in and thus sustain their deficiency industry.

    Don't mean to get too mystical here, but the guiding principle behind all of the 'nixes, Linux included, is to do only that which is needful. This is what minimizes risk and keeps Linux out of most of the trouble that other OSes get themselves into. Do one thing, but do it well. Don't run what isn't needed. Minimal access, minimal privileges, minimal services. The application of this guiding principle turns out numerous good practices. Quite aside from the practical aspects already discussed, antivirus--at least to this user--offends this aesthetic.

  3. #33
    Join Date
    Oct 2012
    Beans
    55

    Re: anti-virus program

    I seem to be in a very small minority here, but, amongst other security measures, I do run a real-time AV on my system (Comodo antivirus for Linux).

    I'm not qualified to disagree with anything that has been said, but in my mind I do it because:

    (i) It costs nothing. It auto-updates, so it is essentially fit and forget. The performance impact is clear on initial use of any application on my old machine, but hardly noticeable on subsequent use. On my new machine it is hardly noticeable at all.
    (ii) I hope it offers some protection against cross-platform malware
    (iii) I also hope that Comodo will eventually get around to including signatures for any new Linux malware that appears, such as this
    https://isc.sans.edu/diary/SSHD+root...the+wild/15229
    I do my best to prompt them to.

    I would say that I've never encountered any malware in Linux, but then nor did I in twelve years with Windows. I guess I'm just not an adventurous sort!

  4. #34
    Soul-Sing is offline Chocolate-Covered Ubuntu Beans
    Join Date
    Aug 2006
    Beans
    1,374
    Distro
    Ubuntu 13.04 Raring Ringtail

    Re: anti-virus program

    (i) It costs nothing. It auto-updates, so it is essentially fit and forget. The performance impact is clear on initial use of any application on my old machine, but hardly noticeable on subsequent use. On my new machine it is hardly noticeable at all.
    1) No costs, is an non argument, and makes no sense using whatever software
    2) Auto-update, scary imho.
    3) Fit and forget. No-way. Security in linux goes it bit further than this. Learn, be critical, and get fam. with apparmor/luks/(g)ufw/iptables. DuckHook had a point there.
    Last edited by Soul-Sing; March 1st, 2013 at 07:56 PM.

  5. #35
    Join Date
    Oct 2012
    Beans
    55

    Re: anti-virus program

    Quote Originally Posted by Soul-Sing View Post
    1) No costs, is is non argument, and makes no sense using whatever software
    2) Auto-update, scary imho.
    3) Fit and forget. No-way. Security in linux goes it bit further than this. Learn, be critical, and get fam. with apparmor/luks/(g)ufw/iptables. DuckHook had a point there.
    1. It is an argument if you can't afford it - but I agree it usually isn't a clincher. What I really had in mind was the avoidance of annual online financial dealings to renew - or even worse having to cancel attempted auto-renewal of products you want to ditch. I've had grief from several well known windows AV vendors in the past over this.

    2. Only the virus database auto-updates, but again I agree, it can be scary. It's a trust issue. If you can't trust the people who provide your security software then it is bad. Should I trust Comodo? Then again, should I trust Canonical or Microsoft?

    At present I'm still too new to Linux to trust anything sensitive to it - or rather I don't trust my use of it that far yet.

    3. Apparmor is in enforce mode on quite a few profiles - including Firefox. Ufw is blocking all ports inbound, and only a few essential ports are open outbound. I've not figured out if I can limit by application outbound. Encryption is currently limited to Home - I've pondered full disk encryption - maybe next time

  6. #36
    Join Date
    Mar 2011
    Location
    19th Hole
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: anti-virus program

    Interesting article.

    No one is chiding you for installing antivirus. Not me, anyway. I don't believe in crusades of any sort. The foregoing was as much academic exercise as best practice. If you simply must have antivirus installed to feel safe, then--and here's the signficant part--provided you take all of the other precautions, go ahead and use it. The antivirus won't do diddly-squat, it's the other precautions that really protect you; but humans have an appendix, so why not graft one onto Linux? If it offends my aesthetic, that's my problem.

    That said, one of the favourite ploys of the antivirus industry is to take a threat and present it completely out of context. Or, if they do not actively do so, they make no effort to educate when people jump to the wrong conclusions. Why would they? Sells more software to let people do pointless things based on misdirected paranoia. Most people's reaction to this report is a perfect example. Please indulge me as I comment:

    1. This trojan is no different than numerous other trojans, whether proof of concept or actual malware, that have been coded to infect Linux over the decades. Those of us who have an interest in security matters are fully aware of the nasties that are regularly discovered. Security gurus like Ms Daisy, Dangertux, bodhi.zazen and many others tirelessly remind us that it is almost trivial to write malicious code that will compromise a Linux system. In that very restricted sense, Linux is not inherently more hardened. It is certainly not infallible as some suggest. I am not remotely a coder or even a net-admin, but even I can put together a two-line script which, were you foolish enough to run it, would open your system up to being owned by anyone who could see your IP address. Lesson: reading about malicious code is critically incomplete and therefore almost meaningless in the absence of context.

    2. Don't hold your breath waiting for this one to be added to antivirus signatures. Antivirus companies cannot just add any potential threat--the signature file would grow to infinity--they must restrict it to real threats. This example is not a real threat, witness ISC's own threat level of Green. BTW, SANS does phenomenal work. This report is totally valid: it's their job to capture threats, analyze and report on them. It's the misdirected response to this threat that is the problem.

    3. The proper response, as it has been for years now, will likely turn out to be:
    a. close the hole/s that will eventually be identified as the point/s of entry. For new users, this translates into: do not run obsolete versions and install all security updates.
    b. If you don't use ssh, then don't install sshd (Minimal access, minimal privileges, minimal services).
    c. Do not install stuff outside the repositories.
    d. apparmor as much as you reasonably can.
    e. Firewall both inbound and outbound.
    f. Layer your security. Safety in depth.
    g. Read your logs.
    h. Backup your stuff.
    i. If you've done everything reasonably possible, stop stressing about it and go have a beer.

    Now, let's contrast that to what even my own limited experience has exposed attempting to advise new users on these forums:

    1. "How do I login automatically?" Nerfs the login challenge, renders encryption pointless, imports the worst of Windows and reinforces truly gawd-awful habits.
    2. "How do I operate permanently as administrator?" 'Nuff said.
    3. "How do I permanently activate the root account?" Almost as bad as #2.
    4. "I run version 9.10. Why can't I update?" They don't make parts for Model-Ts anymore either.
    5. "I keep having to login twice. How do I delete the keyring?" Why not just track all of your passwords in a text file?
    6. "How do I install this app/driver/service that I downloaded from I-don't-know-where?" Try this one from I-own-you.com
    7. "How do I install all of silverlight/java/flash/active-x/mal-script onto my browser?" *sigh*
    8. "Apparmor prevents me from doing something. How do I disable it?" The fastest way is by publishing your IP and password on the net.
    9. "How do I get rid of permissions?" By using Windows.

    These users will sometimes, without even pausing for breath, demand to know what anti-virus they must install. It would be a joke were it not so sad. And this is not even a complete sampling.

  7. #37
    Join Date
    Mar 2013
    Beans
    0

    Re: anti-virus program

    I tried installing AVG .deb from their site. After 30 minutes and 5 reboots, it's gone. Trying to be prudent and help the "blue pills", as I have to deal with them daily, but its just not worth it. Ah well...

  8. #38
    Join Date
    Aug 2011
    Beans
    90
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: anti-virus program

    Quote Originally Posted by DuckHook View Post
    These users will sometimes, without even pausing for breath, demand to know what anti-virus they must install. It would be a joke were it not so sad. And this is not even a complete sampling.
    This. Just last month a couple of friends brought me their (Windows) computers for "fix" as they had a virus and had issues with the computers. What they did, I don't know, but one of the computers wouldn't even start Windows, the other would start but that was it. Needles to say, on all of the computers I found no less than 3 (THREE) av programs, some free, some commercial, not once run, not once updated. "But we have AV!"

    Anyhow, I told them that because of what they did, they can't have Windows anymore (I won't allow it, because it'll just be a monthly reinstall fest) and installed Ubuntu on those machines. So far I haven't had any panic calls.

  9. #39
    Join Date
    Oct 2012
    Beans
    55

    Re: anti-virus program

    Quote Originally Posted by DuckHook View Post
    Interesting article.

    No one is chiding you for installing antivirus. Not me, anyway. I don't believe in crusades of any sort. The foregoing was as much academic exercise as best practice. If you simply must have antivirus installed to feel safe, then--and here's the signficant part--provided you take all of the other precautions, go ahead and use it. The antivirus won't do diddly-squat, it's the other precautions that really protect you; but humans have an appendix, so why not graft one onto Linux? If it offends my aesthetic, that's my problem.

    .
    I really hope the AV does do diddly-squat - just like my AV's in Windows have done diddly-squat for over the past 12 years (other than squawk for what turned out to be FPs a handful of times).

    Few would say I've been wrong to have Windows AV all that time though.

    As you say, in all OS the other precautions are more important.

    I appreciate these discussions - very helpful to the likes of me working up to an OS change decision, and more focussed than simply searching - probably frustrating for you guys who've been round the same issue before though.

    So far I've concluded that if it's Linux then it's Ubuntu LTS.

    I'm far to old to feel chided by the way. The mag of maglinu stood for middle aged guy.

    Trouble is that was a lot of years ago when I started using it on Windows forums. Not sure what it stands for now!

  10. #40
    Join Date
    Feb 2013
    Beans
    6

    Re: anti-virus program

    in this program anti virus may not be required, but it is good to have an anti virus in your computer, so you will keep protect from threats which may harm you machine.

Page 4 of 5 FirstFirst ... 2345 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •