Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Does a beginning home user need more than ufw and ClamAV?

  1. #11
    Join Date
    Sep 2007
    Beans
    Hidden!
    Distro
    Ubuntu Mate 24.04 Noble Numbat

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by maglin2 View Post
    I'd be surprised if firejail works with the default Ubuntu browser (Firefox snap - already sandboxed). But then I'm often surprised!
    Can't say as I've only ever used .deb package of FF to which Firejail works fine with.
    UP THE IRONS!

  2. #12
    Join Date
    Oct 2024
    Beans
    13

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by maglin2 View Post
    I'd be surprised if firejail works with the default Ubuntu browser (Firefox snap - already sandboxed). But then I'm often surprised!
    Yes, I'm using the default Ubuntu browser and glad to see this. I've been trying to stick to snap packages since that's Ubuntu's default. I've run into some users that don't like snap packages and refuse to use them, but I don't know enough yet about linux to really understand their reasons. My understanding is that it's more secure, easier to update, and easier to uninstall if needed. I'm interested in trying firejail, but I think I need to better understand how snap packages work first.

    I do backup my files every day to a google drive with Deja Dup, and using Timeshift to create snapshots of my system. But I haven't used either of these yet to practice retrieving a file or restoring my system. I've never had a successful restoration of files using Windows backup or the backup function I had on the smartphone I had that got damaged, so I'm a little nervous about that. Saving photos in my Google Drive is my only successful backup history.

    I'm struggling with the idea of uninstalling ClamAv as suggested in the link provided by ajgreeny: https://easylinuxtipsproject.blogspo.../security.html, but I think it's some kind of Windows trauma reflex. Maybe I'll toughen up after I get enough nerve to practice restoring my system.

  3. #13
    Join Date
    May 2018
    Location
    Here and There
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: Does a beginning home user need more than ufw and ClamAV?

    Firejail will not work with snaps, as already said in this thread.

    I'll remain silent on why others like me wont use them, and it is not about hate, it's a matter of strict confinements with them with how we use our system is all....
    "When you practice gratefulness, there is a sense of respect toward others." >>Dalai Lama

  4. #14
    Join Date
    Oct 2024
    Beans
    13

    Re: Does a beginning home user need more than ufw and ClamAV?

    Thank you for the clarification! My system and needs are much simpler than advanced users I think.

    Per the suggestion to read the Security subforum stickies, I've been reading https://help.ubuntu.com/community/DoINeedAFirewall. I've gotten a little hung up on whether to use browser extensions with Firefox. It suggests NoScripts and I do have the Bitwarden extension which I'd be lost without. But you and others have suggested no extensions. I definitely won't add anymore, and it's another thing to keep reading up on.

    So far, I think my biggest mistake with this install has been only setting up one user account, which has sudo privileges and is also my account for the things that introduce vulnerability like a browser and steam. I created another user account for admin stuff, but I'm a bit scared to assign sudo privileges to it and withdraw sudo from the other.

  5. #15
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    5,028

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by mavengarlick View Post
    So far, I think my biggest mistake with this install has been only setting up one user account, which has sudo privileges and is also my account for the things that introduce vulnerability like a browser and steam. I created another user account for admin stuff, but I'm a bit scared to assign sudo privileges to it and withdraw sudo from the other.
    Not quite.
    Ubuntu does not use "admin" accounts. That's called the root account, and Ubuntu's is disabled by default. Leave it that way.
    Your original user account does not introduce vulnerabilities. It's just a user account. Continue to use it.
    When you need to do something admin, you will be prompted for your password.
    Simply be aware that being prompted for your password (except during login) means that you are doing something admin, and thus potentially dangerous. Entering your password means "remove the guardrails"

    Steam installed from a snap is sandboxed. Your browser installed from a snap is sandboxed. As long as you are getting your software from a trustworthy source (like the Ubuntu Software application), then don't fret. You will be fine.

    The #1 mistake Windows users make is to wander the internet downloading software instead of using the Ubuntu Software application. They typically just break their systems and need to reinstall. The most common intrusions are via the browser: Keylogging extensions and cryptominers embedded in shady web pages. They only work when the browser is running. So avoid shady extensions and stay away from shady websites. Use your browser's security features.

  6. #16
    Join Date
    Mar 2010
    Location
    Been there, meh.
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by ian-weisser View Post
    The #1 mistake Windows users make is to wander the internet downloading software instead of using the Ubuntu Software application.
    And only use the GPU drivers that are available through the "Additional Drivers" tool. Don't grab them from nvidia or AMD or Intel directly.

  7. #17
    Join Date
    Oct 2024
    Beans
    13

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by TheFu View Post
    And only use the GPU drivers that are available through the "Additional Drivers" tool. Don't grab them from nvidia or AMD or Intel directly.
    Thank you, this is good to know. I would reflexively trust them since they're large companies, but I'm guessing this is more of a compatibility issue than a security one? I was very lucky I didn't need to install any drivers with this laptop. Anyway, yes I'll only be installing from Ubuntu repositories moving forward.

  8. #18
    Join Date
    Mar 2010
    Location
    Been there, meh.
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by mavengarlick View Post
    Thank you, this is good to know. I would reflexively trust them since they're large companies, but I'm guessing this is more of a compatibility issue than a security one? I was very lucky I didn't need to install any drivers with this laptop. Anyway, yes I'll only be installing from Ubuntu repositories moving forward.
    Sometimes we need to install stuff from outside the Canonical repositories. That is possible, but manually downloading some setup.exe or archived file is the very last way anyone should get software for a linux system since around 1997. When I say "last", I mean about 5th on the list of possible methods.

    GPU drivers are a special case - well, nvidia GPU drivers are a special case. AMD and Intel drivers are pre-included in Canonical's repos.

    [rant] Don't read, if you are busy.
    Nvidia will someday realize their funky method that prevents distro makers from including and integrating their software/drivers into a Linux distro will go away. I think they've been working on it for about 4 yrs, trying to protect their intellectual property while still making drivers that can be redistributed. For high-end GPU users, nvidia really is the only game in town - but if you are spending less than $1000 on a GPU, just get an AMD and be much happier. For the most part, everything on AMD "just works" without doing anything special. I pulled a cheap nvidia GPU from a system and replaced a Ryzen CPU with a Ryzen APU (that's AMD's name for CPU+GPU in one). The result was faster performance from the AMD GPU and less power use from the wall, less heat, less noise, and ZERO driver hassles. The nvidia drivers caused me problems about once every 2-3 months when a new kernel was released. They must have fixed that in newer releases, but I tend to run 2+ yr old LTS releases of Ubuntu, so dealing with the issue for multiple years got old.

    To be fair, the nvidia GPU I had was the cheapest 1030 I could get. I actually didn't want a new GPU, but nVidia dropped support for the 7200GS I'd been using and the free drivers didn't support the screen resolution (1920x1200) I'd been using with the exact same hardware for 5+ yrs. I'd still be using that 7200GS if I could. Heck, it might work still and the F/LOSS drivers for it certainly have improved. Today, all my systems use onboard GPUs.

    I never intend to give nvidia another dime, if I can help it. I have a short list of companies on my "never let them make money off me" list. Some are extremely popular, so many millions of people don't feel the same. That's fine. When I feel mistreated by a company, there isn't much I can do, beside try to ensure they never get any money from me directly or indirectly. That 2nd option isn't always possible. If I were younger and didn't work for myself, I'd have less ability to implement these things.
    [/rant]

    Thanks, I feel better now. Sometimes it is therapeutic.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •