[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anti-malware for my personal Debian workstation?

	Hi.

On Sun, Feb 23, 2020 at 02:07:00PM -0500, Philippe LeCavalier wrote:
> On Sun, Feb 23, 2020, 14:04 Stefan Monnier <monnier@iro.umontreal.ca> wrote:
> 
> > > defense in depth / layered defense... would you recommend having a Linux
> > > anti-malware?
> >
> > No.  All those only try to recognize known threats.  When a threat is
> > known, the security hole it exploits is also known, and the fix for it
> > already exists as well, so updating your distribution to the latest
> > security fixes is a better solution since it doesn't just protect you
> > from those known threats but it also protects you from unknown threats
> > using the same security holes.
>
> That's not true. Sophos has ai learning and threat analysis mitigation
> tactics built in.

An impressive mitigation tactic indeed [1]:

September 2012: Sophos' anti-virus suite identified various
update-mechanisms, including its own, as malware. If it was configured
to automatically delete detected files, Sophos Antivirus could render
itself unable to update, required manual intervention to fix the
problem.


That and promoting non-free software here, at this list? Boo.

[1] https://en.wikipedia.org/wiki/Antivirus_software

Reco
Reply to: