Re: Anti-malware for my personal Debian workstation?

To: Debian User <debian-user@lists.debian.org>
Subject: Re: Anti-malware for my personal Debian workstation?
From: l0f4r0@tuta.io
Date: Sat, 11 Apr 2020 19:06:59 +0200 (CEST)
Message-id: <[🔎] M4eCM64--3-2@tuta.io>
In-reply-to: <20200224144505.GP845@eeg.ccf.org>
References: <M0lDfTP--3-2@tuta.io> <jwvv9nx1d78.fsf-monnier+gmane.linux.debian.user@gnu.org> <CAKada-6x0qvJxi_eh+fDywDzg-FOCLG9di2Yw=7TBmcWA9CYDw@mail.gmail.com> <20200224090358.GA28752@tuxteam.de> <20200224144505.GP845@eeg.ccf.org>

Hi,

Thank you everybody for your answers.

I understand most of you respondents don't use anti-malware at all. A good hygiene or other kind of solutions like system hardening (AppArmor, SELinux) are way more efficient.

NB : I've been told SELinux is so complex, people eventually let it drop... Do you all succeed in configuring & using it? ;)

Do you follow any guide or tool to help you in hardening your Linux distro?
I've used Lynis for the audit part, it's nicely done. What do you think about it?

Anti-malware on Windows is common/best practice. However, as we are discussing it here, things seem to be different with Linux. I don't really think Linux is intrinsically more secure than Windows nowadays (a vulnerability remains as such) but I really think Linux ecosystem is. Here are some reasons that could explain that according to me:
* Most softwares are downloaded through official preconfigured repositories. Users are less prone to download malware on suspicions websites
* Updates are easier as well because tracked/centralized through repositories themselves for the most part. On Windows you need to check Windows Update + Windows Store + each application individually
* Linux users are globally more tech-savvy so they take care more about their systems
* Open source is more common on Linux (community-based) than Windows (money-based) so theoretically anyone competent enough could view the source by oneself and spot a malovelent behavior (/!\ in practice this is not so easy, see what happened with OpenSSL / HeartBleed)
* Linux desktops are less exposed : it's more lucrative for black hats to target Windows users with malware (see desktop marketshares). However this is only half of an argument because Linux server marketshares are quite the opposite!
* Until some years ago, I would have added that Linux is more secured by design (least privilege, compartmentalization) than Windows but I think this is not so true now, Windows has cought up apparently...
=> What is your opinion?

Thank you & Best regards,
l0f4r0

Reply to:

Follow-Ups:
- Re: Anti-malware for my personal Debian workstation?
  - From: "Thomas Schmitt" <scdbackup@gmx.net>
- Re: Anti-malware for my personal Debian workstation?
  - From: Joe <joe@jretrading.com>
- Re: Anti-malware for my personal Debian workstation?
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

Prev by Date: Re: Command line tool to report free/used per partition
Next by Date: Re: Anti-malware for my personal Debian workstation?
Previous by thread: Re: Command line tool to report free/used per partition
Next by thread: Re: Anti-malware for my personal Debian workstation?
Index(es):
- Date
- Thread