Antivirus on Linux Mint Discussion (off-topics posts from "Best Antivirus for Linux Mint 20.1")

[Neophyte]

Windows can not get viruses either if you follow the same rules as for Linux.
1 don't install software that arn't trusted.
2 keep your system updated
3 don't download a lot of strange things from unknown websites and torrents
4 don't run unknown Sudo commands from anonymous webpages
5 don't click on things you don't know what it is
6 just because other say you cant get viruses, don't become reckless and think you are 100% safe

That's not really true, at least, not any more:

https://www.pindrop.com/blog/cyber-poli ... nteraction

There is a new piece of ransomware that is using an exploit for an Android vulnerability to infect devices without any user interaction whatsoever.

https://electronicintifada.net/blogs/ta ... n-no-trace

Since at least 2016, newer versions did not require the recipient to interact with the malware.

More recently, it appears that NSO Group’s software has advanced to the point that not only does it require no interaction with the malware, but it also leaves no visible trace on the infected device.

. . . and those are just a two examples of no interaction malwares. And by no interaction, I mean you don't need to click, download, or install anything.

[Marie SWE]

Windows can not get viruses either if you follow the same rules as for Linux.
1 don't install software that arn't trusted.
2 keep your system updated
3 don't download a lot of strange things from unknown websites and torrents
4 don't run unknown Sudo commands from anonymous webpages
5 don't click on things you don't know what it is
6 just because other say you cant get viruses, don't become reckless and think you are 100% safe

That's not really true, at least, not any more:

https://www.pindrop.com/blog/cyber-poli ... nteraction

There is a new piece of ransomware that is using an exploit for an Android vulnerability to infect devices without any user interaction whatsoever.

https://electronicintifada.net/blogs/ta ... n-no-trace

Since at least 2016, newer versions did not require the recipient to interact with the malware.

More recently, it appears that NSO Group’s software has advanced to the point that not only does it require no interaction with the malware, but it also leaves no visible trace on the infected device.

. . . and those are just a two examples of no interaction malwares. And by no interaction, I mean you don't need to click, download, or install anything.

I said Windows.
I don't know how android works as I never had one

[Neophyte]

Windows can not get viruses either if you follow the same rules as for Linux.
1 don't install software that arn't trusted.
2 keep your system updated
3 don't download a lot of strange things from unknown websites and torrents
4 don't run unknown Sudo commands from anonymous webpages
5 don't click on things you don't know what it is
6 just because other say you cant get viruses, don't become reckless and think you are 100% safe

That's not really true, at least, not any more:

https://www.pindrop.com/blog/cyber-poli ... nteraction

There is a new piece of ransomware that is using an exploit for an Android vulnerability to infect devices without any user interaction whatsoever.

https://electronicintifada.net/blogs/ta ... n-no-trace

Since at least 2016, newer versions did not require the recipient to interact with the malware.

More recently, it appears that NSO Group’s software has advanced to the point that not only does it require no interaction with the malware, but it also leaves no visible trace on the infected device.

. . . and those are just a two examples of no interaction malwares. And by no interaction, I mean you don't need to click, download, or install anything.

I said Windows.
I don't know how android works as I never had one

Those were just a few examples. It applies to Windows as well:

https://www.securityweek.com/microsoft- ... ported-nsa

These include CVE-2022-26809 (CVSS 9., a flaw that allows a remote attacker to execute code at high privileges on an affected system. “Since no user interaction is required, these factors combine to make this wormable, at least between machines where RPC can be reached,” ZDI researcher Dustin Childs said.

[The Muffin Man]

It's about trust. Do you trust your AV software? Installing _any_ AV software means you trust the AV company/developer more than the OS company/developer. Giving over defenses to a single AV point of entry by default, means that a hacker only needs to know how to hack that particular AV to gain entry into your system.

<tounge-in-cheek>
I think instead of giving over all our CPU cycles to AV software, we ought to just return to x386 and be done with it.
</tounge-in-cheek>

[Marie SWE]

That's not really true, at least, not any more:

https://www.pindrop.com/blog/cyber-poli ... nteraction


https://electronicintifada.net/blogs/ta ... n-no-trace


. . . and those are just a two examples of no interaction malwares. And by no interaction, I mean you don't need to click, download, or install anything.

I said Windows.
I don't know how android works as I never had one

Those were just a few examples. It applies to Windows as well:

https://www.securityweek.com/microsoft- ... ported-nsa

These include CVE-2022-26809 (CVSS 9., a flaw that allows a remote attacker to execute code at high privileges on an affected system. “Since no user interaction is required, these factors combine to make this wormable, at least between machines where RPC can be reached,” ZDI researcher Dustin Childs said.

Seems as it isn't so easy to exploit it.
You need access to that machine first and open ports 135, 137, 139 and 445
Have you ever looked at how many CVE vulnerabilities there is to Linux Desktop.
Not so long ago it was one to get root privileges without need of sudo password
Here you can read a bit. https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Linux

[RollyShed]

That's not really true, at least, not any more

True, very true, when it is Microsoft writing the "viruses".
Destroy your system? Yes, a virus by MS.
Break drivers? Yes a virus by MS.

Use an anti-virus programme? No, won't do any good.

[Neophyte]

Seems as it isn't so easy to exploit it.

Irrelevant. The point is, it exists, and it functions without the need for any interaction on the end user's part. The link explains how it is wormable, and it isn't even the only example. I have already proven my point and given you multiple examples across various OSes.

Like it or not, "common sense" is no longer sufficient to prevent malware. The examples I have shown prove that fact.

[RollyShed]

Irrelevant. The point is, it exists, and it functions without the need for any interaction on the end user's part. The link explains how it is wormable, and it isn't even the only example. I have already proven my point and given you multiple examples across various OSes.

My question is, "So what?"
If you can't block MS from destroying things by using virus checkers, the answer is use Linux and you won't get "had" by disruption.

We are still asking, "Who has had a "problem" due to using Linux?"

I'm not talking about problems introduced by the user and setting things up incorrectly.

[Neophyte]

Irrelevant. The point is, it exists, and it functions without the need for any interaction on the end user's part. The link explains how it is wormable, and it isn't even the only example. I have already proven my point and given you multiple examples across various OSes.

My question is, "So what?"

So the claim that "common sense prevents malware" is no longer valid.

[RollyShed]

So the claim that "common sense prevents malware" is no longer valid.

Exactly "common sense prevents malware". Common sense says don't use Windows and it is valid.

[rambo919]

So the claim that "common sense prevents malware" is no longer valid.

Exactly "common sense prevents malware". Common sense says don't use Windows and it is valid.

By that logic don't eat anything from the supermarket because it might make you ill.

[RollyShed]

So the claim that "common sense prevents malware" is no longer valid.

Exactly "common sense prevents malware". Common sense says don't use Windows and it is valid.

By that logic don't eat anything from the supermarket because it might make you ill.

No.
We know Windows isn't reliable. We have plenty of examples.
We know we don't have problems with items from the supermarket. We don't get ill eating items from the supermarket.

[rambo919]

No.
We know Windows isn't reliable. We have plenty of examples.

Nothing is completely reliable, the risk is mitigated by not using the latest feature update.

On one machine I have never had anything other than complete reliability with LM, on another I have had years of problems. I have also had problems (I forget what now but it was a major PITA) regarding the implemented just plain faulty partitioning software on LM ISO's and had to use separate ISO's to get the partitioning done beforehand..... think it was 20.2 but don't quote me on that.

I have never had massive problems with win10 other than when running it on an HDD. I have been smart enough to not store anything important in it's library folders or even on the C drive for that matter, I always partition the drive into a windows and other part where I install everything that does not go to program files or the users folders.... I do basically the same with Linux where I separate /home in it's own partition.

I can guarantee that anyone that has had OS related data loss on a windows machine did one of the following:

• use the default/library folders (subject to reset to default bugs)
• use encryption
• use a live account
• be an early adopter of OS upgrades.

I also waited for the year when they discontinued win7 to migrate to win10... with windows I am a almost at the very end adopter. With Linux it's the opposite where I upgrade as soon as practical because the user and system space applications have no actual separation between them.

We know we don't have problems with items from the supermarket. We don't get ill eating items from the supermarket.

You have been very lucky with supermarkets

[t42]

...because the user and system space applications have no actual separation between them.

What does it mean ? The processes and programs you running are in the user land and they are run in the least privileged mode, ring 3. Everything that the kernel runs is on privileged level, ring 0.

[rambo919]

...because the user and system space applications have no actual separation between them.

What does it mean ? The processes and programs you running are in the user land and they are run in the least privileged mode, ring 3. Everything that the kernel runs is on privileged level, ring 0.

You need to upgrade the whole OS/system base to upgrade the user programs base.
Instead of two sets of programs there is just one.
All programs install to the same places.
There is absolutely no clear delineation of where the system space ends and where the user space begins.

As example:
Even with /home, all config files to to the same places with no separation. This makes it extremely difficult for TimeShift for example to selectively create snapshots of only the system space.... to the point where no one even bothers to try so they just snapshot basically everything other than /home. This is a further problem because you would ideally want to be able to snapshot those configs as well without snapshotting the user space configs.

This is further worsened by closed source programs being defaulted to /home..... the Linux filesystem works yes but it is EXTREMELY messy in comparison to Windows. This is due to the fact that Linux at heart is still a server OS where such a thing as user space does not exist and the very concept is irrational. LM has made improvements here though with LM 20.

Windows solves this at least partially by putting the system space programs in a select few root folders and putting user space programes in it's own select few root folders.... with annoying bleed-over between them but still.

[Neophyte]

So the claim that "common sense prevents malware" is no longer valid.

Exactly "common sense prevents malware". Common sense says don't use Windows and it is valid.

The first example or two of no interaction malware I posted were referring to Android.

https://en.wikipedia.org/wiki/Android_( ... ng_system)

Android is a mobile operating system based on a modified version of the Linux kernel and other open source software

[t42]

,,,
You need to upgrade the whole OS/system base to upgrade the user programs base.
Instead of two sets of programs there is just one.
All programs install to the same places.
There is absolutely no clear delineation of where the system space ends and where the user space begins.

As example:
Even with /home, all config files to to the same places with no separation. This makes it extremely difficult for TimeShift for example to selectively create snapshots of only the system space.... to the point where no one even bothers to try so they just snapshot basically everything other than /home. This is a further problem because you would ideally want to be able to snapshot those configs as well without snapshotting the user space configs.

This is further worsened by closed source programs being defaulted to /home..... the Linux filesystem works yes but it is EXTREMELY messy in comparison to Windows. This is due to the fact that Linux at heart is still a server OS where such a thing as user space does not exist and the very concept is irrational. LM has made improvements here though with LM 20.

Windows solves this at least partially by putting the system space programs in a select few root folders and putting user space programes in it's own select few root folders.... with annoying bleed-over between them but still.

It seems among many other things you are mistaking Directory Structure with File System.

[RollyShed]

We know we don't have problems with items from the supermarket. We don't get ill eating items from the supermarket.

You have been very lucky with supermarkets

No, we live in a civilised country.

[rambo919]

It seems among many other things you are mistaking Directory Structure with File System.

My point gets across well enough without the need of what is essentially a grammar <violates forum rules>.

Change it to filing system (of which I was using the shortened form) if you must.... which is synonymous with directory structure.

[rambo919]

No, we live in a civilised country.

Debatable