Security?

[sdcougar]

I'm now online with 18 Sarah. Always been told don't have to worry about viruses in linux. So, I'm secure? No vulnerability to hacking?

Wish there was a 'sticky' on this for Newbies to either let us know that we are secure or if we need to do anything in addition to installing the download of Mint.

Nothing we should use like we had to on windows...malware bytes, anti-spyware...?

[Schultz]

sdcougar wrote:
Nothing we should use like we had to on windows...malware bytes, anti-spyware...?

No, you don't need that on Linux. The link below is to a website by forum member Pjotr, who really knows his stuff. Putting AVs and the like on a Linux system will actually decrease your security.

https://sites.google.com/site/easylinux ... t/security

This link is to a recent ZDnet article. Read the first 3 paragraphs.

http://www.zdnet.com/article/mint-18-3- ... s-forward/

[Pierre]

just to re-iterate that - - you don't need any of those "Extras" in your New Linux System

and most of those so-called " vulnerabilities" are generally confined to some Server Situation,,
- and not to any specific Linux Desktop Operating System.
which, all means,, that you more safe now, than you ever were, on that Other Operating System.

[jimallyn]

I have used Linux since 2002 with no anti-virus or anti-malware software, and none of my Linux computers have ever been infected with any virus or malware. Nor has the computer of any Linux user that I know of, which would take in a LOT of people, since I have been active on Linux forums the whole time I have been using Linux, and have never seen a valid virus/malware report. (Now and then somebody will ask if something on their computer is a virus. Like some feature deliberately added to Linux.) I won't say that it's impossible to get a virus or malware on Linux, just that I have never heard of it.

[davidmedin]

Can I just say one thing, re: security. By default the Linux installer does not encrypt your disk, which means that ANYONE who gets a hold of your laptop / desktop / server can drop into root mode via Grub and do whatever the hell they want - including changing your password and logging in to your account to steal all your files!

The ONLY way around this that doesn't involve massive amounts of effort is to encrypt your disk during setup! Unlike Windows or Mac, Linux does NOT allow you to encrypt your disk after you've installed the OS!

A massive, massive security hole if you ask me!!!

[sammiev]

Can I just say one thing, re: security. By default the Linux installer does not encrypt your disk, which means that ANYONE who gets a hold of your laptop / desktop / server can drop into root mode via Grub and do whatever the hell they want - including changing your password and logging in to your account to steal all your files!

The ONLY way around this that doesn't involve massive amounts of effort is to encrypt your disk during setup! Unlike Windows or Mac, Linux does NOT allow you to encrypt your disk after you've installed the OS!

A massive, massive security hole if you ask me!!!

Let's see now.

They need to get by the security system on the house, then the 150 lb dog and if that dosn't stop them, I'm sure the wife will.

If they can get by all of that, they can have the computer.

[Jim Hauser]

Can I just say one thing, re: security. By default the Linux installer does not encrypt your disk, which means that ANYONE who gets a hold of your laptop / desktop / server can drop into root mode via Grub and do whatever the hell they want - including changing your password and logging in to your account to steal all your files!

The ONLY way around this that doesn't involve massive amounts of effort is to encrypt your disk during setup! Unlike Windows or Mac, Linux does NOT allow you to encrypt your disk after you've installed the OS!

A massive, massive security hole if you ask me!!!

Let's see... I use a password by default, I use a password with screen locking, I have good (CISCO) router, I use a VPN. I have never used any anti-virus or anti-malware products with Linux. I have never used an encrypted disk with Linux. I do not use laptops (big security risk.) Oh wait, an encrypted drive might be good for a laptop. Been that way for 4 years now without a problem.

I was not aware that anyone could drop into root mode without a password. The biggest holes in a Linux system are usually created by bad habits and laziness.

And by the way, my computer is safe along with my stereo, tv and other household goodies... I have a big dog too...

[Jim Hauser]

I might add that encrypting your disk may not be the default option on Linux Mint but it is an option! You just have to pay attention when installing. The software is only half of the story, the other half is the person sitting behind the keyboard...

[davidmedin]

Can I just say one thing, re: security. By default the Linux installer does not encrypt your disk, which means that ANYONE who gets a hold of your laptop / desktop / server can drop into root mode via Grub and do whatever the hell they want - including changing your password and logging in to your account to steal all your files!

The ONLY way around this that doesn't involve massive amounts of effort is to encrypt your disk during setup! Unlike Windows or Mac, Linux does NOT allow you to encrypt your disk after you've installed the OS!

A massive, massive security hole if you ask me!!!

Let's see... I use a password by default, I use a password with screen locking, I have good (CISCO) router, I use a VPN. I have never used any anti-virus or anti-malware products with Linux. I have never used an encrypted disk with Linux. I do not use laptops (big security risk.) Oh wait, an encrypted drive might be good for a laptop. Been that way for 4 years now without a problem.

I was not aware that anyone could drop into root mode without a password. The biggest holes in a Linux system are usually created by bad habits and laziness.

And by the way, my computer is safe along with my stereo, tv and other household goodies... I have a big dog too...

^

Same applies for any Windows or Mac PC. (In the 15 or more years or using Windows, from Windows 2000 on, I have never been taken out of commission by a virus. Not even once. Mixture of using security software and using common sense.)

And it doesn't have any bearing on the fact that a Linux Mint install is horribly, horribly insecure by default - especially on a laptop. I mean ... root access from Grub without requiring a password? Must be some kind of oversight, surely?

[Pjotr]

Well, then set a BIOS password which you have to enter before even Grub launches. That's what I've done with my laptops. Not failsafe, but it buys you some time after a theft....

Much ado about physical access. Note that physical access will always be risky, no matter what.

[Moem]

Right, it's not like a laptop running Windows or a Mac OS will keep your data safe once someone has physical posession of it...

[DAMIEN1307]

i would like to add to this...1 yr ago a friends adult son died in a car accident...he brought me his sons laptop running win 10...it was password protected on bios/boot...he didnt know the password and brought it to a computer shop here in town that charges 80 dollars an hour to troubleshoot etc...240 dollars later they gave it back to him saying it would be impossible to crack...with a free password cracker that i had downloaded from the internet and put on a USB, i bypassed his bootup password long enough to download and crack the laptop password and gained total access...total time?...15 minutes...password was way too simple...it was "dad"...he then asked me to put linux mint on it as i had already done this on his other computers...if i can do it, any village idiot can also do this and by the way, i didnt charge him for this...he was still grieving...system is only as secure as the passwords used and even then, an idiot like me can still bypass and crack em...there is good security practices, then there is ultra-paronoid tin foil hat style security...how much is enough and how much is overkill?...i had just recently been given 14 computers from a Gov't agency and found 2 of them that they missed during their clear bios and dban operations...i asked them if they wished to clear them themselves...their reply to me? we trust you to do these before you put linux on them for the school kids your donating them too...we would have never given them to you for this unless we could trust you to do so, and we know that your using higher than DOD standards...end of story...so please remove the tin foil hats...as a whole, though i believe in as complete privacy as is possible in this day and age, nothing is perfect...linux desktops/laptops are far more secure than anything else out there thus far right out of the box...DAMIEN