Hello! Sorry maybe for this beginners-question: do I need dedicated anti-virus / anti-malware software for my Linux System?
I’m not using my laptop for anything shady: no filesharing, no pirating, etc. Just the usual boring bit of work or streaming or surfing the web. Do I need dedicated safety measures? Like ClamAV for example? I read a bit about it but there where mixed messages, where people said it’s not needed.
I’m running Linux Mint and Cinnamon on a laptop since a few months and couldn’t be happier with an operating system. Everything works fine and until now I had no trouble at all (besides this little annoying bug, where my touchpad gets randomly set to “deactivated”, but this really is a minor issue and maybe just a “stupid user”-Problem).
Before I suffered through decades of windows. But no more!
My understanding is that no amount of anti-virus software replaces common sense. As long as you’re not downloading sketchy programs and giving them permission to run, you’re pretty well set.
Some people might tell you that there’s no viruses on Linux, but that isn’t exactly true. Linux has something like 2% of the desktop market, which makes it less attractive to develop malware for - but 2% of a few billion computers is still millions of potential targets. Not to mention that Linux dominates the server market, and arguably that’s where malware is more valuable. To think that there’s no malware targeting Linux is naive.
Many anti-virus suites are effectively malware though. If you decide you do need AV software make sure to do your research before installing any.
Anyway, long story, I don’t personally use an anti-virus, and for your stated uses I’m not sure I’d recommend one.
If you’re mostly using it as a web browser then I would definitely recommend a solid ad blocker. UBlock Origin is free, highly esteemed, and can be installed as an extension to whatever browser you’re currently using.
Thanks for your answer! Ublock Origin is a given in all my browsers. Web is not usable any more without.
I read recently that ~
90%lots of malware comes through ads, so it’s a really great security help as well.Where did you read that? It sounds very high.
I read it from a Lemmy user who said they ran a business network and that’s the distribution they saw.
Thanks for questioning that. I couldn’t find a wider trend number and it was a bit irresponsible of me to repeat it assuming it applied everywhere.
No.
This guy linuxes.
Could they shorten it up a little? I’m not big on these wordy detailed answers. ;)
too bloated smh
Not really. Contrary to what people say, there is practically no malware targeting desktop machines and the risk is close to zero. There have been a few select pieces of malware during Linux’ history. But as far as I remember nothing to worry about for desktop users. You need to worry about security if you run a server. And ClamAV and such are mainly for scanning for Windows viruses, so noone else in the network gets infected by files they download from your server.
Do backups, though. Loosing all your files is as easy as running ‘rm -rf *’ in the terminal.
And as anecdotal evidence: I’ve been running Linux for like 20 years and I know lots of people who do. Practically no one I know uses an antivirus. And I know 0 people who got their desktops infected. We had our servers targeted though and the website defaced because we didn’t update the webserver for nearly two years. That definitely happens.
Yeah and as other people pointed out: use software from the package repository of your Linux distribution. That’s the nice thing about Linux and a popular Distro, that most popular software is packaged and ready to install with one command/click. Lately some users have adopted the habit of installing lots of software from random sources. I avoid that unless it’s absolutely necessary.
You can install an antivirus, but you really don’t need to. Malware for Linux is rare, and malware that targets desktop Linux users is extremely rare (to the point that it’s a newsworthy story every time it does appear). Most distros have ClamAV and the frontend ClamTk in their repos, but it’s primarily used to scan servers for Windows malware before it reaches its intended target. Some Windows malware can still be harmful if run with Wine/Proton, but unless you’re downloading and running a lot of Windows software from unofficial sources (which you shouldn’t have any reason to) that won’t be a risk.
A lot of people here are “use Linux!” Well as Linux’s desktop share goes up, so does it being a target for attacks. The more people you have, the less that are going to configure it correctly (that’s just a fact, and not everyone will be their parents tech support) so it’s just a matter of time.
Thank you all for your insightful input! I really like and appreciate the helpful community around Linux.
I’ve seen good answers here but I just wanted to chime in as I’m a newer Linux user and as I’m learning more from running Fedora as my daily driver instead of Windows, I’m learning a lot and hope to help others learn as well.
Typically, most common software that you want to use will be in the repo for your distro or in a flatpak of some kind. If you’re downloading from your distributions repo, your typically not going to encounter viruses. Flatpaks are also generally safe as theyre sandboxed so the interactions they have with your system are generally read only.
That said, still use caution. Don’t run commands that you find online unless you know what they do, use ublock like you mentioned you already do, only download software from trusted sources and use the checksum to verify the files integrity and safety.
From the sound of it, you’re already doing what you should be, just wanted to add this if there were any other very new users with similar concerns about viruses.
Flatpaks often have write access to the home directory. The sandbox is more about convenience/portability than security IMO. You are definitely right to suggest caution. One should only use Flatpaks that come from trusted sources.
Yea thats part of the reason I said generally. As I said, newer to linux and still learning but flatpaks can be more secure because they are sandboxed is my understanding.
That said, you’re not wrong to point it out. Sandboxes arent the be all end all to security of course. Any security is defeated if the end user doesn’t use logic and practice saftey when it comes to downloading any software.
Not really a “anti malware” per se, but you can always set up a separate linux device (like a orange pi zero 3) and set it up as a network ad blocker with nextdns (which apparently it can be (also) a “anti malware” – which I haven’t tested if it is legit or not, but eh.).
To be fair there are known vulnerabilities such as xz in a specific version range that can be detected. While it’s not needed as long as you stay up to date, it might be one avenue to look at
If you have common sense, you do not need a dedicated program.
If you want to be extra sure, then of course you can download ClamAV and/or rkhunter. Still, the average user does not need them.
Good answers here, I’d just add that there are occasional threats like the crazy xz utils backdoor or hardware vulns with Intel, etc., in a practical sense not much to really do there, so just practice good security habits and party on.
I’ve never run one, but good products like crowd strike and Sentinel one exist