Have read a lot about ‘Security and Linux’, including the usual replies
Typical scenarios for me however would entail: downloading patches (only from browser, not a download manager), mods, files, movies, songs, trying out programs, self-made or otherwise, torrents, loads of torrents. More importantly, browing the web; for hours and hours at a time; and while yes, i do have uBlock Origin, no, i refuse to add NoScript, more hassle than benefit, plus i can feel it slowing my browser down, extra plus that on a site you’ve never visited before, you’ve most of the times got no clue what parts of it you may be missing entirely.
So with the all above in mind, would you still recommend no “internet security” suite (Eset, Comodo, etc)?
Will admit i’m not so sure how sufficient something like clamAV is. Is it?
Regarding virtualisation, passthroughs, etc etc.
Is it not easier, faster and… safer to just buy a second hard drive and call it a day? One NVMe for Windows, one for Linux. Boot primarily on Linux, add
Sudo os-prober
Sudo pluma /etc/default/grub
Sudo update-grub
And stir gently?
Why all the circumvention? As in, am i missing something vital here?
I’ll try to reply, but won’t claim any authority on any of those subjects.
I personally think that any Security Solution is only adding attack Vectors to your system. As long as you use your PC and the Internet responsibly, you should be fine. Especially on Linux. Just do the usual stuff: Don’t run scripts you don’t understand or 100% trust, don’t use root user for general usage and be conscious about what you provide your Password for. Finally, check suspicious Files online with Virus Total.
Viruses for Linux are rare and generally not easy to get onto your system. Maybe add LVM and Snapshots to your workflow if you really want to be safe. Other than that, i don’t think there is any benefit to Security Software on Linux. They hook into the System and most commercial ones aren’t audited. So you have no clue what Problems they have and wether they make your system more vulnerable.
On Virtualization: If all you care for is getting your games to run, yes a dual boot is easier to get going and faster to set up. For most of us, it’s more about keeping Microsoft as far from our Systems Hardware as possible i think. We like having the option to only run a specific application in Windows while being able to use Linux in parallel for anything else we do. When you Boot Windows, you are in Windows and need to use it for everything besides the game you’re playing atm (communication, Browsing etc). Finally, VM’s can be Snapshotted and are disposable. You can basically nuke the whole thing and have a copy with all the files and installations up in seconds when something goes wrong or you’re again stuck in a endless Update cycle or such.
Once set up a VM is faster to run, easier to maintain and less intrusive on your system, plus it’s basically sandboxed from your physical hardware. But I’m sure there are many people here with more experience on the VM side of things with different motivations and optinions on that matter.
My err, habit? Has been to download stuff in a specific folder just for downloads, scan folder before even accessing it. Not gonna lie, not even sure how you can check something with virus total, or even if that’s possible for all the things i tend to download, before i actually download them (and whether it’s a chore or not, you gotta factor that in too). Will have a look.
Had not considered that… the plot thickens…
And thanks for replying btw; i know how basic this all sounds, but if you don’t ask…
Virus Total is an online Service. You upload a suspicious file and it gets checked against 50 or so of the most common anti Virus engines.
While that’s great, it won’t really work for larger files (couple hundred MB’s of Software or such). For that, ClamAV should generally suffice. But again, there isn’t much in terms of installable Viruses for Linux out there. Nowadays most of the common stuff focuses on Browsers and your Router as they are easier to exploit and running crypto miners is much more profitable than most other schemes.
Not entirely. But just not being a dumbass and keeping up to date with security patches covers you 95%.
Actual drive-by attacks are rare (WannaCry), but do happen. So be sure to have appropriate network security and backups.
Yes. Yes, it is. But not everyone wants to do that. I prefer native/proton for my gaming needs but some take it a step further because that is what they want to do. Which is totally fine. Just important to keep in mind that you don’t have to do pass-thru.
