Can you catch a virus or malware on Linux? How do you protect yourself against these?

Can you catch a virus or malware on Linux? How do you protect yourself against these?

Attached: 1469026633458.jpg (247x236, 27K)

In theory? But it is not easily going to happen in package managers.

Install packages from the your distro's package manager, as usual.

>yes
>common sense

PS: Also have a backup. Run borgbackup or rsync or whatever to your NAS or your storage cloud once a day, week or whatever you deem right

well, you do have antivirus apos for your phone, so yes

>Can you catch a virus or malware on Linux?
Yes, its open source, so hackers can just look at the source code and find vulnerabilities

>How do you protect yourself against these?
Run clamav 24/7

Theoretically. In practice it will never happen because you normally only download things with your package manager and any virus you would get from the pirate bay or whatever would be designed for windows.
>Yes, its open source, so hackers can just look at the source code and find vulnerabilities.

Attached: brainlet.jpg (645x729, 48K)

What about ransomeware? Linux is susceptible to those

wipe disk, reinstall. easy

So if I compile something from github is there a chance I might get rekt?
Not OP btw.

You do have a backup, right?

Yes, but compiling and then running a fucking virus on your own PC would be an incredibly imbecile thing to do.

Ransomware is a kind of payload, once you comporimise a system you can run any kind of payload. I don't see how you could get something like that from normal linux use.
I mean if you go hunting down for some obscure malware there could be something on there. But it's be extremely unlikely.

unless you use Arch, lol

if they don't have access to root, you are fine

>Can you catch a virus or malware on Linux?
yeah, there are a bunch out there. Linux is pretty common on servers, which are high value targets.
>How do you protect yourself against these?
keep all your software up to date and check for CVEs. Gentoo offers a program called glsa-check which checks if any programs installed through portage have known vulnerabilities.
make sure the checksums match on any software you download. ideally only download packages that are pgp signed.
if you really want to be secure, you can use containers and SELinux. firejail seems to be the easiest to set up, but I'm not sure if it's less secure than a chroot. You can always just spin up a VM if you want that extra security.
also uninstall flash.
for virus scanners, rkhunter and chkrootkit are ok.
people have gotten some windows ransomware to run through WINE.
there was also a post on the gentoo forums about someone who managed to get some ransomware while running firefox as root.

>running your browser as root
>running untrusted software as root
>letting someone physically access your device
That's about it.

>implying malware needs root privileges to do damage

>fucking up your permissions so bad that malware can do permanent damage
>not making regular fs backups
Enjoy your second-rate experience

>running untrusted software

By nature, all software you've never used before is untrusted, until you use it enough to trust it.

If there's a bug in your browser, you're fucked. A good exploit will get around ASLR and DEP. All you need to do is go to a malicious link and full remote access can be gained most of the time.

The last CVE for remote code execution wasn't too long ago.

>permanent damage
unless your board has a bad firmware implementation, nothing can't be fixed by wiping the drive and reinstalling/cloning from a backup.
>not making regular fs backups
you shouldn't be able to access your fs backups even with root privileges.
>university course needs me to use flash player/obscure windows program
it pisses me off, but I had a couple of courses that required this. I just used a VM.

Yes, linux can be virused. I would not believe anyone who told me Linux is safer than using Windows, if the user of that Linux system has no training in securing a computer system. Users often leave themselves in a vulnerable situation when using software, web browsers, etc. Unless you can look through the source code and know what you are trying to identify you can never be certain that the source code you are using is not compromised in some way.

Linux is only a secure as the person using the computer. If they make stupid decisions such as browsing the web as a root user then no, linux is not safe at all. If the person uses an unsecured public browser to login using webmin, or some other method, remotely as root onto their home server, no it is not safe.
If you browse porn websites etc etc as a user and do not use script blockers and ad blockers you run some risks. No system is safe it isnt the system its the user that is safe or unsafe

That is true. If you run wine your linux system is compromised if you then run infected software on it

>A good exploit will get around ASLR and DEP
I use Gentoo, so my browser has a unique binary layout, so any generic attack will probably fail.
>All you need to do is go to a malicious link and full remote access can be gained most of the time
if you use umatrix, you can control what resources your browser will allow, which will let you drastically reduce your attack surface.
you should run WINE in a chroot/firejail if anything is untrusted for this reason.

Yes easily it's called systemd and you can't get rid of it

Windows users tell me if i send them files with viruses. Basically i don't give a shit, since it's linux.

Attached: tyrone.jpg (620x670, 52K)

I had someone flip some bits in a kernel months ago, so of course.

Who cares though? If you've got something to hide, then run a secure OS like TempleOS.

AUR packages, more often than not are dangerous not becomes of an ill intended mantainer, but because they make shitty scripts that delete your home folder by accident.

>borg

I'd just like to interject for a moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called "Linux", and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux" distributions are really distributions of GNU/Linux.

Attached: 1518298101485.jpg (543x779, 101K)

>implying that isn't worse

What if your package manager doesn't have the shit you're looking for, or even more commonly - it's way out of date?

How do you check what version of common sense is being run

It's pretty great actually

Add a backports or vendor repository and install lone updated packages as needed. If nothing else works, use a user-managed repository from a developer you trust (and even then I prefer to only pull source packages from them and build them myself).

No, Richard, it's 'Linux', not 'GNU/Linux'. The most important contributions that the FSF made to Linux were the creation of the GPL and the GCC compiler. Those are fine and inspired products. GCC is a monumental achievement and has earned you, RMS, and the Free Software Foundation countless kudos and much appreciation. Following are some reasons for you to mull over, including some already answered in your FAQ. One guy, Linus Torvalds, used GCC to make his operating system (yes, Linux is an OS -- more on this later). He named it 'Linux' with a little help from his friends. Why doesn't he call it GNU/Linux? Because he wrote it, with more help from his friends, not you. You named your stuff, I named my stuff -- including the software I wrote using GCC -- and Linus named his stuff. The proper name is Linux because Linus Torvalds says so. Linus has spoken. Accept his authority. To do otherwise is to become a nag. You don't want to be known as a nag, do you? (An operating system) != (a distribution). Linux is an operating system. By my definition, an operating system is that software which provides and limits access to hardware resources on a computer. That definition applies whereever you see Linux in use. However, Linux is usually distributed with a collection of utilities and applications to make it easily configurable as a desktop system, a server, a development box, or a graphics workstation, or whatever the user needs. In such a configuration, we have a Linux (based) distribution. Therein lies your strongest argument for the unwieldy title 'GNU/Linux' (when said bundled software is largely from the FSF). Go bug the distribution makers on that one. Take your beef to Red Hat, Mandrake, and Slackware. At least there you have an argument. Linux alone is an operating system that can be used in various applications without any GNU software whatsoever. Embedded applications come to mind as an obvious example.

Attached: 1499684913853.jpg (442x293, 10K)

Next, even if we limit the GNU/Linux title to the GNU-based Linux distributions, we run into another obvious problem. XFree86 may well be more important to a particular Linux installation than the sum of all the GNU contributions. More properly, shouldn't the distribution be called XFree86/Linux? Or, at a minimum, XFree86/GNU/Linux? Of course, it would be rather arbitrary to draw the line there when many other fine contributions go unlisted. Yes, I know you've heard this one before. Get used to it. You'll keep hearing it until you can cleanly counter it. You seem to like the lines-of-code metric. There are many lines of GNU code in a typical Linux distribution. You seem to suggest that (more LOC) == (more important). However, I submit to you that raw LOC numbers do not directly correlate with importance. I would suggest that clock cycles spent on code is a better metric. For example, if my system spends 90% of its time executing XFree86 code, XFree86 is probably the single most important collection of code on my system. Even if I loaded ten times as many lines of useless bloatware on my system and I never excuted that bloatware, it certainly isn't more important code than XFree86. Obviously, this metric isn't perfect either, but LOC really, really sucks. Please refrain from using it ever again in supporting any argument. Last, I'd like to point out that we Linux and GNU users shouldn't be fighting among ourselves over naming other people's software. But what the heck, I'm in a bad mood now. I think I'm feeling sufficiently obnoxious to make the point that GCC is so very famous and, yes, so very useful only because Linux was developed. In a show of proper respect and gratitude, shouldn't you and everyone refer to GCC as 'the Linux compiler'? Or at least, 'Linux GCC'? Seriously, where would your masterpiece be without Linux? Languishing with the HURD? If there is a moral buried in this rant, maybe it is this:

Be grateful for your abilities and your incredible success and your considerable fame. Continue to use that success and fame for good, not evil. Also, be especially grateful for Linux' huge contribution to that success. You, RMS, the Free Software Foundation, and GNU software have reached their current high profiles largely on the back of Linux. You have changed the world. Now, go forth and don't be a nag. Thanks for listening.

>you should run WINE in a chroot/firejail if anything is untrusted for this reason.

How is it possible a Malware designed for Windows affects my LinuxDristro?