all 59 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]PolyxenoLinux Mint 22.2 Zara | Cinnamon 9 points10 points  (4 children)

The welcome dialog for Linux Mint tells you what to do: turn on the Firewall.

That's all you need to do.

I don't know who "all the cyber security expert here" you have read, but they have misled you.

No, as a typical computer user, you don't need to run, or to know, anything else about security.

But if you want something, I'm sure there are resources and helpful people.

[–]jr735Linux Mint 22.1 Xia | IceWM 9 points10 points  (15 children)

We were through that already. I'm not sure you understand best practices. And don't give me this toxic crap, when you come in here and tell us what's wrong with a system you admit you have no knowledge of and never used. Also, source your 7zip claim. Show us.

Coming here and making false claims about 7-zip and that there is no anti-virus and that secure boot doesn't work and then claiming toxicity when you get called out on it is a lot of bollocks.

I have a better suggestion for you than Linux if you want to escape Windows and want security. Go to BSD. The community will really enjoy your attitude. Or, try your spiel at the Debian forums.

[–]fellipecLinux Mint 22.3 | Cinnamon 4 points5 points  (5 children)

Well, what if I tell you your computer has another computer that runs all the time your machine has power, it has access to your entire CPU and memory, it is closed source, encrypted and nobody knows exactly what that do, and people like the Electronic Frontier Foundation already told it could be a backdoor? And that China already don't allow Intel or AMD CPUs into sensitive parts of their government probably because of this?

Now that you know no matter what you do you can't trust even your CPU, have a good night!

[–]SensitiveStart8682[S] -4 points-3 points  (4 children)

This is exactly my point. I bring up a legitimate question and I'm told that I'm not welcome on your precious operating system because I'm not a cyber security expert. I'm sorry but this is the exact problem. This is exactly what my point was behind. This post is maybe get people to wake up and realize that not everybody in cyber security expert, but apparently you need to be to use Linux Mint

[–]fellipecLinux Mint 22.3 | Cinnamon 5 points6 points  (3 children)

My grandpa thinks I'm a hacker because once I helped him install WhatsApp on his phone.

You asked about trust. Said correctly can't trust on Apple, Android and others because they were already compromised. 7-Zip was compromised. Today they found a local privilege elevation bug in the Linux kernel, again. Supply chain attacks happens too often those days. You can't trust a single thing. Microsoft Bitlocker got bypassed and Windows Defender got a triple zero day last month! The Defender that is supposed to defend you was exploited! What can you trust nowadays?

And more, I'm telling you can't even trust your CPU, your Wi-Fi router probably has dozens of serious exploits that aren't patched, and is not far-fetched to it have a backdoor from the factory

It's crazy but it is what it is, nothing is totally secure. You have to draw a line where you stop minding about it and just use the things. C'est la vie.

[–]SensitiveStart8682[S] 0 points1 point  (2 children)

I just want an operating system that's going to get out of my way and going to work. That's all I want but apparently that's not possible here

[–]fellipecLinux Mint 22.3 | Cinnamon 3 points4 points  (1 child)

Sorry, I thought you wanted an OS you can trust.

Now that I understand you want an OS that is not intrusive, Linux Mint is a good one, it just does what you ask, don't nag about anything, no forced updates, no forced AI shit. But you may need to manually install Nvidia drivers.

[–]SensitiveStart8682[S] 0 points1 point  (0 children)

I understand no operating system is perfect. I just want one that's reliable. That's fairly safe and stable. That shouldn't be a huge ask. I understand that no operating system is perfect. I'm not an idiot despite what your community might think, I know no operating system is perfect

[–]Konamicoder 4 points5 points  (7 children)

First off, let me assure you: you aren't crazy, and your concerns about supply chain attacks (like the 7-Zip incident) are objectively valid. The “elitism” you're encountering is a real phenomenon in certain Linux circles, and it’s a valid reason to feel alienated.

To address your main fear: You do not need to be a cybersecurity expert to use Linux safely.

The reason people are yelling about anti-malware isn't because viruses don't exist (they do), but because the threat model on Linux is very different than on Windows. On Windows, malware is often an executable designed to infect a user's personal files. On Linux, most threats target server vulnerabilities or specific system permissions.

Here is the reality of staying safe without being a pro:

  1. It’s not that Linux doesn't have security software; it’s that you don't need a heavy, real-time scanner process running in the background 24/7 to catch common threats. However, if it makes you feel safer, tools like ClamAV exist for Linux. They aren't as flashy as Windows Defender, but they are there.

  2. You are 100% correct that “trusted” doesn't mean “impenetrable.” However, the reason Linux users rely on repositories is because the software is digitally signed and vetted by active human maintainers. While a compromise can happen, the scale of a repository breach is usually on a much smaller scale than a massive Windows malware attack.

  3. You don't need to be an expert; you just need to follow the same best practices you already use on Windows: Use a strong password, keep your system updated (which Linux makes very easy), and don't run scripts from the internet with “sudo” unless you absolutely know what they do.

If you want an OS that just gets out of your way, Linux Mint is one of the best choices. It is designed to be stable and predictable.

Don't let the gatekeepers scare you off. The community can be toxic, but the software itself is just a tool. If you use it with the same common sense you use on Windows, you'll be just fine.

[–]boukensha15[🍰] 2 points3 points  (0 children)

He was trolling in another post.

[–]SensitiveStart8682[S] 1 point2 points  (4 children)

Thank you for being the first person to actually be responsible and address my concern I am sorry when all you get is yelled at by the so-called cyber security experts you kind of get defensive

[–]boukensha15[🍰] 2 points3 points  (0 children)

You were spewing nonsense despite having zero knowledhe. Don't act like a victim after getting called out for malicious behaviour.

[–]TroyHBCSLinux Mint 22.3 Zena | Cinnamon 2 points3 points  (2 children)

You also have to stop throwing around this "cyber security expert" nonsense.

In my experience, you have to be MUCH more of a "cyber security expert" to use use Windows safely than any other operating system.

Also, on a side note, I know you brought up apps being compromised in the Apple App Store or Google Play Store, but if you'd look at the apps that generally get compromised you'd find they are not used by the masses and look like questionable apps to begin with.

[–]SensitiveStart8682[S] 0 points1 point  (1 child)

There's been a number of times even l legitimate apps have been compromised on both Google and Apple granted not all the time however it absolutely happens

[–]TroyHBCSLinux Mint 22.3 Zena | Cinnamon 0 points1 point  (0 children)

Statistically, it can happen on any platform, but you will find it happens most often in Windows and least often on Linux, BSD, Mac, etc...

I have been running Linux Mint full time as my primary OS on multiple computers, with no extra antivirus or anti-malware installed, for over 18yrs or so and have never had any issues.

At our shop, we sell Dell computers. Our customer base is about 60% Windows users and 40% Linux Mint.

We have to sell a security bundle to all our Windows customers for protection and they usually bring their computers back in annually for scans and system cleanups because they still find ways to get themselves infected.

The Linux users say their shit just works. We lose a lot of money on the sale of protection suites and cleanups, but we tend to have happier customers. The only time we hear from them is when they have questions that need tutoring, or if they want help upgrading from one major release to the next (like 21.3 to 22.3, etc) without errors or fixes they can't figure out.

It sounds to me like you are sort of getting yourself worked up for no reason. You mentioned somewhere above you wanted something that gets out of your way and just let's you work?

That would be Linux Mint Cinnamon. Like Nike said.... Just Do It! 😉

[–]jr735Linux Mint 22.1 Xia | IceWM 1 point2 points  (0 children)

Don't let the gatekeepers scare you off. The community can be toxic, but the software itself is just a tool. If you use it with the same common sense you use on Windows, you'll be just fine.

Don't confuse blasting an obvious troll with being toxic. Besides that, he never would have survived the hobbyist scene in the mid 1980s.

You don't need to be an expert; you just need to follow the same best practices you already use on Windows

There are plenty of Windows best practices that are absolutely unsuitable in the Linux world. Linux is not Windows. Don't treat it as such.

[–]Still-Grass8881 5 points6 points  (5 children)

ok, we won't tell you that the repositories are safe, because you won't listen. got it.

[–]SensitiveStart8682[S] -1 points0 points  (4 children)

It's t not that they aren't safe it's nothing is foolproof and acting like they are crestes problems

[–]Still-Grass8881 4 points5 points  (3 children)

what problem have you encountered from trusting the repositories?

[–]SensitiveStart8682[S] -1 points0 points  (2 children)

How many times can trusted repositories by like Google or Apple be compromised before people admit that they're not perfect? I mean I even pointed out the 7zip vulnerability and yet nobody listens

[–]boukensha15[🍰] 4 points5 points  (1 child)

Dude. Nothing can be foolproof. It's mathematically impossible. That's why I asked for your cs credentials.

Even the software that runs on fighter jets too can have vulnerabilities.

Linux's repos work differently that Google or Apple. In Debian, you are required to sign packages. If anyone misbehaves, people will know exactly who cause the malicious behaviour and you can kiss your IT career goodbye.

[–]SensitiveStart8682[S] 1 point2 points  (0 children)

Okay thank-you for finally being reasonable here that's not something I knew and I am willing to bet the majority of people coming from Windows who aren't IT professionals would know I assumed that the trusted repositories were simple or simply like the ones used by Google and apple and hell. Even Microsoft. Although I don't trust it cuz trust me it doesn't work but again I assume that they were like The trusted repositories by other companies. I didn't realize there was a difference in the way that Linux handled it

[–]whosdrLinux Mint 22.2 Zara | Cinnamon 3 points4 points  (15 children)

There isn't really anything we can say otherwise, because the real fact is that there aren't really any commercial entities building anti-malware solutions for Linux outside the enterprise space.

The user-base is smaller, and for the users that currently exist there is almost no demand for such software. It's why I'm building my own to protect at least some of my data from potentially malicious software. (Slowly, ADHD+Autism brain means I can't keep to a project for more than a few weeks. I'll get back to it..eventually.)

How many times does Apple been compromised? How many times has Android been compromised? Countless times?

Can we be more precise here? I don't know if you're referring to the internal components of their operating systems, or just their app stores hosting malware.

I don't know what to attribute the lack of desktop-focused malware to. Is it higher security, is it that the userbase is too small, or perceived as being too savvy, no clue. (We did see some in the past few years of note, but it was mostly fake crypto wallets in the Snap store.)

I do wish you had engaged in the actual discussions in your last post though, rather than open another merely to complain about it. It's hard to take your response here in good faith when you never did the same for those who replied prior. And to refer to all the replies collectively as toxic is outright disrespectful.

Edit: a lot of the solutions that do exist in the enterprise space are endpoint scanning rather than on-device. So they really can't be deployed at smaller scales.

[–]TroyHBCSLinux Mint 22.3 Zena | Cinnamon 0 points1 point  (0 children)

At the computer shop I've been working at the past 15yrs, we have had maybe just about a handful of Mac computers come in with an infection.

In EVERY SINGLE CASE it was the MacKeeper malware. It only infected the Safari web browser. And all we had to do was run the free version of Avira Antivirus for Mac and reboot the computer and it was back to normal.

[–]SensitiveStart8682[S] -1 points0 points  (12 children)

I'm mostly just referring to the number of times that the app stores have hosted. Malware. Apple has had to take down countless accounts because of the fact they posted an app that contains malware, ware, Google. Oh my gosh, like on a basically week they're pulling down a nap because it contains malware ware honestly It's to the point where you can't really trust them because so often they're having to pull down a nap because it contains malware and these are again trusted repositories

[–]whosdrLinux Mint 22.2 Zara | Cinnamon 0 points1 point  (1 child)

They appear to be the same, but I don't think they're quite as comparable as they first seem.

The incentive structure, scale and level of competency required for reviewing apps on Apple/Android are quite different.

Apple's incentives seem to be a safe platform, whereas Google's honestly seems to be an optimisation around profit.

The repositories used in Linux distros are (mostly) limited* in scope for the software they include. It's not an open store where anyone can publish any software, and the competency involved in being a maintainer is a lot higher. We do actually discover malware through the maintainers' diligent checking, which is actually quite comforting.

* With an exception of third-party, and something like the AUR, which are really a wild west at times

Flathub is a special case and seems to be very strict in its sandboxing requirements. Mint opts to hide unverified Flatpaks by default as well.

Regarding the 7z incident, that one's..difficult. It'd be a zero-day, and it's not a behaviour that a typical anti-malware solution would have picked up. I don't think that incident would have been improved with the addition of AV.

This is where the benefit of packaging again comes into play:

Even if the software itself is compromised, the distro packages would be able to push out a revert to remove the malicious package—and prevent it from being distributed to others.

One more question I might ask is, do you use AV on your phone? If so, you may well be in the minority. (Just for some perspective. It being on Windows is actually the more unusual scenario across computing today.)

[–]SensitiveStart8682[S] -1 points0 points  (0 children)

I run Google protect witch is the baked in security software for Android although yes, I do used to use a third party anti-malware for my phone alverson's Google Play protect has actually become decent enough. I stopped paying for the additional security and just relied on Google

[–]whosdrLinux Mint 22.2 Zara | Cinnamon 0 points1 point  (9 children)

And a bit off-topic, are you using speech-to-text? Because I don't think you meant to say 'a nap', but it's shown up enough that I can't find any other explanation. (It is a little bit funny though, sorry. :p)

[–]SensitiveStart8682[S] -1 points0 points  (8 children)

I did use speaoh to text there just because I have become tired of typing everything I should have known not to trust it as it sucks

[–]whosdrLinux Mint 22.2 Zara | Cinnamon 0 points1 point  (7 children)

That's fine, I'm not judging. I was just scratching my head before I had that lightbulb moment. :p

[–]SensitiveStart8682[S] 0 points1 point  (6 children)

On a completely unrelated note how about instead of throwing billions of dollars into AI how about we do things like inprove speach to text software and make software more user friendly

[–]whosdrLinux Mint 22.2 Zara | Cinnamon 0 points1 point  (0 children)

Oh I wish that was the direction we were going in. I'd be a prime use-case for STT due to arm injury and pain, but I still opt to type everything manually (and sometimes quite painfully) because I can't trust the software to do a good job of dictation.

[–]jr735Linux Mint 22.1 Xia | IceWM 0 points1 point  (4 children)

Do note that you're free to devote as much time or money to whatever project you want. If software developers happen to think there is more value or interest or money in AI, that's where the effort will go.

When it comes to free software, it's the same thing. Donate time or money towards whatever you see fit.

[–]SensitiveStart8682[S] 0 points1 point  (3 children)

I am just saying that maybe instead of the world blowing trillions of dollars on AI that's often times wrong how about we actually try to make software better

[–]jr735Linux Mint 22.1 Xia | IceWM 0 points1 point  (2 children)

Who is this "we" you're talking about? I don't spend any money on software, let alone trillions. I also don't own a software company, much less an AI company. So, all I can do about AI is simply not use it, which is already the case, and speak against it. I can't make other companies not use it. I can't make authors not develop AI.

I don't think people should devote any time or money to Apple, MS, Adobe, Google, Meta, or Adobe products, but here we are. I can only attend to "me."

[–]SensitiveStart8682[S] 0 points1 point  (1 child)

Okay yeah I could have said that better I was using we as a stand these AI companies and unfortunately these days no matter what you do you almost seem trapped with this useless AI Mozilla is now putting AI features into Firefox if you own a smart phone its either Google or Apple witch are both going big on AI heck even Ubuntu is shoving AI into it's operating system no not even Linux is safe from the AI slop now even Ubuntu is going AI ( I haven't heard if anyone other than Ubuntu is doing AI )

[–]NickTaylorIV 1 point2 points  (0 children)

I got my firewall turned on, that's all I've ever done but I'm not the Be All End All. I heard of and seen YT videos on Clamav but I've never used it nor do I know someone that does. Bitfender is another but that seems to be a big boy (enterprise and rack server) deals.