I’m still in the research phase of switching to Linux and don’t know if this concern is reasonable. I’m not tech savvy. I’m comfortable in the windows ecosystem and could use the dos prompt fine when they used it. I played with QBasic and C++ when I was younger and have built a few computers but that was a couple decades+ ago.

My concern is dealing with malware. I know that Linux has less issues with malware than Windows but, as I understand it, that’s primarily because it has a comparatively small market share. I feel like I’m getting into Linux just as it’s getting more popular and that it will get worse if the EU moves away from Microsoft because they will most likely adopt some form of Linux as their new standard. More less tech savvy people like me moving to Linux makes it a juicier target for people who create and use malicious software. It’s not a reason to stay with Windows but is it a reasonable concern? Are there sufficient tools for people who don’t really know what they’re doing to be reasonably secure on Linux and will they keep up if the threat profile expands as Linux picks up more users?

    • pheusie@programming.dev
      1·
      6 hours ago

      Aight. I’ll give you some more then 😜:

      • Don’t expect real-time protection (à la Windows Defender) on Linux. While decent options do exist[1], the better ones come at a premium.
      • Though, related to the previous point, that’s not necessarily a bad thing. The epitome of secure OSes, GrapheneOS (for mobile) and Qubes OS (for desktop), don’t come pre-installed with one either. And I wouldn’t be surprised if their respective maintainers would justify it by stating that proactive security is simply better than reactive security.
      • FWIW, Lynis is a battle-tested security tool used to audit the system. It doesn’t work on Windows, but does on macOS, Linux and some other systems. It even goes as far as granting a numerical rating that represents how well the system performs on security and notes (point-by-point) what could be improved (and sometimes even how). While I would definitely not argue that it’s the be-all and end-all, the numeral rating definitely makes it easy to compare distros at a glance.

      There’s perhaps more to go through, but I believe we should address the elephant in the room:

      How much hardening did you even apply on your current/previous OS?

      Like, if you’ve built a literal fortress, chances are that you’ll have a hard time finding a suitable distro that provides similar protection OOTB. But, if you’re just your average Joe and you just ran with how it came OOTB and at least didn’t try to actively sabotage/compromise their system, then… chances are that a decent amount of mainstream distros will suit you fine. I kinda hinted at it in my previous comment, but a mainstream distro could be fine if you uphold best practices. So, in that scenario, the query shifts to:

      Are you willing to adopt best practices?

      If you’re unsure whether you’ll manage given your wants/needs out of the system, then that would (again) shift the question. This time we’d have to discuss the activities you engage in and ‘decide’ whether there are any distros out there that can handle those gracefully and responsibly.

      Etc. Etc.

      Warning: as you should be aware by now, and if you haven’t yet, see the security entry on the (excellent) ArchWiki and the (infamous[2]) Linux entry on Madaidan’s Insecurities, this can be a pretty ugly rabbit hole. I hope this doesn’t discourage you, though.

      Finally, consider giving answers to the bold and cursive questions 😉.

      1. Ironically, Microsoft Defender for Endpoint on Linux is one of the best out there. ↩︎

      2. Madaidan used to be a security researcher on Whonix. Whonix is one of Linux’ finest when it comes to privacy and security. Heck, it’s involved in the preferred way to engage on the Tor network. It’s even endorsed by Edward Snowden. So, by their efforts/contributions, Madaidan should have rightfully earned the required credentials and be regarded as somewhat of an authority on the subject matter. However, this article wasn’t well-received. From what I saw, the community was mostly dismissive. Disappointingly so. Which…, unfortunately shows that there’s a lot more circle jerking than what we’d all admit to. Anyhow…, FWIW, there was actually a slice of the community that did take it seriously. I’d characterize them as the security-conscious. Furthermore, note that Madaidan hasn’t updated it for a couple of years now. So some of the writings have clearly become outdated. So, to be clear, the situation isn’t as bleak as they described in their article. ↩︎