I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
First off, what is generally understood as “AV”, are whole bloated suites, that scan surveil your browser usage, downloads, background processes, ip traffic, etc. They are not only over-the-top, often annoying with false positives (“I still exist, notice the good product!”), always a privacy nightmare and more often than not a mix of security theater and snake oil. But also a gaping security hole, because they need elevated privileges to do their tasks and are at the same time hastily cobbled together software ruines that do dangerous tasks like decoding media.
While the professional “AV” is applying security practices and in some cases (like spam mails) running a heuristical AV scanner over it.
You can of course do that on Desktop too; i’ve set up a ClamAV cronjob for my dads peace of mind. But keep in mind, that the heuristics are always a step behind: don’t trust them blindly.
And btw, Firefox at least, has scans of downloads default enabled now (with a local list, no rivacy risk). Chromium too?