I know that Linux is more secure than Windows and normally doesn’t need an antivirus, but know myself I’m gonna end up downloading something at some point from somewhere on the internet, and it would be good to be prepared. So, which antivirus would you recommend for Linux (Mint specifically) just to double up on security?
DISCLAIMER
I am not a computer security expert, merely a hobbyist having read some blogs from people who sounded smart. It is more than probable that I am mistaken in one or more parts of this post.
Linux is not more secure than Windows. By default, it’s actually considerably more vulnerable than Windows. Source
In my opinion an antivirus doesn’t really solve your problem. What you actually want is sandboxing, which means restricting user and program privileges. I recommend getting familiar with SELinux (or alternatively AppArmor, although it isn’t nearly as effective) and bubblewrap (or alernatively Firejail, which requires root privileges to run and is thus a bigger threat vector than bubblewrap).
Aside from that just disable any service you aren’t using (like ssh), use a deny-all-allow-some firewall, and verify what you download. If the link says “100% REAL 1 MILLION FREE ROBUX DOWNLOAD CLICK HERE NOW”, then maybe don’t click there.
Because even an antivirus won’t help you if you download malware, which isn’t compiled by skids who lifted the code from some darknet hacker forum. Antivirus isn’t some magical tool which makes your computer inherently more secure. Meaning you can’t offload your responsibilty to a program running with kernel level privileges. Your computer, your responsibilty.
P.S: If you want a more secure computer, I’d recommend a minimal and/or rolling release distro (openSUSE, Arch, Void, Debian) or FreeBSD/OpenBSD (BSD variants mitigate many of Linux’s inherent flaws).
The best security is to limit your risk vector.
Like you said Anti-viruses aren’t some magic bullet, in university a bunch of us wrote Malware and wrecked each other’s lab computers or did things like having the whole Lab’s computers CD trays open at 10am every morning.
The AV didn’t pick up any of them and we barely knew what we were doing.
Afik, AV’s mostly scan for known threats
Old AV did. Modern AV (like, the last 10+ years) is behavioral. They still scan for signatures too, but they primarily work by analyzing software’s behavior for known or unusual techniques.
I’d be curious to rewrite some of the malware we made in class and see if AVs would pick it up now.
Most of them didn’t make any network calls etc. they would just mess with your files and system Things like Set background to Justin-Bieber, play Justin-Bieber randomly, we were very mature