I would say the bottom line for desktop Linux security is:
1) Install all OS updates - Yup.
2) Install all browser updates - Yup.
3) Don't install Wine or mono runtime - Er....HUH??
4) Use common sense (which isn't so common) - Definitely!
5) Relax, you're on Linux.
- Indeedy!
Y'know, I never understand this. I've used WINE since I switched to Linux a decade ago, and never had the slightest issue with it, security-wise.
I appreciate that some folks want nothing to do with Windows in any shape or form, but honestly, it beats me where this concept has come from that WINE can attract the full spectrum of Windows-centric malware......
This is no way criticism. I just genuinely
don't understand the above statement..!
~~~~~~~~~~~~~~~~~~~~~~
I use it for exactly two applications. A graphics app called
PhotoScape - from a South Korean outfit called Mooii Tech, which has a very unique combination of tools - and which I've used since it came out around 2009. To get the same functionality under Linux, I would need to install at LEAST half-a-dozen different pieces of software......which
does seem kinda pointless.
It's marketed as a 'fun photo editor'. But trust me, it's capable of SO much more than that when used in the right way.
And then there's Adobe's
Photoshop CS2 suite.....which I actually treated myself to some 20 years ago. Needless to say, this will NOT run under Linux without some kind of Windows emulation layer. I invested a lot of money in this back then, and despite that it's an old version is still plenty powerful enough for me.
These two apps form the backbone of the main toolkit for my 40-yr old graphic design hobby.......and I am intimately familiar with how they work.
Alongside these, I've run the G.I.M.P for more years than I can count. I am also very familiar with how this functions; it, and Photoshop, basically perform the same bunch of operations, since they're both raster graphics editors......just with a slightly different workflow. In fact, I'm so handy with both of 'em, I can switch apps midway through a project & carry on without missing a beat.....
~~~~~~~~~~~~~~~~~~~~~~
I run WINE as 'portable', sandboxed AppImages, from an external USB HDD. I run half-a-dozen different versions, and long ago built a 'switcher' GUI that lets me swap between builds in under 20 seconds.....
And with the unique way in which Puppy works, malware would have a HELL of a time even trying to find it, let alone infect it..! Even if it did - by some miracle - each sandboxed portable can be restored from backups in less than 5 minutes.
Never mind. Each to their own. That's the beauty of Linux; we can do SO much more with it than even Windows fanbois could dream of......and in a much more secure manner.
Mike.