How do you know that your Linux system isn't infected?

[Trynna3]

Educating myself further. Reading this on a website: https://linuxiac.com/antivirus-on-linux/

"On Windows, there is nothing similar to software repositories in Linux, and you can install any application that you find without any guarantee that it is not malicious software."

Isn't the MS app store an equivalent? This link is from 2021, not sure how long the MS store was around. Wiki says it was around with Win8, which is like over a decade ago.

So far I only installed apps in Linux from the Linux system (need to gain new vocabulary LOL), some were flatpak, some were the other option. All should be safe and certified, right? Could something get sneaked in? There was a story about a trojan downloaded along an app from the MS app store.

When I type a command into the terminal 'apt-get' where does it come from? The same repository as flatpaks and others?

 

[Trynna3]

Also from the website above:
"Malicious software creators usually do what they do for either fame or money. From their perspective, it’s better if they target the most popular platforms.
So why spend their time focusing on Linux when Windows would be easier to exploit and produce better results?"

Watching some presentation of a hacker, from a few years back, I don't know, I might have a mind of a hacker while many Linux users don't, having a false sense of security. But if I was a hacker, I would take it as a challenge to prove the point. Linux can be hacked, too. Imagine the fame such effort would make - in the Linux community. Since I started watching content about it, the algorithm feeds me more and more of it. The community is plentiful. Plenty of ground for fame.
Or just for a personal satisfaction. That's the hacker's mindset. Crack it and who knows, a lot of money can be on the way from a wealthy Linux user.

 

[CaffeineAddict]

Isn't the MS app store an equivalent? This link is from 2021, not sure how long the MS store was around. Wiki says it was around with Win8, which is like over a decade ago.

MS is pushing hard to copy\paste Linux way of installing things, however it's currently limited to development packages not to regular software.
Most popular such package managers are vcpkg, nuget, dotnet and PowerShell Gallery.

All should be safe and certified, right? Could something get sneaked in? There was a story about a trojan downloaded along an app from the MS app store.

It's highly unlikely for store apps to be malware due to security measures put in place, but it's not impossible, however if that happens this trojan would have very limited access to system because store apps are individual to current user, they're not system wide programs.

Some do require Admin elevation but you can be very safe about them if you pay attention to who is developer and if your account is not Administrator.

 

[Trynna3]

A user specific malware is bad enough for me, if I do internet banking or payments.
Or cookie sessions stolen. Those bother me more than a plain ransomware encrypting everything (without leaking all the sensitive info). I have backups and can restore system myself if that happened. But having my sensitive info leaked (even for a period of time without me knowing) and then my bank accounts wiped out via some elaborative clever way, that would hurt.

 

[CaffeineAddict]

A user specific malware is bad enough for me, if I do internet banking or payments.
Or cookie sessions stolen.

The best defense against this is to have a separate user account on your PC that serves no other purpose but to do banking and sensitive stuff.
And the other user account is only used to daily browsing.

From time to time you can delete and recreate user account to get rid of all of the potential malware that is user level without affecting your other account.

"Malicious software creators usually do what they do for either fame or money. From their perspective, it’s better if they target the most popular platforms.

They target Windows because it's breeding with user base not because Windows is special in this or that.

Also programming on Windows is way easier than on Linux, you have MS docs which literary explain every API to you including API's that are used to create trojans and crypters. it's all on the internet easy accessible and well documented, but good luck on Linux if you have no knowledge because you'll suffer to make anything.

 

[Trynna3]

Also programming on Windows is way easier than on Linux, you have MS docs which literary explain every API to you including API's that are used to create trojans and crypters. it's all on the internet easy accessible and well documented, but good luck on Linux if you have no knowledge because you'll suffer to make anything.

I haven't done programming, so I cannot tell. But with AI it shouldn't be such an obstacle in Linux in the near future. And when I looked at uni courses for computer sciences, Linux is in their curriculum, so more and more folks will know Linux. And then there is a marketplace with malware on the dark web. You can literally buy a malicious script, quite cheaply. Now Asian countries lead in coding in their schools, while the Western ones are rather behind. Keep an eye on the East.

 

[Trenix25]

Also from the website above:
"Malicious software creators usually do what they do for either fame or money. From their perspective, it’s better if they target the most popular platforms.
So why spend their time focusing on Linux when Windows would be easier to exploit and produce better results?"

Watching some presentation of a hacker, from a few years back, I don't know, I might have a mind of a hacker while many Linux users don't, having a false sense of security. But if I was a hacker, I would take it as a challenge to prove the point. Linux can be hacked, too. Imagine the fame such effort would make - in the Linux community. Since I started watching content about it, the algorithm feeds me more and more of it. The community is plentiful. Plenty of ground for fame.
Or just for a personal satisfaction. That's the hacker's mindset. Crack it and who knows, a lot of money can be on the way from a wealthy Linux user.

Hacking really isn't about fame or fortune, for the good guys anyway. It's about helping people secure their stuff. Not being able to break in is actually good news for the good guys to deliver. A grey hat or black hat will get upset when they can't get in.

Signed,

Matthew Campbell

 

[Trenix25]

The best defense against this is to have a separate user account on your PC that serves no other purpose but to do banking and sensitive stuff.
And the other user account is only used to daily browsing.

From time to time you can delete and recreate user account to get rid of all of the potential malware that is user level without affecting your other account.


They target Windows because it's breeding with user base not because Windows is special in this or that.

Also programming on Windows is way easier than on Linux, you have MS docs which literary explain every API to you including API's that are used to create trojans and crypters. it's all on the internet easy accessible and well documented, but good luck on Linux if you have no knowledge because you'll suffer to make anything.

Many programs and the Linux kernel itself are open source. It doesn't get better than that.

Signed,

Matthew Campbell