Nearly everyday, I'm told that users of Linux distros don't need to worry about malware on their computers. After all, many newer users rationalize that since most malware targets Windows, securing a Linux based workstation is a non-issue.
My response to these individuals is that anything that executes code is potentially in danger from malware of one form or another. Realizing this, I thought it might be interesting to look at how the threat of malware and other security issues might be something Ubuntu users should be more aware of.
It begins with unknown commands
I consider anything that threatens my PC’s stability and/or security to be a potential threat. With this in mind, I submit that even a simple line of code is a security threat.
In the hands of knowledgeable users, on the other hand, this same line of code is considered a tool for accomplishing a task. As with any operating system, how the code is used and the context it's presented in will dictate whether it's a threat.
The same code I linked to above, presented to a newbie Ubuntu user, could spell real trouble. Without thinking, a newbie tends to punch in their password without a second thought.
This in turn leads to a whirlwind of opportunity for newer Ubuntu users to get themselves in trouble. Worse, as things stand now, there is nothing out there except experience that prevents newbies from making code execution mistakes.
While it may not be a big deal yet, wait until it's bundled into an executable file that someone runs. Perhaps then, basic workstation security will be taken a little more seriously.
No IT available
For many companies out there, this is an IT problem. This means that everything is already taken care of, leaving the typical end user to do what they need to do.
Unfortunately, though, there are a multitude of companies, that may not have the luxury of ongoing support. Perhaps it's a two-person company and they're using Ubuntu to save on licensing costs? They could literally be running the entire enterprise from a book and a little bit of knowhow. We like to think this isn't happening, however in these economic times, people are cutting back and that means more are doing it themselves without help from an IT department.
For companies and uses in this kind of situation, below I’m offering my recommended list of security software options that are easy to use and reasonably effective. In this list, I will focus primarily on Ubuntu software that works best for workstation users.
Ask any experienced Linux enthusiast and chances are they will laugh at you if you inquire about running an antivirus on your workstation.
Why? Because at this time, there really isn't enough of an immediate threat to cause anyone to install this kind of security software. The very idea seems really silly to many people.
Now here's the reality check: Running decent antivirus software makes a lot of sense if you interact with Windows computers, especially when sending files back and forth. Just because Windows malware isn't going to affect your Linux workstation doesn't mean that you can't accidentally share something that might harm someone else.
One of my all-time favorite examples was discovering an infected file on my own system. Even though it posed no threat to me, it was still possible that I could have shared it with a PC, which would have been affected. This left me with two choices. Forget about it and assume this will never be a problem, or instead, install a simple-to-use antivirus software solution to keep the system clean.
I have used a lot of antivirus software programs on Linux over the years. And on Ubuntu specifically, I've found that these programs are generally the best all-around performers.
ClamAV/ClamTK: With both of the Clam antivirus options here, you'll be working with open source software. ClamAV offers reliable CLI antivirus control while ClamTK allows GTK users to enjoy the same functionality with a fairly simple user interface. Scan specific locations, or setup scanning on a schedule is easy to do as well.
The downside to both Clam antivirus options is that updating the GUI and the engine isn't happening via your repository updates on Ubuntu. And all ClamTK will do is alert you to something being out of date, so you'll have to update it manually. If I was going to use Clam antivirus, I'd lean toward the CLI ClamAV with its switches and options.
Bitdefender for Unices (Unix/Linux): Unlike the free, open source option above, Bitdefender isn't for everyone. However, Bitdefender provides outstanding antivirus/anti-malware software.
While I'm not a huge fan of setting myself up for a sales call when downloading the app, it makes sense as this is an enterprise tool offered as trialware. Unfortunately, merely trying to get to the software itself is a royal pain. I followed up with the web form, yet I am still waiting to see the download links. Very disappointing.
I cringe at the thought of this, but I wonder if Bitdefender is actually sending out these emails manually? If so, they are most definitely losing potential leads. Even if it's an issue with my own mail server, I should have been presented with a download link immediately after completing the form. This is customer lead generation 101.
The touted feature set includes tight desktop integration, archive and mailbox scanning. Even though I wasn't able to try out the latest version, I was impressed that Bitdefender offers an app, scheduled software and definition updates. Bitdefender is compatible with both 32-bit and 64-bit Linux distributions.
Avast! Antivirus: Avast is offering their software in the right way. I can immediately download and install it. With regard to functionality, it's on par with Bitdefender. When I installed it on my 64-bit PC, it installed using Gdebi without any issues whatsoever.