I used to bother with AV on Linux, not to protect Linux, but in order to prevent passing a virus on to my Windows using friends. However, I decided that there wasn't a need to slow my email system down to protect them because 95% of them already have one or more infections. Another one isn't going to make much of a difference.

To maintain my Kubuntu as secure as possible I keep a firewall up so that NONE of my ports respond to an ACK or echo a PING, and java applets are not allowed to run while browsing. I also run RKHunter and ChkRootKit daily. They run as a cron script and email me reports of any changes. They have conf files in /etc and their cron scripts are in /etc/cron.daily. The only change reports I get are those when files upgrade via the repository auto upgrade.

I've been using Linux since 1998 and I have never even seen a Linux virus, much less get an infection.

ClamAV has been updated a number of times since that review was written. It's the standard for mail servers -- I used it when I built my Postfix/Dovecot server -- so it's at least worth checking out. It does include a daemon.

I usually install RK Hunter and leave it at that. If the win-tards get viruses, it's not my fault or problem. I'm more than happy to help them install and set up any linux distro, of course.

I have never known or heard of any linux user who has actually had a virus of any kind on their system. Not even anecdotally. Excepting Android possibly, but that may be "scareware" too.

Hey, did I just coin a new term? 8)

I'm not aware of any Linux anti-virus package that meets the specifications you've stated. All of the ones I've heard of only scan for windows viruses, and few if any of them run constantly in the background. Even ignoring all that, no antivirus for any OS provides adequate protection for the scenario you outlined (a newly written "0-day" virus).

If you want to have a Linux anti-virus package regardless, then according to TechRadar's review, Avast! and BitDefender seem like the best ones.

I REALLY don't miss all that, just made my head spin looking at it.

Edit: as a matter of fact, I would bet there is a pimply faced 12 year old out there writing something for Linux as we speak, that being said, am going to install an anti-virus package, any recommendations? One that runs in the background, full time?

A 2011 report and infographic from Symantec makes the case that such infections are one the rise. Hm...

Did you mean low-level format? And why couldn't you re-install? Low-level (FULL zero out of the drive) is the only thing that truly gets rid of ALL pesky Win-DOHs viruses, otherwise the 'file(s)' are still there, they are just not 'visible' because of the new file allocation table, and yes, they do crop back up, persistent buggers. Bin dair, dun dat.

Sadly, I became quite proficient at identify and having to manually remove viruses because so-called 3rd party anti-virus suites pretty much just sucked, they were better at identifying than removing (partly because some viruses are written so they can not be removed when booted in to the 'host' Win-DOHs, no matter what 'anti-virus program' you used, that's where a LIVE LINUX CD/DVD COMES IN, identify, shutdown, boot with Linux optical disk, delete offending files). I once spent 8 hours doing a friends computer (heavily infested Win-DOHs 2000, porn sites, betting sites, infested emails, etc), saved his ass but boy, was I fed up!

My attitude is, there is a 'workaround' for EVERYTHING!

This is partly why I HATE Win-DOHs so much, cost of ownership (or should I say renter-ship, lol) is ridiculous and the maintenance is out of this world.

Before I stopped doing Windows, all the Windows I was repairing were infected by MBR Trojans combined with an infection in the hidden drive containing the backup copy of Windows. Removing that infection combination was next to impossible without reformatting the whole drive, then you couldn't re-install Windows. That's what finally tipped me over the edge to refusing to clean up any Windows boxes.

Originally posted by SteveRiley View Post

That's

True, that and it seems that everyone whose tried to create their own UEFI work-around has thrown in the towel and bought a Windows certification for the OS and stuff. That puts Microsoft in the cat bird seat. They can remove anything they grant.

This whole situation is what prompted me to by this Acer last January, before UEFI became the coin of the realm.

That's pretty much what ARM-based machines already do.

Agreed, old schoolers like me for instance aren't too fond of change, but nothing ever really does stay the same, years from now UEFI will be replaced, computers will probably come with OS ROMs, which we will have to hack or swap out for something more palatable.

ARM-based machines are not built to be general-purpose computers, thus my comparison to flashing alternate Android ROMs. But in general I agree with you in that the trend toward making it more difficult for people to do what they want, with hardware purchased on their own volition, is troubling.

UEFI is a massive undertaking, and it does solve the technical problems that plague BIOS and MBR. So I'm not ready -- yet -- to ascribe all that work to what amounts to a motive. Core Boot also solves the BIOS/MBR technical problems. But it lacks a secure boot mechanism, which Microsoft seems to feel is of urgent importance. That's the part I disagree with. It would probably be good for us to keep our focus on that: the abuse of the secure boot feature to favor one OS over another, and the design choice that limits storing a single signing key in drivers and hardware modules. Not all of UEFI is bad: just this one part.

True, but that fact puts Linux back to pre-LiveCD, when only "sufficiently technically adept" people could install Linux. Today, because of LiveCD, almost anyone could install Linux, either in dual boot or standalone, which explains its 10+% and growing desktop market share.

I still cannot escape the conclusion that UEFI has more to do with blocking the installation of Linux rather than trying to block MBR Trojans or other boot infections. Why? Because after the boot process is complete one is faced with a Windows OS which is just as insecure as it was before UEFI. It will still have ActiveX controls and vulnerability to email payloads, drive-by URL infections, etc...

My hope is that some OEMs will see a market for Linux and sell their hardware without UEFI, or with it disabled by default. And, perhaps, even sans OS.

The motherboard in my machine (Gigabyte GA-H61M-SP2V rev2) has UEFI firmware. Installing Kubuntu on it was straightforward; disabling secure boot wasn't an issue, as the firmware for that model motherboard apparently doesn't even have secure boot functionality.

Not every UEFI motherboard has the secure boot 'feature'. As I understand it, only motherboards certified for Win 8 will be required to support secure boot. Of the UEFI motherboards that aren't Win 8 certified, some may have secure boot and some may not.

As Steve mentioned, it shouldn't be a problem even if you choose a UEFI motherboard that has secure boot, as there should be a simple way of disabling it in the firmware setup.

For manufacturers of ARM-based devices that want to issue hardware with the Windows 8 certification logo, your statement is correct. However, a sufficently technically adept person could replace the firmware in such a device, much the same way people flash alternate builds of Android.

Please see this KFN thread for updated UEFI info, including a bit where I quote from the Windows 8 certification requirements.

Check this out... http://www.phoronix.com/scan.php?pag...i7_3960x&num=1
Ubuntu on the X79 chipset (socket 2011), running Kubuntu should NOT be a problem.

@Steve, yeah, I know, researched it, meant to say secure boot, or if you put on your Microsoft decoder ring: sleazy way to thwart newbies from escaping our evil grasp, lol. Btw, Microsoft has pushed some vendors to NOT include secure boot shut off, apparently ARM based devices, you CAN'T already.