Pjotr from the Linux Mint Forum sent me a link to his website Easy Linux Tips Project when I was getting feedback about publishing these notes. Pjotr has many good things on his website that can very helpful -- even to beginners.
I very much recommend going through his website. He has a lot of things that I don't include here.
We do, however, disagree about whether to install virus scanners or not. I think users should install a virus scanner and he thinks users shouldn't. Both of our arguments have merit.
I'm picking on Pjotr's set of recommendations for two reasons:
Pjotr's article about security points to these series of of slides made by Joxean Koret.
Pjotr says the way to keep your computer clean of malware is to do the following; I have placed my comments in [square brackets]:
I'll address his bullet points out of order.
Note: Because I'm addressing both beginners and professionals on this page, some of the arguments I present may go over a beginner's head. Just roll with the punches. I'll try to keep the technobabble terse and to a minimum.
If you're very new to Linux, then yes, I highly recommend this too until you better know what you're doing. In Linux Mint, this means a beginner should install software only from "Software Manager" and "Synaptic Package Manager" which can be found in the Linux Mint menu.
There is some great and extraordinary software that comes from the Linux Mint repositories, but one day, you'll want or have to install a piece of software not on the list.
So, how valid is the argument not to install software from outside of the official Linux Mint repository?
Personally, I like running a more up to date version of Double Commander and LibreOffice. It requires that I install software not "from the list". I have to get the updated versions from the websites of the original code makers. This is already taking me (sort of) outside of Pjotr's recommendation.
If you want to play games from Steam (a popular game repository), you can download the Steam client from the Linux Mint Software Manager. Then, in turn, Steam allows the user to download programs not from the official Linux Mint repositories and place it onto your computer. Steam is not unique. Other more generic software repositories like yum, npm, and pacman are available in Linux Mint repositories, and their sole purpose is to download software not available in the official Linux Mint repositories. We have broken Pjotr's rule simply by following it. (I'm purposely avoiding the extreme popularity of Flatpak, Appimages, and Snaps.)
To drive the point home, Wine (the Windows emulator which I'll talk a little more about later) comes directly from the official Linux Mint repositories and its sole purpose is to run Windows software on Linux.
Although Pjtor has extremely good reasons for saying not to use Wine and to only use software from the official repositories, this recommendation is self contradictory.
The virus scanner I suggest comes directly from the official Linux Mint repositories and does not download any other software, but Pjotr suggest not using it because he thinks it makes your system more vulnerable. It wasn't Pjtor's intention, but his recommendations make it seem that the Linux Mint repository itself has software that shouldn't be downloaded. (I'll address his specific and very valid virus scanner points in more detail in a moment.)
If you're a beginner, I wouldn't worry about the concerns I'm bringing up. The Linux Mint repository is still a very safe place to download software from. I'm merely presenting an argument against a questionable opinion that many Linux professionals hold.
Linux is sometimes used in a work environment (it's already happened in some parts of the world). You may be forced to try out new software that is not in the software repository. If you're required to stick to the Linux Mint repositories, what do you do then?
I present one final argument to fully cement my position on this matter.
There is software that is simply not available in the repositories that some users need to use. For instance: All professionals use IDEs. (IDEs are highly advanced and specialized text editors, usually used for programming.) All the best IDEs like IntelliJ, Visual Studio Code, and Sublime are not available in the Linux Mint repositories, and yet many Linux professionals use them.
This is not a one-off example.
I would place money that 99% of anyone doing serious work in Linux Mint is using software not downloaded directly from the Linux Mint repository. (And for the professionals: I'll also wager a good percentage of them have even altered their PPAs.)
This is why I disagree with Pjotr on this point. I fully support Pjotr's caution to install software on the any computer on any operating system, but I've found it's not a practical recommendation that I can endorse.
It should be obvious that what I propose is more risky. You are more likely to get malware following my recommendation. So, what do you do?
Well, you use "a little common sense"... (see next point)
As a beginner to Linux Mint, this is a frustrating piece of advice. You have no experience to draw from and therefore common sense is elusive. However, we can try to define what Pjotr meant by common sense.
The best thing to do is to start off downloading things only from the software repositories that Linux Mint gives you. As you grow and learn, you'll begin to understand where the software comes from. (Double Commander and LibreOffice weren't born in the software repository. A bunch of strangers wrote these pieces of software and some other stranger in Linux Mint decided they were safe enough to put there.) This is a good starting point.
Ask a search engine if a piece of software has malware in it. Sometimes, people identify malware and that information gets posted online.
Sometimes, you run across an interesting piece of software online. Take a look and see if it's already in the Linux Mint software repository.
If you've looked at search engines and it's not in the Linux Mint software repositories, and you're still unsure, you can also go to the appropriate forums to ask. You can ask about games in game forums. You might even try asking questions in the Linux Mint Forums. Do not go to the Linux Mint forums to ask about a specific software you found or want to download. Your questions should probably be more general. For instance, ask "I'm looking for a good encryption program. Does one come with Linux Mint and if not, where can I find a good one?". (I'll answer this one: LUKS and eCryptfs come with Linux Mint. Veracrypt is also very good -- especially if you do cross-platform between Linux and Windows.) Do not ask, "SpaceConquer 4 from Developmentsoft was just released for sale two days ago. Is there a good place I can download it for free and without any malware?". Every forum has their etiquette. Learn the ins and outs before posting. Post. Get your answer. Go do more homework on the answers you got to make sure the advice you're getting makes sense.
Be aware that advice you get in forums and from news articles and from blogs will often be conflicting. That's because advice is worthless unless you know why you should or should not use it -- meaning don't accept a quickie answer. Someone should explain why something is good or bad. You'll have to try to learn about the subject matter, reason things out for yourself, and make the final decision on your own. Don't just trust some stranger's advice. Find out why something is good or bad.
There is one other thing to consider. Every good piece of software has a life cycle: someone writes the prototype, many people enhance it and turn it a great software product, the software gets popular, it does great for a while, eventually some things in the software get worse or are neglected, the software gets really bad and most people abandon it, the software fades into nothing and quietly goes away.
Right now, Linux is popular and is doing great. It is highly unusual for a piece of software to last so long and I'm really glad it has. But make no mistake, one day (maybe 5 years from now, maybe 50 years from now), it will be mismanaged and people will move on to another operating system. (And there are plenty of lesser known operating systems that could take its place. Currently, BSD is the next major contender to Linux.)
What may be a good answer today may not be the right answer next year. Software changes over time. Your operating system changes over time. You and your needs change over time. You have to be diligent, exploratory, careful, and thoughtful. You'll make mistakes. Learn from them. Better yet, learn from the mistakes of others.
I once saw on the internet "Anti malware should first and foremost be proactive, not reactive." This is very, very true. It means a virus scanner can't help you if you're always downloading software pre-packaged with viruses because you download from shady places.
Read. Learn. Ask. That is what "common sense" means in the IT world. And I think that is what Pjotr meant.
Apparently, this is a piece of advice that some Linux people deem acceptable. I disagree with this advice mainly because I want people coming from Windows to feel at home in Linux Mint and this can be a huge tool to help you get there.
(Wine allows some Windows programs to run natively within Linux and without using a Virtual Machine.)
But... there is great wisdom behind these people saying not to use it. The urge to be cautious is very correct.
I use Linux nearly exclusively in private, but there are still a couple of programs I need Windows for simply because they are (for me) better than any Linux-based alternative or it's completely unavailable in Linux. This is where Wine can become useful. Wine can simulate Windows on your Linux system so you can run Windows programs. I haven't used it a lot, and despite it's problems, it does a good job. But you have to use "common sense" (as defined above).
Warning! There is a huge warning you should be aware of if you install Wine: you become vulnerable to Windows viruses and trojans. By installing Wine and installing Windows software with Wine, you are opening yourself up to the whole range of Windows malware on your Linux machine. It even has the potential to delete your Linux files.
Pjotr recommends in his Wine article not to use Wine, and instead to dual boot or use a virtual machine. Both are good recommendations, although I recommend against dual booting by beginners because it can be complex to setup and get right.
Given the option, using a virtual machine to run Windows is better than using Wine. Pjotr and I agree very much on this.
The only reason I officially disagree with him on this issue, is because a full virtual machine can be cumbersome to use. Wine and other emulators, when used properly, can be a valuable asset.
In Pjotr's original article on security, he also recommends not using Mono. Mono is "cross platform" meaning the programs are designed to be run in multiple operating systems (like Windows and Linux). Java also falls under this category.
I disagree with him on this recommendation because there are some programs that are just simply written for Mono or for Java. Professionally, I have written programs in Java, and .NET programs that could have been utilized under Mono. There were business reasons for using these languages / platforms. How else could my programs have been run?
What we both agree on is that you shouldn't install just any program on your computer -- regardless of whether it's Linux or Windows, regardless whether it's cross platform or not. This is one of the fastest ways to get malware. You need to do your homework on that software before you install it. (Read my common sense section above.) Run a search in a search engine to see how popular it is, see what complaints are out there about the program malware. See if it or the website you want to download from is associated with malware. Ask friends what they think. Ask people on forums. If you get advice from people, get them to explain why the software is great or why it sucks. Is it because the colors are awful or because it will spy on you?
If in doubt, don't install it. Let others (who either know more about security or who are crazy) take the first plunge for a new piece of software.
Pjotr states in his article that each and every app is a risk. I fully agree. Anything you do on a computer is a risk. Breathing is a risk. Try not to breath toxic fumes and try not to install questionable programs.
I strongly suggest reading Pjotr's article for a thought provoking contrast to my recommendation.
No matter our disagreements, we both recommend to use common sense.
You've read my replies about the other bullet points, right? (Right?) Then you're ready to absorb this piece of advice:
If you're going to install Wine or if you're going to install programs that don't come directly from Linux Mint, then install a virus scanner and use it.
Be sure to install the right virus scanner. As of January 2023, I recommend using ClamAV, but as indicated above, recommendations can change. These notes may be outdated. (They are for me after all, and I may choose to let them get outdated.)
There is merit to the idea of a virus scanner making your system more vulnerable. (It surprised me.)
These series of slides (also linked above) was part of a speech delivered by an expert hacks into systems through vulnerabilities. I didn't hear the speech, but I read the slides. His particular talk was about how to use virus scanners to take control of a system. Yes, he broke into computer systems because popular, well known virus scanners were poorly coded. If you can past the jargon, it's an eye opener and a good presentation.
This is the primary reason Pjotr says not to bother with a virus scanner. I may disagree with Pjotr's conclusion, but I can certainly understand his reasoning. This is a very good reason and reminder why you shouldn't install just anything onto your computer.
I'll address the concluding points the slides:
Some Linux people have taken this to mean that we shouldn't install antivirus software at all. And, on first glance, the bullet points seem to indicate that, but I didn't see anywhere where the author recommends not to use a virus scanner. He hints that a virus scanner may not be the best thing to use in all cases. That I can agree to.
But I'm addressing new Linux users who are probably going to be using Wine so they can run Windows programs.
I'll address each point.
Against a skilled hacker, your system is vulnerable. There are always software bugs. That will be in virus scanners, games, or word processors.
I'm addressing three bullet points together because they go hand in hand.
For every piece of software you install, that is another program that a hacker can utilize, i.e., it increases the "attack surface". Generally speaking, the fewer programs you have installed and running, the better. Just by the very act of installing a virus scanner will absolutely increase the attack surface a hacker can use. From this perspective, antivirus programs can make you more vulnerable.
Yes, it's true: The second most secure computer is a computer with no programs and no operating system. (A computer with with no operating system is still vulnerable to malware. There are several attacks that can be utilized -- everything from boot sector hard drive infections to malware that can live in the firmware embedded into computer chips.)
That, of course, means the most secure computer is one that is turned off, unplugged, and buried under 50 feet of soil.
But you're not going to bury your computer. You're going to install and use programs.
And therefore, the appropriate question is: Does the security a virus scanner provide outweigh the vulnerabilities it opens up?
The keywords here are "some" and "may" -- Some antivirus software may lower your operating system protections.
Any software that is poorly written will open up a multitude of vulnerabilities on your computer. And, according to the slides, there are an unfortunately high number of vulnerabilities in virus scanners.
Also unfortunately, this doesn't surprise me.
This topic is beyond the scope of my notes and has no bearing on the topic at hand. I'll simply say that I agree.
The f-bomb used in the slides is needed. And it applies to all software, not just antivirus software.
Companies are in interested only in profit. If they can cut corners to make a buck, they will. They must to survive. It's called the race to the bottom. Some companies tout how high quality they're product is and, economically speaking, that kind of advertising sometimes works for them. If it works for them, they sometimes actually make a higher quality product. The sole logic is that if customers believe they have higher quality, then they'll remain customers. However, if that strategy fails, companies inevitably fall back to fewer people doing the work of multiple people. Quality slips. (I was once part of a software company that went through two rounds of layoffs. Within eight months, I knew some people who were supposed to have the knowledge and do the work of 12 software developers.) It is our job as consumers to fight against low quality.
Welcome to the fight.
If you're a beginner, I suggest yes. The key is that the benefit of the antivirus software must outweigh the disadvantages. How that can be measured is very difficult. It's so difficult that many of us with decent knowledge continue to argue whether the benefits outweigh the disadvantages. And it's why this section was written.
In the end, you'll have to decide.
Pjotr has concluded that the benefits of antivirus software do not outweigh the disadvantages. He simply has a different opinion than me.
In reality, I agree with just about everything he says on his website. Our disagreement about whether to use virus software does not negate any of his other points nor any of mine.
If you install Wine or similar software, you put yourself at more risk than someone who doesn't use it. If you think virus software will completely protect you, then you are at greater risk than someone who knows virus scanners defend against a limited number of already known viruses.
Pjotr's main argument is that the user should defend himself / herself using acquired knowledge. On that, Pjotr and I most definitely agree. Your best defense is to get as much "common sense" as quickly as possible. That's why I published my notes and that's why his website exists.