Linux / Mac Users: Are You Protected?

[BertKoor]

Linux (desktop users, not servers) is not popular enough to be interesting enough to target for virus/malware producers.

[chk071]

IMO, it's highly dependant on the user anyway whether or not you get infected. Security software can't even sweep away the shards, if you're reckless with your computer.

[FapFilter]

Of course, the user is the largest part in the security chain, but if one has no means of detection at all, even getting a USB stick from a friend could pose a threat. You should also not open any documents at all (.doc, .RTF, .PDF, etc), nor images… making your computer basically limited for stuff that's basically already installed on it (and hopefully not infested)
And of course no protective software will safe you from everything, but chances are not bad that you can keep your system clean if you are trying to stay away from shadier sites or sources.

[Super Piano Hater 64]

protection.jpeg

[syntonica]

I wish I could shut off 95% of the security junk on my Mac. It's just plain annoying and eats my CPU cycles. That said, I don't download codecs from porn sites, I don't load images or click on links in emails unless I know where they've been and I definitely don't install Russian-made virus scanners.

[audiojunkie]

Out of interest: do (some/all) Linux distributions have anti malware measures included?

That really is the million dollar question, to which I can only answer yes, and no. There are well over 300 different distros catering any style or personality you can imagine. Most of the building blocks are the same, albeit likely containing differing libraries and even differing versions of the same libraries. Some distros are very heavy and loaded with programs; some take the opposite route and aim for extreme minimalism. Some distros are privacy focused and are the best the world has to offer. Some are designed to excel as gaming machines. Some are security focused. Some serve as “appliances” and are designed for a specific task, like a firewall or a DAW. Many are various flavors of general use OSes with differing features. Whereas Windows and OSX have only one desktop environment for each, there are well over 20 different desktop environments and windows managers to choose from. Choice and customizability reign supreme with Linux. I could go on and on, but suffice it to say, I’m quite confident that there’s a distro out there that focuses on virus and malware prevention. The best thing you can do is research the various feature sets of the varying distros to find the one that best suits your personal needs and personal style. Don’t be afraid to try lots of them to learn what you like and dislike in a distro. There is a term for those who are in the process of seeking their perfect fit—“Distro Hoppers”. It is a normal part of the process. I’ve tried most of the major distros and I’m currently using EndeavourOS. Prior to last year, I used Ubuntu for years. I’m actually a fan of the Arch and Debian families of distros, and EndeavourOS is part of the Arch family.

Explore Distrowatch.com to see what is available.

Best of luck!

[audiojunkie]

A good way of thinking about OSes is comparing them to synthesizers. Windows and OSX are essentially powerful synths, but they aren’t modulars. The Linux OS can be thought of as a custom-made polyphonic euro-rack modular synth. It’s just as capable as Windows or OSX, but it can be put together in any way you can imagine. This allows for extreme personalization, customization flexibility and efficiency at the cost of a learning curve.

[audiojunkie]

I wish I could shut off 95% of the security junk on my Mac. It's just plain annoying and eats my CPU cycles. That said, I don't download codecs from porn sites, I don't load images or click on links in emails unless I know where they've been and I definitely don't install Russian-made virus scanners.

This is an example where Linux shines. The extreme customizability of Linux allows you to do this and much more. Imagine stripping out 95% of the unnecessary bloat to save CPU cycles and RAM. Now imagine taking everything a step further by also stripping out your pretty and bloated desktop environment and windows manager and putting in a minimal, stripped down Windows manager. Now take all of that a step further and swap out your vanilla generic Linux kernel and instead use a Linux kernel that has been patched and modified to run with real-time scheduling and ultra low latencies. It’s more work, but very doable with Linux.

[gaggle of hermits]

It's just plain annoying and eats my CPU cycles.

how does it “eat CPU cycles”?

also, you’re going to be so pissed when you find out about the x86 and Arm security extensions, not to mention the mitigations against spectre and meltdown-type attacks.

[syntonica]

It's just plain annoying and eats my CPU cycles.

how does it “eat CPU cycles”?

also, you’re going to be so pissed when you find out about the x86 and Arm security extensions, not to mention the mitigations against spectre and meltdown-type attacks.

I'm saving that for a completely different rant.

"When my insanely fast CPU uses half it's effort trying to stay safe."

My Atari STe ran faster, overall...

[chk071]

how does it “eat CPU cycles”?

How does software not eat CPU cycles?

[FapFilter]

of course it does. Question is: how much.
Couldn't find a clear answer on a quick Google search as results range from “pretty much next to nothing“ to 100% CPU core utilization (though the latter value only during manual full system scans, not during it's invisible watch dog duties in the back ground)
OSes, even clean new installs, run dozens of other tasks in the background anyway.
Would be interesting how much you'll actually safe by deactivating your scanning tool(s), but I think even years ago the consensus was, that scanners might slightly worsen loading times of apps (but we are having way faster SSDs nowadays), while CPU consumption during background activity was often considered negligibly small even back then

edit: just did an activity monitor test on my M1 MacBook Air and CPU consumption for Xprotect (Apple's built in real-time scanner) is @0,0%. Though it has been at 8% for a very short time I opened activity monitor for the first time. Afterwards it was always 0,0%, even after quitting and re-opening activity monitor in subsequent attempts.
Memory consumption for all Xprotect processes were at roughly 11MB combined

[gaggle of hermits]

of course it does. Question is: how much.

that was largely my point. when someone says "eating CPU cycles" it implies it is completely getting in the way. as CPUs now do a bunch of things like checking stack accesses that are built into the pipeline you're going to be a bit unlucky if that offends you. also, memory protection/translation has been in the OS since year dot and is also a minimal form of security protection. when the OS does a page-translation table walk, it will again consume some CPU.

but feel free to interpret every statement as entirely literal.

[FapFilter]

True!
Also, if you truly care so much about wasting CPU cycles: Make sure that your task bar/dock and other menus are empty and don't contain anything that corporates updating indications like clocks, or even worse: anything widget of some sort
Also only use very low screen resolutions (640x480 should be good) and restrict your desktop to 16 colors max

[gaggle of hermits]

...and don't forget disabling interrupts like the pesky clock timer. this will of course render the machine utterly unable to do anything but, y'kno save those precious cycles.