I was shocked when I read this article (http://www.linuxandubuntu.com/home/clamav-antivirus-scanner-for-linux-review-installation-usage). It is a review of ClamX for Linux; I have a version of this installed on my Mac. According to the article, testing revealed that than a third of the attacks directed at it are undetected, and ClamX ranks only 13 of 16 products at detecting malware. Would you take this a truth? Do any of you use an antivirus program on your distro and if so, what do you use?
I don't use an antivirus on my Linux desktop. My guess, just based on the people I know and have talked to is that most Linux and Android users don't use antivirus either.
The testing they did with the stats comes from AV-Test though and I very much trust them. They are fairly comprehensive. What the article doesn't say is whether the stats they give are regarding zero-day malware (new malware that doesn't have signatures yet) or older ones with signatures. Zero-days always have much lower levels of detection as it relies on heuristics. It'd be nice if they linked to the report but it is available publicly for free at the AV-Test website. I can't look at this right now but if somebody wants to, here's the site for you:
https://www.av-test.org/en/
Oh, also, don't take the fact that most don't use an antivirus under Linux as anything meaningful. Their machine could be infected with a trojan and they might have no idea. I think in the next few years, antivirus under Linux will become a standard recommendation, especially on the Android platform. There are a lot of toolkits for creating backdoors and viruses for Java that run under Android (almost all Android apps are written in Java). I have started considering using an antivirus for Linux but I don't know whether it's yet it's really necessary. I'm on the fence.
I don't run any Linux Antivirus software. I may at some time, install ClamAV to see what it finds but I would then uninstall it, when done with it.
Thanks for posting the Link to the article, Jason! The info was good to know!
Quote from: elpresidente on January 30, 2017, 12:07:13 PM
The testing they did with the stats comes from AV-Test though and I very much trust them. They are fairly comprehensive. What the article doesn't say is whether the stats they give are regarding zero-day malware (new malware that doesn't have signatures yet) or older ones with signatures. Zero-days always have much lower levels of detection as it relies on heuristics. It'd be nice if they linked to the report but it is available publicly for free at the AV-Test website. I can't look at this right now but if somebody wants to, here's the site for you:
https://www.av-test.org/en/
I looked at the site, but couldn't find ClamX that way. However, I googled it and found the results here (https://www.av-test.org/en/news/news-single-view/linux-16-security-packages-against-windows-and-linux-malware-put-to-the-test/).
Quote from: ssfc72 on January 31, 2017, 06:16:27 AM
Thanks for posting the Link to the article, Jason! The info was good to know!
Mike posted the article. The thanks should go to him :)
Thanks for the additional link, Mike, though it appears like it might be outdated (October 2015?). Surely they've done a more recent test than this.
I was just giving the link to the website, Mike, not the test results. Sorry I wasn't clear about that. The test results are usually posted here (https://www.av-test.org/en/antivirus/), but there doesn't seem to be a Linux section. Strange.