I secure systems for my day job. That means installing AV software, ensuring Windows Firewall is ON, etc. (Plus many other things…)
I’ve seen discussions around disk encryption here, but I don’t recall much about a malware protection. Maybe a little about personal (desktop) firewalls.
I’m aware of Clam, etc, but is anyone actually using these tools much?
Or are we just presuming we’re all immune from the bad guys targeting Windows?
Computing practices (like installing packages from trusted maintainers and the deliberate use (through filling in passwords) for granting privileged access etc.) on Linux are different than on Windows. This already ensures that -simply by the virtue of using Linux as it’s intended- a Linux user is protected from complete classes of attacks.
Furthermore, the average Linux user is a lot more computer savvy compared to the average Windows user. And I haven’t even mentioned the focus on FOSS, the security benefits through obscurity etc.
Of course, Linux isn’t impenetrable. In fact, one might argue that its security frameworks on desktop are lacking compared to macOS and perhaps even to Windows (S mode).
Nonetheless, Qubes OS (i.e. the worlds most secure desktop OS) heavily relies and utilizes Linux to do its bidding.
To conclude, there’s a lot of nuance to secure computing on Linux. But as long as its user (i.e. the biggest attack vector) holds on to best practices, it should be more than safe. Unless…, you seek protection against sophisticated adversaries and their targeted attacks. At that point, I wouldn’t trust any desktop OS besides Qubes OS anyways.