For several years, whether Linux users, in this case, the Linux Mint, should be running antivirus software has popped up not once, not twice, and has been a topic of discussion for a while online. While it is explicitly true that malware presents a minimal issue on Linux than on Windows, does this imply that Linux distributions, including Mint, are immune to viruses?
Here is all you should need to know about this topic.
What do DevOps say about viruses in Linux?
Linux is run on a tiny fraction of laptops and PCs, but most servers run the Linux kernel. This, therefore, means that on the enterprise side of things, a constant battle is waged between systems admins and hackers.
Despite all this, it seems that the threats home users face are not quite so ominous.
Ubuntu’s official website, which possesses a vast wealth of info on the hugely popular flavor of Linux, says:
Antivirus software doesn’t exist for Linux, but you probably don’t need to use it. Viruses that affect Linux are still very rare. Some argue that this is because Linux is not as widely used as other operating systems, so no one writes viruses for it.
Others say that Linux is intrinsically more secure and that security problems that viruses could use are fixed very quickly.
‘Whatever the reason, Linux viruses are so rare that you don’t need to worry about them now.”
A big question usually brought up by users who have just switched to Linux, in this case, Linux Mint, is whether or not this Linux Mint needs an Antivirus. Assuming the new Linux Mint user previously used Windows, they probably dealt with several antivirus programs to combat any virus. However, as you know, Windows is an operating system known for not having a good reputation in terms of being virus-free.
For a fact, saying that Linux Mint is free from viruses will be a big joke. Nevertheless, you cannot compare it to Windows, as the ratio is probably 1 to 100 or even more. Furthermore, this is not a joke at all, I have been a Linux Mint user for a couple of years, and never in my life have I ever dealt with a virus.
But as said, it doesn’t mean that Linux Mint is free from viruses. Android is also Linux-based, but you can see how hugely it is affected by malware. Some Linux-based servers also use antivirus to offer extra protection; antivirus isn’t entirely useless on Linux Mint.
But in the desktop environment, the PC or laptop, you need to think twice before setting up an antivirus program. There are at least six technical reasons why you don’t need to set up an antivirus on your Linux Mint desktop.
Reasons we think you don’t need an Antivirus
User levels
A good number of viruses emanate from the internet. Also, they can come from storage sources, USB flash drives to be precise. So you have to be extra careful when plugging your USB flash into another PC, particularly a public one. Public PCs are virus nests.
The way viruses work is pretty straightforward for you to learn. It works by running or installing itself on your PC. As long as your PC system has good user levels, no virus can run itself. When talking about good user levels, we mean an operating system that only allows users with the highest level(superuser) to install/run new programs. Typically, an OS with a superuser will need to be authenticated before it sets up any program on your machine by asking you to input the superuser password.
Linux Mint is that one OS with an excellent user level. Not each user has permission to access system-linked files. Only the root(superuser) users have such privileges. Therefore, you can neither run nor install new programs on Linux Mint; that is why we are saying that virus programs cannot run themselves on Linux.
Windows have tried to fix this issue by applying UAC(User Account Control) since Windows Vista. Nonetheless, there are still some loopholes to fix. If you run a new program that has some threat to your PC, Windows will only pop a dialog with a pair of Yes and No buttons. If you hit the Yes button, the program will start running. You won’t even be prompted to input any authentication details.
Setup method of new apps
Another significant breach on the Windows OS that virus creators frequently use is the setup method. Most Windows users now rely on binary files with the .exe extension to install new apps. There are so many apps for Windows freely made available on the internet. Regrettably, not all free apps are secure to install. Some have spyware, ransomware, and other types of malware.
Linux has a different approach to providing apps. All Linux distros ship with package managers and software repositories. A package manager is a tool used to set up new Linux apps. To add on, these package managers still perform the update and the deletion process of apps. Some include Synaptic, Ubuntu Software Center, APT and more. Then again, as earlier said, not all users have permission to run a package manager. They will be asked to input the root password to run it.
If you are setting up a new app on Linux Mint using a particular package manager, the package manager you are deploying will download the required files from the software repository. A Software repo is like an archive where packages can be retrieved and installed. Repositories contain trusted software that your Linux distro has validated.
On the flip side, Microsoft has also provided an akin concept in the form of a Microsoft store. Nevertheless, not all software vendors are willing to upload their products to it. Besides, it isn’t easy to alter a user’s habit.
Malware for Linux Mint PCs is rare
As earlier said, Linux malware does exist. To say it does not would just be untruthful and naive. Nevertheless, it just isn’t as big of an issue as it is on other OSes, and chances are high that you won’t ram into one unless you are viewing inappropriate content from a disreputable site.
Linux Mint protects itself
The general structure of Linux Mint makes it challenging for malware to plant root access, and even if you end up contracting, it will have a difficult time doing real damage to your system. This is so because of how permissions work on Linux.
In Linux, every file has three permission settings:
- What things the owner of the file can do.
- What are the things available to the file’s owner group?
- What can anyone else do with this file?
If a virus infects your system, it would likely be executed under your local account, which is limited to your user actions. Local user accounts cannot do anything to system-level “root” files so that the malware would be restrained; we assume you don’t accidentally execute the malware with “sudo.”
Antivirus effectiveness is questionable
Take an instance that there is a new malware that targets Linux desktops. It uses a never-before-seen security exploit and somehow finds a way onto your system. Before you even get a hold of it, the malware creates havoc on your data and leaves you in limbo, imagining what you could have done to cub it.
At this point, would the antivirus have helped you here? Probably not.
The hard truth is that antivirus is always a step behind viruses. It cannot protect you against threats it does not realize are out there, which means antivirus DevOps are, by definition, reactive and not active. As a result, chances are the malware will first hit you before the antivirus comprehends how to deal with it.
And were you aware that Linux antivirus clients primarily scan for Windows malware? Some find Linux infections, but they mainly cleanse Windows file infections so that you don’t pass that malware to your other PC or your friends and family via file transfers.
Smart security habits are enough on Linux Mint
Some popular attack vectors on Linux are applications from unknown sources, dodgy sites, torrents, and more. There are some pretty basic sources that you avoid via best practices.
But not only those. Other potential vectors for malware include outdated plugins and extensions, PDF files, infrequently-updated cross-platform apps, and more. USB drives also have great potential to supply latent malware.
All this is to arrive at the fact that if you do away with potential attack vectors, avoid shady parts of the web, steer clear of stray USB drives, drop poor security habits and develop good security traits. There is not much to gain from antivirus software.
Tips for maximizing security on Linux Mint
Despite all of the reasons necessary not to set up antivirus software, you may want to do it anyway, and that is okay. Even if you don’t ram into a malware infection, it is not like you have lost anything by having antivirus available. Better to be safe than sorry, right? After all, Linux is not as secure as many think.
Like any other software on Linux Mint, there are several antivirus apps that you can set up and test for free.
Never click on links in emails
This is vital. If you ever see an email warning you that your authentication/login details were used with a particular link so you can check that everything is OK, DO NOT CLICK ON IT. The same is true for declined payments, hacks detected, or friends saying they are lost and need money to find their way home.
Hackers often use the correct graphics for your online store, bank, or other official organization. These only take a split second to pull off the internet and append to an email, all while lending the communique an air of authenticity.
In all cases, open your browser, go independently to the site in question (do not copy the link, and check that everything is as desired.
Do not download or open attachments
Another common virus carrier is via attachments in messages and emails. Unless you expect a document from a particular person, stop clicking on anything that appears, even if it is from a close ally or family.
As soon as hackers gain access to one’s account, one of the most magnificent ways to infect others is through emails to everyone in the victim’s contact list. The expectation is that these people will likely open the attachment as they trust the sender. Then, bang, you have got a virus.
Should an attachment message appear in your inbox, before you open it, it is recommended that you contact the person directly to ask whether or not they sent you the attachment.
Don’t use a weak and the same password on every account
Ideally, it isn’t easy to remember complicated passwords, mainly because you should be using different ones for each account and site. But, having weak authentication details is a surefire way to get hacked.
The simplest solution is investing in a password manager. These software packages generate complicated passwords while only needing you to remember one, the master password.
So do I need antivirus software?
If you are used to macOS or Windows, you are probably also used to having antivirus software running all the time. Antivirus software runs in the background, constantly checking for viruses that might find their way onto your PC and cause issues.
When it comes to Linux Mint, you don’t probably need to use an antivirus because viruses that affect Linux are still very rare. However, some still argue that Linux users don’t run into viruses because they are not as widely used as other operating systems, so no one writes viruses for them. Others argue that Linux is intrinsically safer and security problems that viruses could use are fixed quickly.
Whatever the reason, Linux viruses are so rare that you don’t need to worry about them.
Final Thoughts
Since its inception in the market, Linux Mint has proven to be one of the most secure operating systems. It is among the only operating systems to function without any substantial risk. Even though you don’t need to set up an antivirus on Linux Mint, it does not mean that you cannot do anything to keep your Linux Mint system safe. To secure your system, ensure you regularly update your installed software, especially the ones you often use. It is also recommended that you set up software from the secured official software store of Linux Mint. An important thing to note in Linux Mint is that a virus or rootkit cannot install itself in your Linux Mint OS unless you let it. By allowing it, we mean for anything to install itself on Linux Mint, it will need your root password, and for that reason, you cannot install it, meaning you are always safe unless you decide not to.