On Sun, Feb 23, 2020, 17:28 Stefan Monnier <monn...@iro.umontreal.ca> wrote:
> >> > defense in depth / layered defense... would you recommend having a > Linux > >> > anti-malware? > >> No. All those only try to recognize known threats. When a threat is > >> known, the security hole it exploits is also known, and the fix for it > >> already exists as well, so updating your distribution to the latest > >> security fixes is a better solution since it doesn't just protect you > >> from those known threats but it also protects you from unknown threats > >> using the same security holes. > > That's not true. > > Which part? > > > Sophos has ai learning and threat analysis mitigation tactics built in. > > In which way does it make my statement false? > > And more importantly, are there known cases where it detected an attack > before the corresponding security hole had been found? How common are > those cases, compared to the added risk (and performance and resource > cost) of running that software? > > > Stefan > You want to debate the validity of running av on any system these days is ridiculous and not a conversation I want to be part of. > >
