On Sat, 11 Apr 2020 19:06:59 +0200 (CEST) l0f...@tuta.io wrote:
> > Anti-malware on Windows is common/best practice. However, as we are > discussing it here, things seem to be different with Linux. I don't > really think Linux is intrinsically more secure than Windows nowadays > (a vulnerability remains as such) but I really think Linux ecosystem > is. My feeling is that running as root is considered an extreme no-no in Linux (probably apart from the toy distros) and it is this that makes Linux viruses non-viable. There just aren't enough infectable targets. (Most) Linux users are horrified by the thought of surfing the Web with root privileges, most Windows users are not even aware that their computers can be run at one of two privilege levels (many more with the business/professional versions). Even today, with a new Windows 10 installation, the first user is given root privileges by default, and no advice is offered about demoting the user to unprivileged later. About fifteen years ago, I used to help out on a Small Business Server newsgroup (later web forum) and I was amazed at how sloppy many other helpers (including MCSEs, which I wasn't) were as regards security. What really didn't help was the need for each user of a workstation to open the Office applications for the first time with root privileges, otherwise some initialisations didn't happen. Lazy admins just gave all the new users root privileges for a week or two to let them sort it out. You can't win against that kind of mindset. -- Joe
