Have you got any malware on windows lately?

If you’re reasonably good at avoiding windows malware you’ll be fine on Linux.

Yes it is. You need Malware protection and you need to harden your computer. Do some research on that.

Linux has a long history of being significantly more secure than Windows as well as being a much smaller target. Linux malware might exist these days, but it’s rare at most.

Linux already runs a huge portion of the world’s servers, which are a more lucrative target for bad actors than an individual machine, so it’s solidly battle tested.

Its definitely something to keep in your mind with any computer. What I will say to assure you, is that the tools you are used to using on Windows for protection have equivalents for Linux. ClamAV for antivirus, firewalls, and anti malware software are available in most distros repos.

If you want to be more confident in your security knowledge on Linux, I recommend reading up on the basic permission systems for Linux. Make an isolated folder to explore chmod, chown, and Linux groups and see how accessing files with different permissions works. You can even look at SELinux (Security Enhanced Linux) for more of an idea of how kernel security can work.

Most Linux malware comes from community repos and fake GitHub style projects.

The default package repositories in all the major distributions are safe. Some examples to be worried about are pip packages and the AUR if you’re using Arch.

My first programming language was qbasic as well. Fond memories of that.

Vet third party sources, just like you would have on windows.

Your concerns are valid.

In my opinion the easiest solution, if you don’t know what youre doing (or dont wanna care) would be to use exclusively an immutable distro. That would lock you out of tweaking the system, but also heavily limit any potential malware. This should be sufficient imo:

• keep system up to date
• dont run programs or commands from unofficial channels
• have firewall enabled and running
• make offline backups of user files
• use immutable distro

Great question and I think it is.

Regarding tools, there is for example the ClamAV toolkit, which is easy to setup for the average Linux user, but probably not for the most vulnerable users that need these tools the most.

But in general the biggest problem might be how we treat the biggest vulnerability - the user. With more freedom and control in Linux, we also have more responsibility. And I’d argue that welcoming new users with bad practices is getting overly normalized, e.g. executing commands/scripts that you don’t understand or depending too much on something like the Arch-user repository.

It’s simply not different than on Windows, arguably it’s much easier to stay secure. But if you managed it on Windows, the same applies on Linux: don’t run shit as administrator (root) and be suspicious if it wants to, backup your stuff, don’t install dodgy software.

Lot of people will tell you something like “don’t run stuff aS rOoT” but from personal security POV root is almost irrelevant. Potential attacker can do plenty of damage without root.

root only allows crossing boundaries of the current user, but for personal use, everything you care about is probably 100% accessible under your normal user account. You don’t need root to steal your photos and passwords, you don’t need root to shimmy a daemon in your ~/.profile to start every time you log in, you don’t need root to mine shitcoins, use your machine as part of botnet or whatnot.

Good advice is to vet everything you install, or choose a third party to vet it for you. In ideal world,

• choose a stable, well-maintained and up-toodate distro with a good reputation,
• limit installing software from official sources only. …and you’re probably going to be fine.

In less than ideal world, maybe add flatpak to the mix but assume that the repository is a wild west. Running AppImage apps or installing third-party .deb/.rpm/etc. packages, again, if you trust the source, you trust the source.

(But for f’s sake, don’t just run curl | bash scripts (with sudo or not) from random github repos and stuff.)

So I think a lot of things that are more important to security is perfectly doable in linux. I think there might be distros that don’t have a firewall on by default but I don’t think its common. If you go with most any recommended distros people throw out it will. Linux and other unixes had this available and default way before windows did. Honestly the only thing linux kinda lacks is antivirus although thats not completely so. I will say that outside of windows integrated antivirus I stopped using them in windows. Running a secure browser and being careful about what you download and run in windows is a much bigger thing for security. Again linux had sudo type things (the admin privleges window pops up with) than windows did. Which is a much bigger security thing. To top it all off you can get most software for linux through repos which are curated and safer way to get software. It can be tempting to download a piece of software not available but if you can add a credible repo its not a bad idea to do it that way. I mean linux and other unixes are just engineered in a better more secure manner. Coming from windows and worrying about linux security is like coming from a really cirme ridden neighborhood and moving a nice low crime area but your afraid its going to have more crime later.

Others have addressed a lot of this - I think your best approach is to to use a structured learning process, like 30 Days of Linux. I’ll drop a link when I can find it again.

I think the biggest risk for a new user is running commands as root that you don’t fully understand.

Fortunately distros today default to creating a user account during setup so the average user doesn’t run as root by default.

I’ve been using Linux and Unix for about 25 years and I’ve never had a malware problem.

I’m not saying they dont exist (they do), but malware for those systems seems much rarer.

Linux is very secure, or can be, but that depends on your threat model and how much you’re willing to do or put up with.

• full disk encryption with LUKS: protect a lost or stolen drive
• /boot partition encryption with GRUB: further protect a lost or stolen device by protecting the boot process and prevent possible kernel tampering
• hardened kernels: can offer aggressive system hardening that could negatively impact performance and user experience in return for extra security
• TPM 2.0 and Secure Boot: prevent malicious software from running during start up
• App Armor: prevents known and unknown application flaws from being exploited
• ufw (Uncomplicated Firewall): control and deny network traffic with rule sets

The great thing about Linux is there tends to be a lot of solid documentation that explains what features are for and how to implement them. Links above are mostly to the Arch Wiki. Whatever distro you use, you’d want to start at their wiki. I’m currently using CachyOS, and I’ve found their wiki to be very helpful.

Some other helpful features to look into are

• btrfs snapshot support with GRUB or Limine bootloaders: easy snapshot rollback in case of a bad update
• atomic distros like Bazzite: updates happen on a separate subvolume and don’t apply on reboot if they aren’t 100% successful
• immutable distros like NixOS: core directories like /usr, /bin, /sbin, /lib, /lib64, /etc, /boot, /opt are read-only for higher security against malicious software

One thing to think about with Linux—where I think you’re getting the wrong impression—there’s something like fifteen billion Linux installations globally. Compare that to Windows where there’s about 1.9 billion.

Yet for some painfully obvious reason, Windows has about an order of magnitude more serious, actively exploited vulnerabilities than Linux. For every serious, actively exploited Linux vulnerability (which includes basically anything in the tens of thousands of packages + kernel that are available and ready to install in any Linux install), Windows has vastly more. And that’s just the stuff branded by Microsoft!

There’s a whole lot of reasons why you’re much more secure in just about every way on a Linux install, but believe it or not, you know what the single most important factor is, that prevents malware from being much of a problem? Default permissions!

It sounds silly, but whenever you download something on a Linux desktop you can’t just execute it. You have to take an extra step and mark that thing/malware as executable before you can run it. It’s a step where everyone stops to think, “hmm… Maybe I should double check this.” 😁

This doesn’t stop the truly careless, of course. But it’s easily the biggest factor in preventing the sorts of “drive by malware” that people often get suckered into running.

Contrast this with Windows where literally everything is executable by default. You can change a .txt to an .exe and BAM! Windows will now attempt to execute it when you double click on that file (that would throw an error, but you get the idea).