I’m still in the research phase of switching to Linux and don’t know if this concern is reasonable. I’m not tech savvy. I’m comfortable in the windows ecosystem and could use the dos prompt fine when they used it. I played with QBasic and C++ when I was younger and have built a few computers but that was a couple decades+ ago.

My concern is dealing with malware. I know that Linux has less issues with malware than Windows but, as I understand it, that’s primarily because it has a comparatively small market share. I feel like I’m getting into Linux just as it’s getting more popular and that it will get worse if the EU moves away from Microsoft because they will most likely adopt some form of Linux as their new standard. More less tech savvy people like me moving to Linux makes it a juicier target for people who create and use malicious software. It’s not a reason to stay with Windows but is it a reasonable concern? Are there sufficient tools for people who don’t really know what they’re doing to be reasonably secure on Linux and will they keep up if the threat profile expands as Linux picks up more users?

  • cannedtuna@lemmy.worldEnglish
    5·
    20 hours ago

    Linux is very secure, or can be, but that depends on your threat model and how much you’re willing to do or put up with.

    The great thing about Linux is there tends to be a lot of solid documentation that explains what features are for and how to implement them. Links above are mostly to the Arch Wiki. Whatever distro you use, you’d want to start at their wiki. I’m currently using CachyOS, and I’ve found their wiki to be very helpful.

    Some other helpful features to look into are

    • btrfs snapshot support with GRUB or Limine bootloaders: easy snapshot rollback in case of a bad update
    • atomic distros like Bazzite: updates happen on a separate subvolume and don’t apply on reboot if they aren’t 100% successful
    • immutable distros like NixOS: core directories like /usr, /bin, /sbin, /lib, /lib64, /etc, /boot, /opt are read-only for higher security against malicious software
    • boeman@lemmy.world
      3·
      11 hours ago

      Add to this periodic CIS benchmark with OpenSCAP to diagnose any openings and certain types of vulnerabilities as you add additional software or make configuration changes. Hardening your OS is a tough task, but even with windows or macOS, you can run into vulnerabilities that are completely there from bad configuration or rouge software.

      Now that I have that out of the way, it doesn’t matter what OS you run, there will be vulnerabilities. Being diligent in updating your machine (both the os and installed software) will do a lot of good to keep your workstation safer.