Comment on Alternative to ClamAV?
peter@feddit.uk 1 year agoOkay if we are taking the definition of a virus to be something that a person must download and execute, what about malicious javascript/python packages? They often target production systems running Linux and infection is caused by user error rather than misconfiguration.
Zeth0s@lemmy.world 1 year ago
I use python professionaly. Never seen a real successful supply chain attack on library used by “normal” people. There was recently a supply chain attack to pytorch, that I remember, but it was solved within few hours.
It is not a real risk for non developers. It is a risk, but veeery low, miles lower than pdf.exe.
Just check this stat for ransomwares taken as an example of viruses: statista.com/…/major-operating-systems-targeted-b…
Windows server is ~20% of server market. Still it is there second, with no GNU/linux (80% of server market). This is why people do not really worry much, the risk exists, but it is minimal for well configured system compared to competition, even where competitors are a niche and Linux machines are the main target.
On windows, an antivirus is not a bad idea… On Linux, a firewall and basic care are usually sufficient