0nekoneko7Kaspersky releases free tool that scans Linux for known threats
MartinNo thanks
boredsquirrel (he)This is very cool! Is it FOSS though? Kaspersky is doing good stuff, but I Antivirus is also problematic, and has like all the privileges you can get
I HIGHLY doubt that they would detect the XZ backdoor
xz --version
Böhmermann in freier Wildbahn gesichtet
War auch überrascht
Why? It’s not hard. They typically hash files and look for hits against a database of known vulnerabilities.
Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.
As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
The xz backdoor was a packaged file distributed with the standard packages though. It would be trivial to find.
This is obviously not about this known file.
It is about “would this scanner detect a system package from the official repos opening an ssh connection”
Sorry, I was responding to:
I HIGHLY doubt that they would detect the XZ backdoor
Possibly linuxThat doesn’t work against polymorphic malware
I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare
Who’s talking about polymorphic malware? We were talking about the xz backdoor.
Oh well in that case there is no chance
Even if it did, what would you do? rm -rf /?
XZ is part of the core system
Avid Amoeba10-foot pole ---------------- Kaspersky
So they have made a Linux antivirus?
ClamAV is the OG
vlnstAFAIK, clamAV hunts Window viruses, not Linux malware. The linux equivalent I know of is rkhunter.
There are plenty if Linux end point protection tools. However, I think the best protection is security patching.
For personal use I don’t think there is any good malware detection tools. I think you just need to harden your browser and not install random packages from online. Best if you stick with distro repos only.
fschauppReally? I just found enterprise grade e.g. server security tools. Most sites I found were ourdated, where the Linux EndpointSecurity tools were discontinued (even tho the server tools would probably as good as EndpointSecurity)
I am talking about enterprise grade
Does it find itself?
It just removes itself along with Nvidia, Realtek and Broadcom
MrPoopyButtholeHow much are they paying you?
davelTo mention anything remotely associated with Russia is to be a paid Putler puppet; a lot of people are saying. See you at Tolstoy & the Dostoevsky book burning.
oh look another troll dragging geopolitical culture war bullshit into everything
run it as root for maximum functionality.
Russian-based company
Closed-source
Aims to enhance security
Hmm
It’s an older interview, but I like to bring this up whenever Kaspersky comes up as a topic:
If you had the power to change up to three things in the world today that are related to IT security, what would they be?
Internet design–that’s enough.
That’s it? What’s wrong with the design of the Internet?
There’s anonymity. Everyone should and must have an identification, or Internet passport. The Internet was designed not for public use, but for American scientists and the U.S. military. That was just a limited group of people–hundreds, or maybe thousands. Then it was introduced to the public and it was wrong…to introduce it in the same way.
AdanisiFuck that.
Yeah, I sure as shit wouldn’t use the internet if it wasn’t anonymous, seems like a weird thing to want when people are more concerned for their privacy then ever before.
Kaspersky actually has a good track record of NOT being anything malicious (Except for old times when it seemed to flag pirate software quite often).
However, if the tool is closed-source, this is naturally against Linux ethos and is generally something to avoid, given extensive permissions.
Well, on the other side I have Steam and most of the games there are closed source…
Yes they run in user mode and (usually) don’t have kernel level access.
Yes, kernel level access is what makes it a much bigger deal.
I don’t like that either
I’m not sure I’d give Russian software root access to my systems.
What about 7zip?
I don’t give 7zip admin access to my system.
kingthrillgoreThey actually had a good track record but I think a FSB stooge took a board position and at that point…
ssmSupport ClamAV instead of this trash
It isn’t terribly good
youmaynotknowYay, let’s install Spyware on our Linux computers 👌
Does it scan for Kaspersky?