Kaspersky releases free tool that scans Linux for known threats
https://www.bleepingcomputer.com/news/software/kaspersky-releases-free-tool-that-scans-linux-for-known-threats/Open linkView original on lemmy.worldhttps://www.bleepingcomputer.com/news/software/kaspersky-releases-free-tool-that-scans-linux-for-known-threats/Open linkView original on lemmy.world
It's an older interview, but I like to bring this up whenever Kaspersky comes up as a topic:
Yeah, I sure as shit wouldn't use the internet if it wasn't anonymous, seems like a weird thing to want when people are more concerned for their privacy than ever before.
So Kaspersky are starting to make Linux viruses then?
malware for linux system exists. maybe you're just ignorant of it.
Kaspersky itself is malware.
Ever heard of Microsoft?
How is Microsoft related to a tool to scan Linux for malware?
Microsoft is a Malware itself.
Ok cool..
Apples grow on trees.
It's a fact.
So much whoooosh
and that is why we are here talking about Linux
and that is why we are here talking about Linux
Yes, and they have similar issues
Wer're aware of it, comrade.
Gasoline is not the solution to a small fire.
Corsica represent!
Anti Commercial-AI license
10-foot pole ---------------- Kaspersky
Kaspersky actually has a good track record of NOT being anything malicious (Except for old times when it seemed to flag pirate software quite often).
However, if the tool is closed-source, this is naturally against Linux ethos and is generally something to avoid, given extensive permissions.
I'm not sure I'd give Russian software root access to my systems.
What about 7zip?
I don't give 7zip admin access to my system.
They actually had a good track record but I think a FSB stooge took a board position and at that point...
Well, on the other side I have Steam and most of the games there are closed source... Yes they run in user mode and (usually) don't have kernel level access.
Yes, kernel level access is what makes it a much bigger deal.
I don't like that either
Support ClamAV instead of this trash
It isn't terribly good
Does it find itself?
It just removes itself along with Nvidia, Realtek and Broadcom
Yay, let's install Spyware on our Linux computers 👌
Does it scan for Kaspersky?
How much are they paying you?
To mention anything remotely associated with Russia is to be a paid Putler puppet; a lot of people are saying. See you at Tolstoy & the Dostoevsky book burning.
No thanks
This is very cool! Is it FOSS though? Kaspersky is doing good stuff, but I Antivirus is also problematic, and has like all the privileges you can get
I HIGHLY doubt that they would detect the XZ backdoor
Böhmermann in freier Wildbahn gesichtet
War auch überrascht
Even if it did, what would you do? rm -rf /?
XZ is part of the core system
Why? It's not hard. They typically hash files and look for hits against a database of known vulnerabilities.
Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.
As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
The xz backdoor was a packaged file distributed with the standard packages though. It would be trivial to find.
This is obviously not about this known file.
It is about "would this scanner detect a system package from the official repos opening an ssh connection"
Sorry, I was responding to:
That doesn't work against polymorphic malware
I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare
Who's talking about polymorphic malware? We were talking about the xz backdoor.
Oh well in that case there is no chance
First is it open source, and why do they made a such tool? 😂
So they have made a Linux antivirus?
ClamAV is the OG
AFAIK, clamAV hunts Window viruses, not Linux malware. The linux equivalent I know of is rkhunter.
@[email protected] 😢
There are plenty if Linux end point protection tools. However, I think the best protection is security patching.
For personal use I don't think there is any good malware detection tools. I think you just need to harden your browser and not install random packages from online. Best if you stick with distro repos only.
Really? I just found enterprise grade e.g. server security tools. Most sites I found were ourdated, where the Linux EndpointSecurity tools were discontinued (even tho the server tools would probably as good as EndpointSecurity)
I am talking about enterprise grade