Is there any software for Linux that's comparable to the Windows programs VoodooShield or OSArmor? I've tried to use AppArmor on my Kubuntu system, but to be honest it is way too "techy" and arcane for this small-office/home-office user. VoodooShield and OSArmor offer much more user-friendly interfaces in which I can understand (most of) what's going on, and adjust settings accordingly. Sooner or later I would like to complete a transition to Kubuntu, and having a defensive layer or two like these (as I do on my Windows installations) would increase the level of comfort in making the switch. I am aware of Linux's more secure default approach to user privileges, and I also know that there is much less malware out there that targets Linux; but still I'd like to improve my chances of not falling victim to those threats that do exist and get through. Thanks in advance for any info on this kind of software.
In Linux, you don't need security software because executables don't run with privilege. You would need to grant it for software to run and if you don't, you're safe. In Windows, the administrator is the default. You run a limited user account under Linux.
Thank you. Some years ago, I was on a classical music site (i.e., not a dubious site), and one of my Windows security applications intercepted a malicious drive-by download. In Linux, would a drive-by download have to ask for privilege elevation? More generally, I'm just wondering if there is any way for Linux-oriented malware to get around the requirement to sudo.
Most likely data is more valuable than root privileges on personal computer. I don't agree with Norman's statement that Linux magically prevents all threats, even though I use it for years without any financial loss. There isn't that many commercial security software for individuals using Gnu/Linux, because it most likely would be proprietary code. This leaves people with limited number of security toos: AppArmor, FireJail. They ain't that hard to configure. If you don't want to configure it from scratch, you can use freely available general templates for programs protected by those tools. Usually distributions ship with some of those templates.
No. Maybe, I'm not really sure. If you as a home user download applications from the recommended repositories, install security updates in a timely fashion, and use an ad blocker in your browser, you will likely keep malware free in a Linux setup. For some additional security, you could install Flatpak versions for browsers and email clients, which have built-in sandboxing to help keep these applications isolated from one-another. Of course Firejail as mentioned above could be another option for you as well. Also, it's recommended to ensure the built-in firewall is enabled for incoming network filtering. Finally, you might want to keep a recent backup image on hand just in case something goes wrong. With Linux I find in my experience issues can happen that have nothing to do with malware, and restoring a backup image has been the easiest solution.
Thanks @wat0114 and @reasonablePrivacy for the advice. I'll search for AppArmor templates and look into FireJail and Flatpak versions of Firefox and Thunderbird.
@JEAM, Which version of Kubuntu do you use? If you're on Kubuntu 22.04 LTS, or a later version, Firefox is offered as snap, which also has sandboxing. https://snapcraft.io/docs/security-sandboxing https://snapcraft.io/docs/snap-confinement
@JEAM, Thunderbird is available as snap as well, but it is not default. I do not use the Thunderbird snap, I do not know if it is just as good as the default repository version, or if it has any limitations.
