- This topic has 33 replies, 7 voices, and was last updated Aug 7-5:31 pm by DaveW.
-
Posts
-
Anonymous
@DaveW
… ClamTK … So, it is working for me, both from the GUI and from CLI. Thus far, zero threats found.
No, it’s not working. Not 4 me, not 4U and not 4 anybody else but, never mind.
Detection Rate — Windows Malware
I still remember the times when I had F-Prot installed … it never found any malware but, it found something to clean more than once … once it was: (on line 33712) [Found possible virus] /usr/lib/syslinux/efi32/syslinux.efi 😉
Maybe you know the Website of The Shadowserver Foundation. Martin Navarra (on Quora) said in few words, all you ever need to know about ClamAV: “It’s not great.”
Here also the second ‘must know’ site, that’s reliably testing AV products: AV-Comparatives | Business Security Test 2019 (March – June)
“In your post, you suggest that it is foolish to use AntiX online… at least the 32 bit versions.
Since AntiX is billed as an OS to breathe life into old systems, may I ask how you make use of AntiX?”Off-topic part of answer:
There’s work and there’s fun part.
It’s generally recognized/accepted (fact) that the newer HW is quicker and more reliable and it’s generally recognized/accepted (socially) that “The time is money”.
If you have a work that has to be done and it has a deadline, and that work happens to rely on PC, than you rely on PC.
You’ll not wanna risk that your work stays unfinished because of a ‘junkputer’.
Computer is just a tool … a hammer, screwdriver …
You NEVER buy cheap tools.antiX is a fun part and, since it has (a lot of unused) potential, there’s always a chance that the people who make it, discover that potential too.
I’m trying to act as some kind of ‘(eye~) lid opener’ and trying to ‘rape’ the people into thinking about it and noticing things.
antiX has a great potential and smart people behind — now it only has to be ‘done to the end’.rej
You also might want to consider browser extensions that block web content [can be run as default or configured to your liking] such as:
uBlock Origin-
“The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites.”
and
AdBlock Plus-
Protection for “Malvertising”.
manyroads
FWIW: Here’s a recent review…
https://www.makeuseof.com/tag/free-linux-antivirus-programs/Pax vobiscum,
Mark Rabideau - http://many-roads.com
"For every complex problem there is an answer that is clear, simple, and wrong." H. L. Mencken
dwm & i3wm ~Reg. Linux User #449130
20 Jan 2021 ~ "End of an Error"BobC
They just are pretending its a recent review by changing the date. Its actually from 2012, I believe. For example, Commodo doesn’t work with anything newer than Wheezy (antiX 13.2 I think). Don’t feel bad, many of the review sites are doing that to get clicks is my guess.
manyroads
I tried sophos and it only took a few minutes before I threw into the bit bucket…
Pax vobiscum,
Mark Rabideau - http://many-roads.com
"For every complex problem there is an answer that is clear, simple, and wrong." H. L. Mencken
dwm & i3wm ~Reg. Linux User #449130
20 Jan 2021 ~ "End of an Error"
dgh
You’ll not wanna risk that your work stays unfinished because of a ‘junkputer’.
Computer is just a tool … a hammer, screwdriver …
You NEVER buy cheap tools.Haha, you are such an insufferable consumer shill– suddenly old computers are ‘junkputers’ and ‘cheap’. According to modern parlance, ‘cheap’ implies that a piece of electronics was poorly made. But if they are so poorly made, why do they operate this long? There are also security reasons for avoiding new(er) hardware (Intel Management Engine, etc) but that’s beside the point.
You imply that work can’t be done with old (in your terms ‘cheap’) computers, yet old, working computers are the only reason we have ‘extended service’ software models. Microsoft didn’t keep Win 2k and XP rolling for so long to suit a few ‘cheap’ hobbyists. They did it because corporations were still getting a gajillion $$$ of work done with their ‘antique’ systems, at a time when 64-bit adoption was well underway. Any level of persistence makes it cost-prohibitive to commit man-hours & down-time to nonessential upgrades. Businesses often run in-house software, which needs to work for as long as possible. 32-bit is going away like X server is going away; still gonna be quite a while til it’s actually gone– so cool your jets, Top Gun.
I’m trying to act as some kind of ‘(eye~) lid opener’ and trying to ‘rape’ the people into thinking about it and noticing things.
Trolls like you can’t get through a single thread without twisting topics to suit your agenda, but at least this time you came right out and admitted that you intend ‘to rape the people’.
What problem did you find?
DaveW
There are a lot of conflicting online reviews regarding the relative effectiveness of various anti-virus programs. The links that noClue provided certainly make a guy think.
Let me suggest that we maintain respect for all opinions. Each of us has our own view of our own needs. We have different equipment and also, different uses for it… some need more security than others… there are many methods for minimizing risk exposure. I doubt that any two of us are 100% on the same page.
BobC, Is Sophos working out for you? Are you running a 64 bit machine?
rej, I appreciate the suggestions for browser add-ons. I’ll look into them.
At the moment, I’m trying to setup Firejail. I have v. 9.44 on one computer and v.9.60 on another. (I used Synaptic to install the more recent version from the http://ftp.us.debian.org/debian testing repository.) Early in this thread, someone mentioned that 9.44 did not work with Firefox, but 9.56 does.
Actually, 9.44 does work with Firefox, but you have to manually edit the etc/firejail/firefox.profile to comment out the “seccomp” line. Apparently, Firefox v.60 and onward have seccomp built in, causing a conflict when firejail is also running it.
For me, Firefox and Thunderbird are both running nicely in firejail, when started from Firetools or from a non-root terminal. However, I would like to make icons and Menu items open these programs in firejail. It should be very simple to do, but I haven’t figured out what and how to edit. I did create some symlinks, and Firefox now opens from an icon. But TBird, not yet.
As for Menu items, What edit is needed relative to the relevent .desktop files?
Why do links in emails open a Firefox instance outside of firejail, even when Thunderbird and Firefox are already both running in firejail?
From what I have read, firecfg is supposed to configure all programs in the home directory to run in firejail, and maybe even fix the Menu items. I haven’t run that, because it seems like most programs don’t need to be in a sandbox. But I want to setup a few, so that they always open in firejail. The firejail manual is quite large, and it doesn’t take long before my brain gets things jumbled together. Perhaps there is an antixforum thread on configuring firejail???
@DaveW
“There are a lot of conflicting online reviews regarding the relative effectiveness of various anti-virus programs.”
Yup — and it’s perfectly logical, if you think about it.
You have to understand it as a ‘snapshot’ — the ‘momentary view’.
There are too many variables in game but, also some facts, when you’re measuring over time.
One and the same AV Program is once better, once worse but, after 20 years, one will show up as a clear “reliability winner over time”.
And, some others (ClamAV, F-Prot …) will show as a “reliability loosers over time”.
P.S.
Some are claiming, that there are a couple of thousands of new viruses per day.
I didn’t count it myself but, that seems very realistic to me.Modern malware transforms itself upon each successful infection and changing only 1 bit of code gives a new checksum (== new malware; without AV signatures).
Now count the difference between 98, 99 or 99,5 % detection rate and then, tell me how useful is AV-Software with detection rates of 40 or 20 %. 😉@manyroads
Thanks for the great link in #25195 (The 6 Best Free Linux Antivirus Programs), which brings us back to my post #25036 (my original answer to OP).
Comodo, ClamAV and F-Prot are not working, Chkrootkit and Rootkit Hunter being rootkit hunters and not fully-fledged AV programs.
At the bottom (paid) we get ESET (good), F-Secure (so-so), Web (useless) and Avast (so-so).
I expected something new … something like: but, it’ll not run on ‘junkputers’, or: it needs at least 1.2 GB RAM (for the ‘naked desktop’, right after the start), or maybe: that review is a crap — the Sophos Screenshot is still showing the old version 8, since the version 9 DOESN’T have any GUI, or something … as expected. 😉
P.S.
“I tried sophos and it only took a few minutes before I threw into the bit bucket…”
“Don’t believe everything you think.” 😉@dgh
Than let’s compare your ‘junkputer’ with my computers. 😉
We’ll simply make 1:1 install.
You can show me how good that great Pentium II with 256 MB RAM will compare running 10 ~ 20 VM’s simultaneously; you can explain to the support people that it’s their shi**y policy that doesn’t fit your utopic freedom bill, when they tell you: “Our graphic cards are certified to run those CAD applications only on RHEL, SuSe and Ubuntu”, you can show me …
How long something operates, interests nobody. The customers are paying you to get the job done. At the end, it has to work properly. They don’t care why it doesn’t work. And they don’t care why you didn’t test it on a modern HW, such as what they use. BTW. No big surprise if it still works. More primitive the technology (simpler, biger structures…), longer life expectancy, just as with any other piece of technique ever produced. Some antique crank-phone will also live longer than your smartphone. 😉
On the other side, one computer is a sum of many parts and it’s indisputable that many parts are ageing and overall reliability is sinking over time or … if I have a contract with a deadline and rely on working computer, and if I borrow your “ancient treasure”, can you guarantee me, that it’ll be working until the end of the project? You see, my brand new one will probably not break, if it breaks, it’ll be repaired or replaced in the next 24 hours. Might be unimportant for watching YouTube but, there’s work and ‘work’.
And yes, I imply that SERIOUS work can’t be done with such old junk.
Let’s write something simple, a simple, responsive website (as example) …
You can write the code on anything … 25 year old Pentium will do and any text editor.
You MUST use the most recent version of Google Chrome because of it’s ‘developers tools and so, you might already get in trouble with 32-bit Chrome.
Once some code was written, you need to test it too — it’s supposed to work on all MODERN HW … Edge (Windows), Safari (Mac), Chrome, Firefox … Android & iOS.
So, you need to have at least one Mac, not older than a couple of years (or you’ll not get the latest upgrades), one Windows running on 10, and at least a half a dozen of Smartphones (yes, the top models too, because of their exotic screens, and some average-user models, since they make the majority).
And no, you can’t afford not doing it that way — Google Chrome can emulate the screens of other devices but, it’s not showing exactly the same as the original device.
One form working on Chrome and Firefox, might not always work in Safari or … many, many other small things might go wrong.If you don’t do it that way, you’ll never find out if your website works or not.
My old Symbian mobile still works fine. Shall I use it for testing? 😉
I mean … instead of XS Max and S10? 🙂 🙂 🙂
Keep dreaming …Trolls like you can’t …
… ignore the reality just because it doesn’t suit their ideology or “freedom dreams”, or can they? 😉
P.S.
Or … you’d rather tell me a tale about “32-bit lean and mean, alive and kickin'”?
(See screenshot … and that’s not the only example.)I looked at Avast, and its on sale today! Only $239 per year per device.
Business security costs …
For private:
1. Sophos (free)
2. ESET Nod32 (± 39.-/year)
(It’ll work for Android too)DaveW-
Sorry – I did not see this post sooner.
Firejail WordPress site:
[https://firejail.wordpress.com/] (the brackets are there because the url disappears from the post when submitted without them – don’t know why)
Right click empty space on your Firetools GUI – select “edit” and fill in your application information. Right click on any of the icons and select “edit” to look at the basic info format.
I don’t know how to put an icon in the empty space, so I just use the name. I will have to see if I can put a path to an icon instead of the name and see if that works.
Reference for configuring Firetools and other info:
https://www.linux.com/learn/lock-your-untrusted-applications-firejail
Yes, I wondered why some of these programs in the GUI need to be there. I uninstall the programs I don’t use to unclutter it. And also use the 9.44 Firetools with the 9.56 F.J. because 9.44 seems less packed.
I am just learning little by little and don’t know that much…
The Linux.com site has good information, I think, and might be able to answer your other questions.
If you find you need another version in the future, Sourceforge has .deb files to install with gdebi package installer – easy.
https://sourceforge.net/projects/firejail/files/firejail/
https://sourceforge.net/projects/firejail/files/firetools/
I think the “profiles” install automatically with it.
Hope this helps.
- This reply was modified 3 years, 9 months ago by rej.
- This reply was modified 3 years, 9 months ago by rej.
- This reply was modified 3 years, 9 months ago by rej.
rej,
Thanks for the info and links for Firejail.
Firejail 9.60 with Firetools 9.58 seems to work nicely.I gave up on trying to configure desktop icons and application menus to open programs in Firejail. The Firetools launcher is quite usable. You need to take care, if you want two different configurations for a given program (eg., one to run Firefox with the default profile, and another to run Firefox in private mode). The Configuration Wizard will only handle one option. So, I left the default Firefox profile in place and manually added a private version to Firetools. (The profile for the private Firefox was automatically stored in /home/.config/firetools/firefox.desktop). In this case, Firetools selected an icon, from the program name.
Thanks!
- This reply was modified 3 years, 9 months ago by DaveW.
DaveW-
How did you edit the command line in Firetools to specifically firefox-“private window”? firejail firefox private window?
I was playing with this – opened FF with Firetools, opened Private window mode, closed regular FF and checked Firetools to see what is running in Firejail, and FF was active.
Your configuration opens to Private window mode directly, skips opening regular FF and having to click drop down menu and select Private window?
There are several different ways to configure a Firejail “private” session for Firefox.
The simplest
makes a temporary copy of your existing Firefox profilesinstalls essential files into a temporary directory, which is deleted at the end of the sessionand deletes those temporary files when the session ends. I believe this gives you a clean slate on every startup (no history, no cookies, etc.)Another method uses a special private Firefox profile directory, which is retained at the end of the session (retaining whatever history, cookies, etc. was acquired after establishing this private directory). To use this method, you must create a new directory, in your home directory, for Firefox to populate. Or, after creating the new directory, you can copy the contents of ~/home/.mozilla/firefox/ into the new directory. (Of course, that is the existing profile for your unprotected Firefox, and may include previously contaminated files, so it is better to start with an empty directory. Then, Firefox will greet you as a first time user, on first opening.) When using this method, downloaded files will be stored in the Downloads directory within the new private directory. In the example below, the name of the new private directory is .FFprivate
For either method, create a new text file in ~/home/.config/firetools/
This file could be named firefox.desktop. If you are also using firefox in firejail with default settings, the default profile is stored in /etc/firejail/firefox.profile. Firetools will keep these two files separate automatically, but I suppose you could label the new one as firefox2.desktop (which may require the Name field in the examples below to be Firefox2).The new file ( ~/home/.config/firetools/firefox.desktop ) will contain the following, if you are using the permanent private directory.
[Desktop Entry] Name=Firefox Comment=FirefoxPrivate Icon=Firefox Exec=firejail --private=~/.FFprivate firefoxIf you prefer the truly temporary (deleted on session close) private directory, you don’t need to make the special private directory and the contents of ~/.config/firetools/firefox.desktop will look like this…
[Desktop Entry] Name=Firefox Comment=FirefoxPrivate Icon=Firefox Exec=firejail --private firefoxThe next time you start Firetools, it should read this file and install an entry in the Firetools icon field… maybe even with an icon.
[My apologies for numerous edits to this post. I’m done now… I think.
[One more: In the two examples above, there are double dashes before ‘private’, but it looks like only one, on my display. ]- This reply was modified 3 years, 9 months ago by DaveW.
- This reply was modified 3 years, 9 months ago by DaveW.
- This reply was modified 3 years, 9 months ago by DaveW.
- You must be logged in to reply to this topic.
