>not using anti-virus
How exactly do you plan to protect yourselves from zero-day exploits, and browser security holes, etc?
>0day in your OS allowing remote code injections
>actually thinking AV matters at this point
The only way you're secure is disconnecting your machine from inbound and outbound connections... if you know you're the only one with physical access to it.
>this thread is bait and I took it
i wear a condom, easy
your premise suggests that AVs can do that when there is no solid proof of such.
lel, except they can't since it doesn't take much effort to make something like your own keylogger and not get it detected.
Yes they will, av programs dont just detect shit from a list, they monitor important system files and any suspicious changes being made. If you don't use an antivirus how can you say you use common sense?!
OSX does not have this problem-
hehe guise you can tell I'm a cool windows hater because I replaced the win with wang, like a penis, and dows with blows because they sound the same and windows blows rite guise?
Half compromised? Not at all. Open up untrusted shit in disposable VMs and kill them afterward. No persistent compromise at all. Anti evil maid will alert you to lower level compromises (bios/preboot bytecode).
It's the only OS that can be verifiably secured.
not really. i've spent the past half a year looking through qubes as a reference for a security research project, and there's a lot of sketchy stuff it does that could potentially be exploited if there were the right bugs in the graphics stack. it does things like direct sharing of memory buffers between inside the vm and outside.
In the gfx stack? Each VM has a separate x instance and it is the only os that does proper GUI isolation so a compromise of an individual appVM won't allow keylogging except for in that appvm. All input events are forwarded by dom0 so a compromised VM can't sniff anything outside its own instance.
It also depends on whether or not your CPU also supports vt-d, which fixes the memory sharing issue. Your hardware needs to support qubes in order to get all the benefits out of it.
all the X instances are separated from each other, yes, but the main system instance has its windows painted on directly by memory passed from the the VM instances.
i'm not saying it doesn't take care of most things, but it's not a "perfect solution" because they had to make some compromises for speed (and even still its ridiculously slow)
I'd agree with that. It's not perfect and doesn't tackle all fronts of possible malware but it's the closest thing I've seen or used that is incredibly resistant to *persistent* malware, and the separation and disposable nature of VMs does make it truly extraordinary.
And the drawing happens from dom0, which is extremely difficult to exploit and requires an exploit in Xen to succeed. To date there have only been 3 since its inception, and one required a windows hvm, one was developed by the qubes devs, and the other has been patched for ages.
Also I have not noticed a major speed issue except for things that require hardware acceleration. Once the appvm is loaded, it's snappy enough for the trade off in additional security.
>a handful of viruses target Linux
>effectively speaking, Linux does not get viruses
You contradict yourself within the same sentence.
Linux gets owned, OSX gets owned, Windows gets owned.
Just because it's theoretically possible for chicken flesh to develop salmonella doesn't imply that I'm going to get salmonella poisoning whenever I eat chicken. I don't get salmonella poisoning when eating chicken. This doesn't imply that I'm 100% immune to salmonella, it just means that it doesn't happen in practise.
Just because viruses exist for Linux doesn't imply that the general populace are going to get affected by it. The literal meaning (Linux does not get viruses) is false but in practice, it's practically true.
Viruses are only a problem if they get into a system and do damage. If the in the history of practice shows that it is extremely rare for anything to happen, the magnitude of maliciousness of any virus is practically of no consequence to us as practically speaking, it doesn't directly affect us and only indirectly affects us by association.
Linux has a shit ton of vulnerabilities even recently
>heartbleed was an openSSL vuln that exisited in Linux dating back to the early 90s
>shellshock existed on Linux web servers also dating back to the 90s
while a vuln is not malware at all, these were very easy to exploit which would allow attackers local admin on the host. Moral of the story: linux is not impenatrable
Of course it is not entirely impenetrable, but for any reasonable home or even most business use, it is essentially safe. Of course it has an occasional virus, but when it does, it's big news, and probably won't effect the huge majority of people anyway.
If everyone started using OSX or ubuntu in an enterprise environment or even home use, you would see the rate of linux infections rise significantly.
There is little malware targeting linux because few people use it. I'm not saying Linux is less or equally insecure as Windows because it's definitely not. Linux out of the box is quite secure.
Malware authors are targeting an attack surface they'll have the highest chance of success with.
i'm a digimon. whenever i encounter a new virus and defeat it, i grow stronger.
LOOK MOMMY, I POSTED DA FUNNIES ON THE INTAWET!!!!!
>this board values high-quality posts
You almost had me there......Install gentoo
Scan the IP address for vulnerable ports and then begin brute-forcing the admin password. If your victim is relatively retarded they should have an austistic password (seriously, try "autism") and will eventually get in to their system remotely.
And then you can drop in lots of CP and tip off the FBI anonymously to get them jailed. Enjoy!
Yes, and look how many fake av's and malicious software is now being written specifically for android
Infection has nothing to do with security, and all to do with how popular the system is
How many people do you actually know who have had a problem with a virus on Android?
And Google allowing such things to be blatantly on the play store is a Google problem, not a Linux problem.