Linux Antivirus is a very specific niche. It’s mostly there to scan for Windows viruses and malware. So your Linux mailserver for example (or storage system) filters those out before they appear on your employee’s computers.

What you’d instead do in Linux is harden your webserver and services, keep the webservices you host up to date and have some monitoring so you detect known rootkits or if your DNS server gets abused for a DDoS attack. And keep an eye on supply chain attacks if you’re a developer. Because that’s how attacks against Linux work. I’ve been scolded for saying this on Lemmy, but to this date, desktop computer malware isn’t really a thing with Linux. Attacks almost exclusively target webservers and Internet of Things devices, routers and so on.

So an Antivirus on a desktop computer isn’t going to do much, due to the lack of malware which works that way. And you’d still be vulnerable if someone hands you a malicious bash script to delete your home directory. It could however do something if you run Proton or Wine and run Windows programs in Linux.

If you want to do something for security, learn not to copy-paste stuff into the command line. Don’t run executables from random places of the internet. Try to rely on your distribution’s package repository. Do automatic updates, and generally do timely updates, especially with the webbrowser and stuff that’s reachable from outside. Set strong passwords. And don’t neglect your backups. Your harddisk is bound to fail anyway, eventually. I think that’s going to get you 99% of the way. Installing an antivirus is only the next 0.2%.

[…] said the company has now been able to mitigate the serious mental health risks and […]

Wow. So they don’t just ignore all the warnings about detected suicidal thoughts any longer? As far as I remember from the news stories, that specific teenager got flagged hundreds of times by their systems for spiralling towards suicide. It’s just that OpenAI didn’t do anything…

There’s another community for this: !localllama@sh.itjust.works
Though we mostly discuss the news and specific questions there, beginner questions are a bit more rare.

I think you already got a lot of good answers here, LMStudio, OpenWebUI, LocalAI…
I’d like to add KoboldCpp that’s kind of made for gaming/dialogue, but it can do everything. And from my experience it’s very easy to set up and bundles everything into one program.

I think they want you to add something like

guest ok = yes  

Isn’t there some example config installed along with samba, which you can modify or copy-paste? I think that’s more likely to be laid out correctly than a random internet tutorial which might be outdated or for another distro or another use-case…

Indeed, the story is funny and weird. Though he used to share lots of interesting and funny perspectives. And these days the Youtube comments underneath are way more funny and on point than all his content.

Idk, I can’t find that supposed Bluesky and Mastodon discussions, I think he made that up. And he fails to mention the email address is just a text field, people can put anything in there. And while highlighting it, he also completely fails to spot the timezone which is right next to it. And that’s set to UTC-4 so America east coast. And as a blogger/influencer he could at least have sent a mail and see if it bounces before reporting on it… And then he invents what the reviewer’s thought process was according to him, while the real next joke is their nationality, but he doesn’t spot that either. So I don’t know what to make of this. Sure he has a community and reach, and brings attention to niche things. But his own take on it tends to be wrong(?) and not in an inspiring way… In the old days he used to play devil’s advocate and I think that was extremely on point. But you can’t really fabricate “facts” and argue against that, because it turns it from a sarcastic, Socratic dialogue into just framing, spiked with misinformation and the next 15 minutes are just rambling and bullshit… And I think that’s a bit sad because we know he’s able to do more than that. And there’s no shortage of people rambling and talking bullshit, so there is no need for him to jump on it as well. It turns him from the troll he used to be into just your average anti-woke nut without any originality, just a Linux theme slapped on top…

Did Lunduke now entirely jump on that bandwagon? Seems he now does 3 videos a week “calling out” wokeness and “extreme” leftists and it’s become quite monothematic.

Yes. Waydroid is very nice. What do you use it for? I’ve come to the realization I don’t really need a lot of Android apps on my laptop, I have good Linux software for 99.9% of the stuff I do. So Waydroid mostly sits there, unused, while I use a regular Linux messenger client and Google Maps on the website.

Is there any tool to make this easy and back up the app data, wifi credentials, settings, calendar etc? Or do you just copy the files you’re able to access with the file manager?

Fair enough. I mean I’d pay about 200€ a year in electricity to run 3 efficient computers. And my VPS is only 73€ and I never have to pay for replacement parts (SSDs, harddisks) which I had to replace at home. And then they have gigabit network, low latency, a proper IP address, it didn’t fail yet so their reliability >99.6% seems to be correct. And that’s all way better than what I have at home. So it’s a no-brainer to go for that. But your calculation might be different.

I mean ultimately there is no harm in trying. If you have 3 old computers laying around, you might as well try setting up a kubernetes cluster. I think it’s going to prove difficult to handle the IP addresses but I’m not an expert on high availability and gaming clients.

But doesn’t that require some software-defined networking or a special network setup? I’m pretty sure with the average home internet connection, you’ll fail over to the replica at your friend’s home. But that has an entirely different IP address and the game client will not handle that gracefully. It’s going to disconnect. And you need to do some DNS as well to always point at the active server and forbid caching. In a datacenter or enterprise setting, sure. you’ll just reroute the traffic and nobody will notice.

I’d rent one (small) VPS for $10 a month and split the bill. As far as I know that’s how most people do it. It’s going to have >99.6% uptime, a fast datacenter internet connection at some central location and runs on enterprise hardware… The Kubernetes approach adds a lot of complexity, you’ll have your games disconnect anyway once it fails over as you can’t migrate the IP addresses. And there will be some additional traffic between the locations to keep everything in sync. And 4x chance of some of the hardware failing and someone needs to fix it. Unless I’m mistaken about how Kubernetes works.

Sure. We get security vulnerabilities in Chrome and Firefox all the time. Sometimes the libraries handling images are vulnerable and that’s a big issue. And zero-days are a small fraction of actual attacks, most likely you’re getting hacked because of old, vulnerable software. So updates are the first priority. And backups is something people also frequently forget to set up.

I don’t think OP’s dad will host a misconfigured cloud service on their computer or set an insecure password, enable ssh and then also open a port in the router. Most attacks on that list are specific to how internet servers are set up. And well, insecure old embedded devices. And we in fact have those systems targeted regularly. My servers gets bombarded with malicious traffic trying to get in.

Did you read the article? This Ringreaper thing is a method to hide something. It doesn’t have any means to infect a system. And it doesn’t really do anything except hide itself. It doesn’t delete your files, it doesn’t steal your passwords… It doesn’t spread… It’s not really what you think it is.

Edit: And congratulations for going back and appending your first comment with the wild claim you own the truth. I’m pretty sure people here downvote you because there’s almost no truth in what you spread here. I’d be willing to listen, but you don’t have any example to back it up. Instead you ramble on how servers are supposed to be desktop computers and attacks target the kernel instead of userspace applications, Windows and Linux have similar paths for malware… None of that is true. Sorry I’m not deliberately trying to be mean or hostile. But that’s how it is.

I’m sorry. Most I can find about “RingReaper” is that single blog post or people who rephrased it into their own articles. There seems to be zero information on how it spreads through the internet? And if anyone contracted RingReaper. And I can’t even discern how that’d get on someone’s computer unless they install it themselves (which is a form of malware, though not very pronounced on linux due to the distributions and central package repositories). There are no other methods highlighted in the post. And it can’t do privilege escalation either, just scan for other vulnerabilities. So is this a thing in reality and how can I find out? It seems like valid research to me, but I can’t see how it’s more than that… What I mean is, I can see how someone put the word “malware” in the title. But that in itself doesn’t really threaten my (or OP’s dad’s) computer.

Thanks for the link. But that’s not a vulnerability or malware. It’s academic research how to hide malicious syscalls. But it can’t infect anyone’s computer. And there isn’t any vulnerability to let it in.

You’re wrong. How would an Apache exploit “hack” your Steam or online banking app? That’s just not possible.

How would something that exploits the default password on a router infect my machine with a different password?

Malware uses specific attack vectors and specific vulnerabilities.

For example it’s something that has an Apache webserver installed and that Apache is accessible from outside… So the Apache exploit can do something. Do you have both conditions met on your laptop/desktop computer? I’m pretty sure that won’t be the case, and that’s the difference here. And yes, that’s specific. An Apache exploit can’t “hack” your Steam. That’s just not possible.

Can I get some list or a reference to educate myself? As far as I know it still holds true. There’s rootkits, a lot of old stuff and exploits of webservers or embedded devices. But I’m completely unaware of desktop computer malware with high risk or actually spreading?! And the list on Wikipedia seems to confirm what i said…

I think most Linux distros will be fine. As of today desktop marketshare is still small, the governments mostly work within custom business applications. And to this date Linux malware and viruses for the desktop are practically unheard of. The common attacks are against the browsers, not the underlying operating system (so do timely updates and install an adblocker) or we’d expect phishing or phone scams and that’s against the human in front of the computer, again not the operating system. That makes me say they’re about all alright. Of course they’re not all equal. Immutable distros and sandboxing will help here. But the real deal is other countermeasures, like be aware how phishing works and try not to mix online banking and pirating games from shady websites. That belongs on separate user accounts or even installed operating systems. And use password managers, 2 factor authentication and these things. (And don’t use Edge, or some browser from some random third-party repository.)