Why not Home Protection for Linux?

Hello there

I found out that home security protection was discontinued for Linux, and I don't know the reason, but it would be great if you bring it back.

Nowadays, there are people that prefer to use Linux Desktop and they want to be protected.

Comments

  • Well in short, as per the information that I had received earlier from the community forum administrator, the market margin for linux is still less as compared to mac and windows, hence bitdefender discontinued the linux version for home user.

    Currently there are no thoughts on releasing any linux product for home users. The linux product is only available for business/enterprise users.

    More information can be provided by @Alexandru_BD, @Mike_BD

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Thanks Flexx

    Nevertheless, there are no a lot of options in the market. You would be able to find some free options like Clamav, but they are no compare with paid antivirus.

    From my humble opinion, it would be great that bit defender offers that option to its clients. It would stand out of the rest antivirus providers.

    In my case, I paid for the family protection and some of my devices are in Linux desktop, so I couldn't protect all, but at least I've been happy with its performance in the rest of the devices so far.

    Thanks

  • Well since bitdefender does not have a linux product for home user, you can either go with kaspersky or eset. I would prefer eset since it has excellent detection when it comes to detecting linux malware.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • As far as I know, those companies just offer endpoint solutions for Linux. They don't have home protection.

    It is the same situation like bit defender.

    Thanks

  • Flexx
    Flexx mod
    edited July 2023

    While kaspersky also provides linux for endpoints like bitdefender but eset has product for linux home users. Below is the link

    https://www.eset.com/in/home/antivirus-linux/download/

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Josefrank21
    edited July 2023

    Thanks Flexx

    However, ESET discontinued the home edition for Linux. If you go to that page and scroll down, you would see this info:


    ESET NOD32 ANTIVIRUS FOR LINUX DESKTOP is no longer in limited support and currently receives no support since 3rd August 2022. Learn more

    Business users should install ESET Endpoint Antivirus for Linux or buy it as part of ESET PROTECT Entry.

    https://www.eset.com/in/home/antivirus-linux/download/

  • Thanks for the correction. I see that all antimalware for linux are available for endpoint users only.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • I made an account just now just to say that I think this is really dumb. Bitdefender protects Linux by way of the business endpoint solutions (i.e., GravityZone). Honestly considering changing to using that since the prices are fairly similar depending on your license needs.


    What kills me is that Bitdefender makes the solution, but then can't be bothered to sell/offer it for home users because it's "too much work for the market share". All they have to do is offer options for the major distros (Ubuntu/Debian, Fedora/RHEL, anything else that has a server and desktop version). I've used Bitdefender for years on my Windows and Android devices, but now that I'm starting to get into using Linux devices Bitdefender is becoming less appealing because it no longer meets my needs.

  • In the past, Bitdefender did have antimalware for Linux for home users. Also, there have been many feature requests related to Bitdefender to reintroduce the Linux version for home users. However, according to Bitdefender, due to the smaller number of Linux users compared to Windows and Mac, they currently do not plan to reintroduce the Linux version for home users. The Linux version will currently only be offered to business/enterprise users.

    You can still submit your feedback using the provided link, and it will be directly transferred to the product developers https://community.bitdefender.com/en/categories/product-features-and-ideation

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Techguy5
    edited January 5

    Please Bitdefender Home User team, Please re-issue a Bitdefender AV for Linux home user.

    I have been working with several people this past year (12/2023), installing and fine tuning Linux (Ubuntu, Mint, Zorin). And the only AV product for home user, which is still alive, and is NOT a Command line terminal product, is ClamAV & Clam-TK.

    I would love to have a Bitdefender for Linux home user. It does not even have to be free, just reasonably priced for the home user (not a business end-point product).

    (I will also post this to the referred link for 'product features and ideation.)

  • tech101us
    tech101us Mr.

    I would like to add my voice to this request. I am on the cusp of needing to renew my Bitdefender Home subscription (10 devices) and what always holds me back is the lack of support for Linux. I always end up going in search of something that has Linux support. Come-on Bitdefender, how much extra work could it be to add Linux support for the major Linux Distributions (Debian\Ubuntu, Red Hat\Fedora, etc).

  • Flexx
    Flexx mod
    edited April 9

    You can share your request using the dedicated forum link, and it will be directly communicated to the developers (https://community.bitdefender.com/en/categories/product-features-and-ideation)

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • The new update to this post: I got in touch with the Bitdefender support, who further got in touch with Bitdefender developers, and below is what they currently think about Linux antimalware for home users.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • I would advise anyone looking for a desktop Linux antivirus solution to check out Dr. Web or eScan. These are the only two companies that seem to care about supporting the Linux desktop community. I have used both of them on Linux and both are excellent. (They are both certainly much better than clam.)

    Dr. Web has the convenience of a web portal where a user can add or suspend licenses at any time without having to pay for a whole year up front. It's very convenient. You just keep funds in your Dr. Web online account, and they deduct a certain amount each day depending on the number of licenses that you have active. Of course, they also have products for Windows, Mac, Android that can be managed through the same web portal. The web site is a bit confusing as they also have a standalone product that can be purchased with the more traditional one or two-year license. Just look for the tab or option that says 'Subscriptions' and that should put you on the right track. The only thing that might give someone pause about Dr. Web at the current time is that it's a Russian product, and the government may decide to ban it like they recently did with Kaspersky. drweb dot com is the web site.

    eScan is also good value for Linux. The price is usually $20 per year for Linux desktop protection, and the software has quite a few options. There is no web management portal like Dr. Web, so you have to purchase a separate license for each machine directly from the web site. eScan is produced by an Indian company named Microworld, but they do have offices in the U.S. They also have products for Windows, Mac, and Android as well, and they are a Microsoft Partner company. The Android version didn't seem to be as polished as the Linux and Window versions, but it was certainly functional. escanav dot com is the web site.

    I have tested both products on Linux machines and the real-time components of both have actually alerted me to actual threats on Linux, although they have all been relatively minor risks. Dr. Web seems to be the better value in terms of cost because they give free mobile protection for one device for each desktop device license. So basically, Android protection is free for an equal number of devices as the number of desktops.

    I have really gotten tired of the same old answer from the major antivirus companies about not wanting to support Linux on the desktop, especially when Linux desktop systems continue to grow. I certainly hope that since Bitdefender does not want to be bothered with Linux customers that they will allow this message to remain for customers that are genuinely searching for Linux malware solutions.

  • I researched both of these options and neither feels a good choice. For starters, if you're concerned about geo-political issues Dr. Web is a red flag (like Kaspersky). Not trying to imply Dr. Web is state-backed, but it is an unknown being based in Russia. eScan has mixed results. Neither have results from AV-Test (they both offer Windows solutions so you'd assume their'd be something).

  • eScan relies solely on Bitdefender's signature-based engine for malware detection. This engine is developed by malware researchers and allows eScan to leverage Bitdefender's extensive malware database and detection capabilities without needing to build its own detection engine from scratch.

    Talking about Dr. Web, it has a reputation for having one of the lowest malware detection rates across various operating systems. This is particularly concerning when it comes to ransomware, a type of malware that can encrypt files and demand payment for their release. Given the severe consequences of a ransomware infection, Dr. Web's poor detection rates in this area raise significant concerns about its effectiveness in protecting users.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Hello,

    I'd say let's not jump to conclusions yet. The Linux version has been brought up on numerous occassions in the community and beyond, so it's safe to say that the developers now have an invaluable amount of feedback to analyze, in order to decide if this avenue should be explored further. I know this because I have forwarded many user testimonials and requests to them, and I can assure you they are actively doing research on this matter.

    If there will be a product for Linux home users this remains to be seen. My question to you @tech101us & @themet4lgod is how do you use Linux exactly and what is your need for security on this OS, if there is a specific need, that is?

    Thanks

    Premium Security & Bitdefender Endpoint Security Tools user

  • As a follow up to the comments on my previous post regarding Dr. Web and eScan:

    The eScan package engine is indeed based on the Bitdefender engine and databases, so that could certainly be a selling point if you're looking for something with similar performance.

    Dr. Web does not participate in the industry-recognized AV tests. They stopped participating several years ago, long before the current geo-political events. They stated that they don't believe the tests reflect real-world scenarios and that the tests are misleading. Take that for what you will. I can only say that I've had good results with Dr. Web on both Linux and Windows, and the protection appears to be at least on par with the lesser-used major antivirus products (e.g. McAfee, Trend Micro).

    I can't really comment on the ransomware effectiveness because of I've never been a victim of ransomware. It may well not be as effective as other products, but it's certainly better than using clam or nothing at all when it comes to Linux systems. On Windows, there's always Windows Defender as a default.

    I've been using Dr. Web on all of my devices for about three years with no problems. This includes two Linux desktops, one Windows desktop, and three Android devices. Still, I can understand people's apprehension with it being a Russian product during the current geo-political situation.

    In terms of Dr. Web's Android product, I feel it is second to none, having more features than any of the Android products that I have previously used, including BitDefender. The anti-theft component is especially powerful, and I've even used it to recover my lost phone on one occasion. Something else that's worth mentioning is that Dr. Web actually detected and blocked an app on my phone that was automatically downloaded from the Google Play Store during an update. Apparently, the update for my home alarm system app was infected with spyware, and Dr. Web quarantined it. The following day Google released a second update for the same app that Dr. Web then reported to be okay.

    Here is an article that was posted about that time documenting Dr. Web's detection of malware on Google Play:

    https://techhq.com/2022/07/play-store-malware-adware-virus-data-privacy-scare-apps-android/

    I feel that eScan is a certainly a comparable, or possibly even better, choice for the Windows and Linux desktop. But their Android version seems to be lacking and not nearly as effective as Dr. Web. This is one of the reasons that I continue to use Dr. Web. The convenience of having one source for all platforms that I can manage from the same web portal, without it costing an arm and a leg, makes it a simple choice for me.

    That being said, if the other major antivirus companies cannot deign to cater to us Linux users, then they certainly have no room complain about the shortcomings of other Linux providers.

    Cheers!

  • Flexx
    Flexx mod
    edited July 13

    @Jovonne, you need to slow down in your replies, or the anti-spam feature in the Bitdefender forum will mark all your posts and comments as spam, remove them, and ban your account on the community forum. I was somehow able to unban your account and restore your previous two comments, but it will not be possible every time.

    @Alexandru_BD has already provided the needed information above.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • themet4lgod
    edited July 13

    @Alexandru_BD I use Linux pretty much the same way I use(d) Windows: browse internet, access networked files, play games, do some programming.

    I currently use ClamAV to do scheduled scans and it seems to do an okay job, but it does create some false positives. For example, I tried to install Camtasia using Bottles (didn't work) but Clam is identifying part of the official installation package as malware.

    I'm of the opinion that with Linux being open source the need for some real-time scanning exists. Some popular packages had major security vulnerabilities recently. Also, with Android being susceptible to (and is infected with) malware (which is Linux based) there's a non-zero chance of malware existing for regular Linux distros.

  • Does editing a post count as spam? I tried to correct a typo twice and now it's gone.

  • I was able to restore your comment. Editing the post should not cause an issue. Forum admin @Alexandru_BD can provide more information about this.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • @Alexandru_BD : I apologize for any problems. I only posted two messages. My follow up message didn't appear right away, so I thought perhaps it was because my message contained a link. Some boards do not allow posting links, so I made that assumption as the reason. I then re-posted my message without the link, thinking that would correct the issue, but again my message didn't appear. I'm glad that you fixed the problem and notified me. I'm certainly not trying to promote or denigrate any specific products. I just wanted to state my experiences and opinions, and I appreciate that you have allowed my message to be posted.

    I likely won't be posting anything else, as I'm not a regular contributor here. I just happened to have pertinent information on one of the topics.

    Thank you for your help.

  • Hi @Jovonne

    Don't worry about it. Yes, there's a flood control setup on the forum to protect us from spammers/bots who may have the ability to post subsequently within a very short period of time. For example, the new threads/discussions allow a gap of 240 seconds between them. If one user posts multiple discussions within this timeframe, this is cosidered abnormal behavior and triggers a temporary spamblock, after which the user can resume posting.

    Regarding comments on a thread, you can post maximum 3 comments within 90 seconds. If this threshold is exceeded, a spamblock of 3 minutes is enabled. This also supports our moderating efforts as we can better monitor the content that's being posted here, so our members don't get to see unwanted ads and irrelevant content.

    Essentially, this setup together with other anti-spam layers prevents spam on the forum by limiting the number of discussions & comments that users can post within a given period of time. I'm sorry if this posed an inconvenience to you.

    You are more than welcome to become a regular contributor here if you wish, we would be happy to have you. 😉

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • Now, back to the Linux topic, I'll share a few insights with you.

    The open-source nature of Linux allows for continuous peer review of the code, which helps in quickly identifying and patching vulnerabilities. Linux has a robust permission model, where most users operate with non-root privileges. This limits the potential damage that malware can cause, but this doesn't mean that the OS is immune to threats. You may be wondering why the major antivirus vendors are not keen on developing support for this OS for home users.

    It's no secret that the home user market for Linux is relatively small compared to Windows and macOS. This lower market share means there is less incentive for malware creators to target Linux, and consequently, less demand for antivirus solutions for this OS. Linux is more commonly used in server environments and by enterprise users, where specialized security solutions are often deployed. As you may know by now, Bitdefender does support Linux in their enterprise solutions portfolio.

    However, this does not mean that plans cannot change. If there's growth in the Linux userbase and demand on the market, naturally the opportunity to develop such a version arises and makes sense. But I think it depends on the business strategy of each vendor.

    I think it should also be mentioned that the types of threats that affect Linux systems are often different from those affecting Windows. Linux systems are more often targeted by network-based attacks, rootkits, and privilege escalation exploits rather than traditional viruses and malware. As pointed out earlier, for those who need antivirus on Linux, there are specialized solutions available, often aimed at protecting Windows clients in a mixed environment or scanning for cross-platform threats. There are free antivirus tools available for Linux, such as ClamAV, which is widely used for scanning emails and protecting against cross-platform malware.

    As always, user feedback is welcome and highly appreciated around here, and we will continue to encourage Linux users to share their thoughts and perspectives on this, and hopefully this way we can also make the Linux community heard and play our part in supporting the concept of a home Linux version, bringing solid arguments to the developers' table.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • @Alexandru_BD : Thanks again for the explanation regarding the posting parameters.

    Although I wasn't planning on posting again, I saw your last message about Linux systems and have some criticism that is hopefully constructive. While I don't necessarily disagree with anything you've stated, I also feel that your attitude, which seems to be common with many people, is overly dismissive of Linux threats at the desktop level.

    The permission model of Linux certainly does limit the damage that malware can cause to the Linux system as a whole, but this does nothing to protect a non-root user from having their individual files corrupted, wiped out, or encrypted, as malware inadvertently downloaded by the user would presumably have the same permissions as the user.

    Many desktop Linux users also have Windows compatibility layers installed, such as WINE or Crossover, which makes these users vulnerable to Windows malware as well as Linux-specific malware as illustrated in this short video made by The PC Security Channel:

    Additionally, there is indeed native Linux ransomware, and malware that is designed to be cross-platform as illustrated by this other video, also produced by The PC Security Channel:

    On a more practical side, it can be argued that Ubuntu's move towards using all snap packages has undermined security in the same manner as the Google Play store because now users are putting their trust in a semi-proprietary single source supplier rather than the repositories that were used traditionally. The same could be said regarding the now widespread use of flatpaks or appimages because these packages are downloaded independently of a repository.

    The rise of snaps, flatpaks, appimages, and proprietary Linux software all present additional vectors for the introduction of malware that didn't exist in the Linux distributions of the past, and it would seem that the people who purport that there are 'no viruses on Linux' seem to be stuck in an obsolete Linux mindset. Even if Linux malware only affects an individual non-root user, the effects can still be disastrous, but there are also many snaps, flatpaks, appimages, or Linux proprietary software that are installed with root privileges, which makes them just as potentially dangerous as any similar Windows program.

    The suggestion that there are 'specialized' Linux malware solutions available that focus on Windows clients scanning for cross-platform threats is, likewise, an obsolete mindset, in my opinion. There are several native Linux malware threats nowadays, the very first of which was discovered by Dr. Web. And not to be-labor the point, but I feel that Dr. Web is the only antivirus vendor who has taken Linux malware seriously. With the current geo-political situation, I realize Dr. Web is not an ideal solution, which is why other providers need to step up, seize the opportunity, and discard their obsolete viewpoints. Insecure Linux desktops are a cybersecurity disaster waiting to happen. There are many more Linux desktops, devices, and embedded systems than people realize.

    Additionally, the suggestion that Clam AV is any kind of a solution is an excuse at best. Clam AV's performance and functionality leave a lot to be desired. First, Clam AV does not have real-time scanning in its default installation state. While it's true that Clam AV can be configured to do real-time scanning on a Linux system by those who are knowledgeable, it is either very slow or will significantly impact system performance on a lower-tier system, which encompasses a large percentage of Linux desktop systems. Clam AV's only practical use is for system scans during periods when the system is not being actively used or for brief manual scans of a limited number of individual files.

    Your only point that I feel is entirely valid is that there is a limited market share for the Linux desktop (however, probably more than you think). Which is to say that a Linux version is not currently a profitable undertaking in the present environment. This I cannot argue with. Any commercial enterprise has to see a return on their investment, and of course, it's always easiest to go after the opportunities that are most likely to succeed. On the other hand, a company that can see an opportunity that others don't may have the chance to dominate an untapped market at a future time.

    Best regards.

  • Well if the Steam (game platform, for those that don't know) survey's can be extrapolated off of, Linux is « 5% of the user-base though Windows appears to be losing market share. From personal experience, I made the switch to Linux after being unhappy with Microsoft wanting to push their AI in everything.

    On the comment of the nature of Linux being open source with several reviewers of the code and being somewhat more secure, the SSH backdoor was only caught because someone noticed a minuscule increase in CPU usage.

    There are things we can do to help Linux stay uncompromised (verify checksums, download only from reputable sources, etc.), but I'm not perfect nor really know 100% what I'm doing.

  • Hi,

    This is very insightful information and posts like these help us better understand what Linux users want and how they use this operating system. So thank you for this. The more we get such testimonials, we can paint a more complete picture of the requirements and I hope that the Linux community will continue to express their needs and security concerns when using this operating system, and this will give it more visibility in the security vendor industry, and hopefully encourage researchers to explore this topic more deeply. By all means, if anyone here is aware of any related discussions on other forums, or growing interest around this operating system, you may spread the word that we are also gathering insights and discussing Linux here.

    @Jovonne don't get me wrong, I'm not dismissive of Linux threats, like I said above, Linux is NOT immune to threats, however its design, usage patterns, and the current threat landscape make it less susceptible to the types of malware that typically affect Windows and macOS systems. This was just a comparison. I think that this, combined with a smaller home user base, reduces the demand for Linux antivirus solutions from major vendors, like you've noticed, Bitdefender is not the only security vendor who doesn't offer a home version in their product lineup.

    Strictly from my point of view, of a Windows user with limited knowledge about Linux, I think it is a path worth exploring and I have always made the users' voice heard in the research and development teams, as such I also support the idea, even if I don't use this operating system. 😉

    @themet4lgod I think AI is expected to become increasingly integrated into operating systems in the future. There are chances that we cannot avoid this evolution that has been set in motion in the era of artificial intelligence, (regardless of the operating system we use), which has become more and more present in our lives.

    Thanks again.

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx mod
    edited July 16

    Additionally, I am sharing the MD5 hashes of Linux ransomware that are already detected by Bitdefender. Initially, some of these ransomware were developed for Windows, and later, the same developers created versions for Linux as well. Since there are about 149 hashes, pasting a VirusTotal link directly is not feasible. You can check the MD5 hashes of Linux ransomware on VirusTotal.com.

    MD5 hashes of Linux Ransomware:

    7686270b633806096e651ac20d5db943
    eda8d43b2912eba1eb9379b66aa782cc
    7a4368f92098185febaf5e8cb787b684
    718ae69788dc752a8db46b0e43e42f13
    653a90f92c2070b794c4d738188f172f
    9661c01af31a41caef2ccd3b6be06e60
    3c9e550d41f3de930e678776a6e018ed
    18a352d33c8c01b6a196adce176c5a96
    d3cafcd46dea26c39dec17ca132e5138
    e09183041930f37a38d0a776a63aa673
    f659d1d15d2e0f3bd87379f8e88c6b42
    085b8046d0c3958d78751b6825052d66
    92ed8739cfb9132c8b57016e3c071a28
    769fdda466dcd97eb8a7a99c958d460e
    bcb90c20da2c87998abf9211bccfcdd7
    d63835926975c9620cf42c2f231c828f
    79fea7f741760ea21ff655137af05bd0
    843001980e5073c7f0ea8b56873246b8
    de72f77d3020142341fc4220a2e3d392
    171d2a50c6d7e69281d1c3ef98d510f2
    bf399c2bcc08a984bd1e01fb714a4f81
    56075e7c63b3f9f612cde6187d4a7877
    ccc74ec82de8db66e5d33cd7011032ba
    e278d253cae5bc102190e33f99596966
    cdc51ee063cd3f4785d2b6894f5aabaf
    210b1ad6c911ed0735269ee298604914
    d3b0102e6632be81ce158c909f583412
    c41d9625ccd175647ffa10484ab2556d
    afed45cd85a191fe3b2543e3ae6aa811
    c83df66c46bcbc05cd987661882ff061
    5716a136538ec546ef591d5aa143c153
    1cd2d73098671253243a8457355b8820
    9506d2c662e85730d459ee605c316b7e
    e4acad02236bb70c0150d9e733869cf1
    db9596e7c022bdc053698d31fbdba579
    f628f663871689fb277a83544cc9a798
    effe75ab4e438e916c5ea012c450ae23
    10930e9b91df2c91ca6606e8cf304d1f
    73f329ccdc6abeaada5c187f72fc3dc9
    7dfed656ca6a4a14a4e40e2865ba7697
    e5dbaec74d7aa31e0e1af6a56e7a4fce
    88e4805cb7e08ffb870d72c56f455b2e
    fc16bb64d04f187448009a1c35509d91
    b9ed4cba445bc69b1c0c557d8b6b394a
    1b2952d6ccb473fb24e820cdd60c49dd
    2b39cbffdabdda37e3d05fc7603183d0
    b904bafebe75c1ee5d8a619ec0839e1f
    f7f82b546377bb7cacb87b03220a8f8b
    91e7c89e6373419c0147dda3f4ba32a9
    67fc6852ab36c3a9cd0b8cd56c21fb80
    8dd59345cc034317630b2ac2ee19b362
    a81e88086302f6fe5c8338fe7e264822
    98ab383537dc0f94ba8c4d0706f97f32
    612c7cd843a5f35d992f18d93b638087
    0f43c8c411edff20933370d0a4648ec8
    38bdb0cd9d08144d096362ac1a1e4116
    0d3b031dcf7d97644fbb0be22a3219e4
    395249d3e6dae1caff6b5b2e1f75bacd
    ab3229656f73505a3c53f7d2e95efd0e
    e199f02ffcf1b1769c8aeb580f627267
    96a157e4c0bef22e0cea1299f88d4745
    27d857e12b9be5d43f935b8cc86eaabf
    8b0bc89bc1fb3f5fe01d5c8cdffdaa98
    85547c6e720886c33bdacae81c180c46
    4bbfcdb7e491ae66b20f5b797945094a
    afa3cd09271948d2b22e6a408ef81778
    a1696abd1639cb921160371da52d6864
    28249fc247a858d9727c860e4a484392
    1453c8123be53bf4458b1a8e7e54ddbb
    ce73b00417464190d7fb9b36af74968a
    461117f3dda072abc055ba080f6b21d4
    be1ae457a1d07f9976a5b7c7abb8d454
    ad45e5c90ac3336f843b0e190abf371d
    d2469a11bc480fe9499ccac33543aeee
    4a435be114b8a527d2b8149181a1ec95
    7d0663018aff79dce252c3f409bacfb2
    b6dbd115799ff16ac69c0ba9f3dff2ce
    da34c9a18d9693accc477b12695bcf37
    888929f06cad62b38120c13d5800b978
    52e0d3622f22b5080ee25fd18d95161e
    71375aa4ad00f0fb209c8f22e0090715
    b8d677801a1cf36df3067d59c0708ded
    1e19b857a5f5a9680555fa9623a88e99
    22dc1db1a876721727cca37c21d31655
    fb8eac22caa97d5fe5f96e3f79455096
    934b91c62fec7c99e56dc564e89831cb
    22ae3e19ec54a9d314719158c00986e3
    26ad6a4dc847ede4dcf7ac29bc384526
    16175d176fc8515c4bdd5778a934c33b
    26ad6a4dc847ede4dcf7ac29bc384526
    cb914609417c3805d910a09263b54df2
    a84196377a98108a0de79d6e80dc1d61
    85b59572dbe0dee0dec81735c1800e26
    db24c254ca0121e736645c045107da27
    302f76897e4e5c8c98a52a38c4c98443
    486bd1fe562ce0c339a6c0ec8df68284
    a77aff03b497af0f3c282d019022df14
    a0fe71d4a96d619ec627a0a33311cd02
    19b84835660c8d90895980ae3bb0d515
    cc92abe1b08778b79d0369caf016c97e
    d6aaf701ca65777a83baa8b43788e1b5
    a45b51d65c12e10b318d870bf326540d
    aa1ddf0c8312349be614ff43e80a262f
    b0fd45162c2219e14bdccab76f33946e
    c601a9e2b98b8e0146ca4b435bb42a0e
    c0fca7dff6bc24d38e68db3583dadd7a
    ea1d0baa343a8ff0e4612a17d79bfd84
    f70415451c9e0fde18f4cf54c8ac7318
    a588ce60f52e125c04022ee3f2151872
    31112416e95c8cebe10e53c5f61363e7
    a26c64376f1e9ee6d8ac0a287ac7246a
    372140d7c2c68dc2c8dc137d1a471e9f
    c49ac8cfe022ff6acb8eb0036e2fc1a1
    4affa116b27f2d977a756e353f77b8f5
    60567a1d2b2e02e93ffc162e6a70d60c
    77a14377175352372c2f1f2b4ce468ae
    ff3ee75347ec9b5ba3ba2e7bcd4b1a0f
    421240952a097e904df778590caa9668
    512d654525d2aa85baf6d7aa06a3a768
    c01ba0bf9758173915c037b069265dd7
    3d684e681f80dfad9449f2ca2885a7d6
    421f006756f72cabc1ffb796c6cdb5c0
    cdaa3d0597936d9edd5112b855d65545
    ba7d82ff5ddaa55e206e346bdfdf2872
    35dbc971ba859fb80c291d811154b112
    ae6eeaa09f5fa4c937928430c397b1ff
    60e0f1362da65e11bb268be5b1ad1053
    c8eb55ccec3a6c243f0356dec970cc99
    27be323f0057b258961da949655deaec
    770a86a4da87dbc729076cfc2fef6fe5
    71bffb09e3e4d465508f6cdd79c65ff4
    10aa2df4e9adcea19ededdbca136c6b2
    c55db4b6722cfd651b3cd17e30558c6e
    9656cd12e3a85b869ad90a0528ca026e
    4601076b807ed013844ac7e8a394eb33
    0b1cead9040191870b3980b3fccf9d23
    4ced5702f08b3df9482817675c9caf1b
    7518969c3226c060d8ea33e993f3877e
    27a50ffd08039f8b2b78e8e7c44a6e83
    e3a363e0616bb8f101fa37cde0ee3fa3
    779093f9a6572b03e6d82d17ca4078ab
    ff79db8c39e91db2240521444ab34eab
    240091bf20aa033e9b187ed2dd516c2d
    fb1aefece063c20eeca83e0f729f99bf
    11d03ec8a0d6ec544bf9a67f5f28f500
    9a8aa129d748f20d992dddc08dc148ac
    6ffabd3e67705be52bff0d21ce13caf0
    a874076693aff0f34d4248396a2dd777
    f2fa9a3ce883a7f5b43ba5c9ff7bdf75

    @Jovonne, your feedback has already been shared with the Bitdefender developers. However, as of now, there is an alternative: you can use eScan Anti-Malware for Linux (https://www.escanav.com/en/linux-antivirus/antivirus-for-linux-desktop.asp). eScan relies entirely on the malware signatures created by the Bitdefender malware research team and does not have its own engine for malware detection. In contrast, Dr.Web has very poor malware detection for any operating system.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • OMG @Flexx you could at least attach a word document for this, now I'm dizzy from all the scrolling. 😂

    Premium Security & Bitdefender Endpoint Security Tools user

  • @Flexx: I still use eScan occasionally, as well as Dr. Web. I usually alternate between them whenever I install a new desktop Linux system. It's always good to keep abreast of any new features or improvements, and alternating between the two allows me to keep up with both packages. The only reason I tend to favor Dr. Web on certain occasions is because of their excellent web management portal. I can switch, suspend, or discontinue licenses for different systems at any time without forfeiting any subscription time. This is very useful when I'm testing various systems or Linux distributions that won't necessarily become a permanent production system. eScan makes it a lot more challenging to transfer licensing to another system, so I will usually only use eScan on a system that will be used long-term (for one-year or more).

    @Alexandru_BD: I appreciate your comments, and it did bring to mind a few things that I didn't mention.

    My statements regarding an 'obsolete Linux viewpoint' are probably better described as a 'server-centric' viewpoint. I feel that the majority of professional Linux developers and IT gurus focus disproportionally on Linux as it is used as a server. Naturally, this is where most of the corporate money is focused because Linux is used far more as a server operating system. Linux on the desktop is dwarfed by the server market and is used mostly by individuals and small office/home office type businesses.

    Speaking for myself, I initially became involved in Linux many years ago because I was simply tired of Microsoft's forced upgrade schemes and the apparently planned obsolescence where the operating system and apps would continually get larger, and the system would continually get slower as time went on. I discovered that rather than buying or building a new system every time Microsoft decided to come out with a new version, I could simply wipe the system, install Linux, and have a new fast and efficient system for several years to come. I have systems that are over twenty years old and still running the most current versions of Linux.

    Of course, the learning curve and adjusting to software alternatives were the biggest hurdles to overcome, but once I got used to using Linux and learning how to use WINE or Crossover for running some essential Windows programs, things got easier. I also found that Linux was excellent for running various DOS emulators like DOSBox-x and DOSEMU, which allowed me to switch back to using many of the excellent DOS and Windows programs that I used back in the 1990s. I now routinely replace Windows with Linux whenever I get a new computer, or on occasion, I will make it a dual-boot system if the new computer comes with a newly-released version of Windows. This is simply for the purpose of reviewing the latest Microsoft offerings, and seeing whether Microsoft has changed course on anything.

    While the current versions of Windows (10 and 11) are certainly more advanced and 'user-friendly,' nothing seems to have changed as far as upgrades and the size of OS. The recent forced hardware upgrades related to the TPM 2.0 module for Windows 11 left a very bitter taste in my mouth that made me double-down even more on Linux. Not to mention that Windows is becoming more and more intrusive with the added tracking and telemetry features, as well as the necessity of creating a Microsoft account.

    I'm not a 'free' or open-source fanatic like some Linux users. I have no problem with proprietary software, as long as the cost is not prohibitive, and the software is effective at its purpose. While open source is a great concept, I realize that it's not an appropriate model for everything. Profit often enhances innovation more than altruism, but I believe there is a place for both, and they complement each other in some cases.

    The point of my discussion is that we could use more Linux developers that come from a desktop mindset as opposed to the more traditional server mindset. There is one company that I can point to as an example who, I feel, has excelled at this. I use 1Password as my password manager on ALL of my platforms: Linux, Windows, and Android. I always hold up 1Password as a model of how software should be. 1Password provides a full-featured password manager for every major platform, and they do it while supporting each platform to its fullest extent. They obviously have desktop Linux developers on their team. The software is virtually indistinguishable on all platforms and has the exact same features and usability on all platforms. I say this to contrast it with many software vendors who provide an 'over-the-top' version for Windows but provide a watered-down and feature deficient version for Linux or Android. A software program should work the same and have the same features on every platform, provided such features are applicable to the operating system.

    While I got off topic a little bit, I hope that my dialog will provide some insight to your Bitdefender execs and developers should you eventually decide to go forward with a version of Bitdefender for Linux.

    Best regards.

  • Hi folks,

    Here are my 2 cents and sorry in advance as the post might become quite large (splitting it as I cannot post in one post).

    In regards to having a Bitedefender (or in fact for any other anti-malware vendor) home version - there are several reason why it make sense.

    1. Unified device protection.
      Currently, the anti-malware options for home Linux users are quite limited. As a result, there is not a suitable way to cover all home devices with products from the same vendor. In some cases - this might be beneficial if a layered approach can be implemented, however in practice - this is not the case in home environments.
    2. Telemetry (probably the biggest benefit for the software vendor).
      The current state for security solutions for Linux (including Enterprise solutions) is not that great. In fact - many of the security vendors try to apply the same approach they use for Windows to protect Linux systems. And as the Linux systems works quite differently - such approach is often not applicable. The result is that the behavior detection mechanisms are way too noisy and not suitable unless there is a dedicated SOC or and MDR team to review them. Signature detection is generally reactive and with lack of robust behavior detection - signatures cannot be created that easily via automatic means.
      One of the things which greatly can improve the behavior analysis capabilities is the amount of telemetry available. Having a large base of known good binaries, of binary usage patterns and process relations can show help focusing on the outliners. The software will "know" what is typical and will be able to focus on suspicious events and analyze them in detail (either on the system or in the cloud/sandbox).
      Having a home userbase greatly increases the amount of telemetry and in fact provides telemetry for newer binary versions compared to the version used on servers (e.g. usually home users use rolling distributions or more newer version; enterprise customers upgrade less frequently and use older software versions). In such way - the anti-malware vendor will be able to cover new versions before they are deployed in corporate environments (which is where the profit really comes).
      And of course - such approach is not only applicable for binaries, it can also be used for process relations, dns queries, accessed URLs, command-line arguments, scanning network storage devices, IoT devices, etc.
    3. Promoting security solution vendor to tech savvy people. In many cases, the people who use Linux on their personal systems are actually working on some kind of technical job. Having these people familiar (and satisfied) with a product is one of the things which might make them consider a product for enterprise use.

    In regards to the AV test comparison (especially for Linux):
    At least for me, such tests do not provide much value. They are great to have a vendor noticeable, but they do not provide any real evaluation on "how good" a product is. There are many reasons for that one being the fact that every client seeks for different things (easy central software management, file scanning detection, behavior detection, minimal false positives, different additional features etc.).
    From my experience - having "the best security solution" greatly depends on the environment and its usage and rarely can be covered by a single product or even a single vendor.

  • Part 2:

    In regards to Dr. Web and eScan:
    I have some experience in the past using Dr. Web for Linux systems (in home/consumer environment) and I have tested eScan a few years ago, so here are some observations:

    1. eScan
    • As already mentioned - uses the Bitdefender signature base
    • Does not have (at the time of my testing) the ability to perform on-access scan of the whole filesystem (w/o some virtual filepaths as /proc). As far as I recall - there is a limit of 5 direxctories which can be scanned, and they cannot include virtual filepaths (so you cannot add / to the list)
    • I haven't tested it much after finding out the above limitation
    1. Dr Web
    • I actually used Dr. Web on a few systems, both with GUI and headless
    • The detection rate for for Windows malware is not that greatly
      -- It is signature based (as the software runs on Linux) and as such - it is limited. The relatively small user-base (compared to some popular vendors) is also relatively small. The product is also used in different parts of the world (e.g. East Europe, Asia) compared some popular vendors, so the comparison is not that objective.
    • The detection rate for Linux malware (at least for the popular malware - Mirai, Mozi, some php/python scripts) is relatively good. Again - the "testing" has been done with new, but "popular" samples.
    • There is a Web protection module, which inspect common protocols (HTTP, FTP, SMTP, POP3, IMAP and their encrypted version (if you add the certificate to the trust store)), so it actually blocks malware during download. The same module can also block access to URLs categories. Such feature is not so common for other security vendors.
    • The software management is user-friendly and provides the needed options for both enterprise and home users. There is a GUI which can be used for managing the configraion, exceptions, quarantine, etc. There is also a web interfrace for the same, which can be used on headless systems. There is also a CLI which can be used for configuration and managing of the software and the quarantine
    • The software integrates well with Linux. It uses the native OS install/update mechanisms (apt/rpm) and all isntallation and updates are performed naively. It also integrates with PAM so the configuration requeres root/sudo account authentication via PAM. There is also option to use it as an ICAP, so it can be used by a proxy to have the traffic of other system scanned. Similarly - it can be configured to "replace" clamav and to use the software, already configured to use clamav. It can also be configured how to use fanotify - to block the read access to a file until it is scanned, to block it only for executables and scripts or to not block the execution.
    • The software supports different Linux architectures - In addition ot x86 and amd64, it also supports IA-32, ARM64, ppc64el, etc.). As such - it can be used on IoT devices.
    • In general - Dr. Web is very well suited for Linux systems and this is mostly becuase it is also aimed to cover Linux systems used by the different agencies in Russia. However - I believe that such integration should be available for any security vendor which provides Linux software.
    • In regards to the Android version - it behaves really well
      -- It has very few false positives
      -- It has the necessary exclusion options (unlike e.g. Bitdefender which cannot exclude a detection)
      -- It has very good detection rate, including for new threats which are still available in Google Play
      -- It has several useful modules apart form the anti-malware and web protection - call/sms protection, parental control, lost device, etc. which I haven't tested in detail
      -- It is relatively quick in terms of scanning

    In regards to how manu users will actually use an anti-malware software on Linux - It really depends on what the software provides.
    The threat landscape today is quite different that a few years ago. We now see a huge increase of the supply chain attack attempts, so the saying "I only install software from the repositories" is less and less relevant. In addition - there are many threats which as OS agnostic - browser/web threats, Office threats (which are developed to also work on Libreoffice and Linux systems).
    The way how Linux systems are used by home users today is also a bit different. There are more cases of people having a NAS or a home-lab in their home network. This is usally related to exposing at least something to the Internet (frequently more than it is needed). A lot more capable network devices are now being used and a lot more IoT devices are being used. All of them are frequently not great in terms of security or vulnerabilities, so they are some times used as a pivot point in the home networks.
    If a security vendor is able to keep up with such threats and with what the home users need, I believe a solid userbase can be gathered of people who actually use (commercial) anti-malware software on their personal Linux systems.

    One last note - I've tried the Bitdefender enterprise version as a potential solution for 5-10 system, used by home users. Unfortunately - the management options provided are not sufficient for home use. E.g. there is no easy option for a user to add an exclusion on a system, or to schedule a scan etc.

  • @azzz, you need to slow down with your replies, as there should be a minimum time frame between posting two comments back-to-back. The last two comments you posted were flagged as spam by the forum's protection filter. I restored your comments, but you had already posted the third comment, which was exactly the same. Just to inform you, if the spam protection on the forum continues to mark your comments as spam due to rapid replies, it may ultimately ban your account automatically. In that case, admins or moderators would need to manually unban your account, but that will only be possible if we're aware that your account has been banned.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • I ended up giving eScan a try on my computer when I had Ubuntu 22.04 on it and I ended up uninstalling eScan. The biggest issue I had observed with it was it generated too many false positives (especially with Bottles and Windows exe files). After a few weeks I lost confidence in the product and removed it.

  • @azzz thanks for sharing your comprehensive feedback on this topic 👍️

    Premium Security & Bitdefender Endpoint Security Tools user

  • I disagree with most of this. Linux is only "more secure" because it has lower market share and hackers can't be bothered to write malware for it. That said, Android phones are Linux-based and there is constantly malware for them, and recent articles for the past year or two are showing that Windows malware is being upgraded to also target Linux.

    Internal tools like firewalls, iptables and all that doesn't matter if the user installs a corrupted binary. This is the same issue with Windows. Arguably, for Windows, you can just use the built-in AV if you're not doing anything with sensitive information and aren't downloading random executables/binaries.

    My last thought is that if third-party protection tools are unnecessary for Linux then why is it offered to enterprise/business users? It's literally the same OS, but maybe more restrictive in that every user isn't part of the sudo/wheel group.