Should I worry about malware on Linux? [closed]

I don't run an antivirus on Linux ( most people I don't AFAIK ) and I'm not at all concerned about any form of malware or spyware or any other_bad_ware.

Should I by concerned?


Of course I don't run as root.


Solution 1:

Yes

I don't run antivirus software on my Linux boxes but that is not the only form of malware.

I do apply patches and updates as soon as they are available, especially for security-critical software (e.g. firefox, ssh, gpg). We could debate whether that is a good or a bad approach but the question here is 'should I be concerned?' ... either way we would be debating the risks because we believe there is a threat. Similarly, I only apply software and patches from repositories and sources I have some trust in.

Web-borne malware is a serious threat so I do run NoScript, for example, and avoid enabling Java and Flash handlers except on sites where I need these and have some trust.

Finally, I check non-text attachments I receive from third parties before forwarding them on to others. In most cases any malware payload would not affect me but it could affect someone I send the file on to.

Solution 2:

Yes. You should worry about malware on pretty much any system.

Your concern and actions should be proportional to the risk (currently very low with Linux) but complacency is a bad idea and you should be periodically reassessing the potential threat, consequences and your response.

EDIT: The fact you point out that you don't run as root suggests that you do worry about malware (sensibly) and take sensible precautions. If you didn't worry about it you wouldn't care what you were running as...