I can tell you that since she moved away from Windows, I never had to clean up her computer. Under Windows, it was a monthly chore.

I am aware there are attack vectors than can be employed against her setup, but the odds of something that could affect her friends also affecting her are vanishingly small - and I have never observed one of those on the wild. Education plays a role too and I took the steps to show her what looks fishy. Her box is also behind a very paranoid router that will page me if anything fishy starts to happen on her side of the network. It was so silent I programmed a weekly "lamp test" so I know it's still watching.

For laymen's purposes it pretty much is, though. When was the last time anyone on Linux/OSX got some adware / popups?

I've also never heard of antivirus for Linux. Which doesn't mean there aren't viruses, it means it's not a concern on the most part.

"For laymen's purposes it pretty much is, though. When was the last time anyone on Linux/OSX got some adware / popups?"

For OS X, one or two months ago. Do a web search, the times are changing for Mac security.

"I've also never heard of antivirus for Linux. Which doesn't mean there aren't viruses, it means it's not a concern on the most part."

No, it just means it's not your concern. When online crime has become a business, it makes sense to try to protect yourself. Major AV companies have a product for Linux.

The vectors are different.

They are also, for the most part, add-on (and readily removable) parts of the system. Usually some network service or web app vulnerability.

There have been a few kernel-level exploits, most of which are DoS vulnerabilities, though a few are privilege escalations (meaning: paths to root or full system ownership).

Still, as a whole, the modular architecture and high system transparency of Linux means that it's far easier to avoid, detect, and recover from attacks than Windows. Mac OS X is slightly less protected, but only somewhat.

Contrast this to the gaping security whole that remains the Windows shell, the tightly integrated default Web browser, the "document as application" model, various unsecured default services, very low system transparency (/proc, /sys, strace/ltrace/dtrace, netstat, etc., are wonderful), and, oh, say, the fucking impossibility of deleting open files, and you've got a massive security migraine.

Still.

And, yes, Virginia, there's antivirus for Linux. We run clamav on our servers to keep all those damned Windows viruses from proliferating by way of our services. But viruses as an attack vector for Linux itself? No.

http://www.clamav.net/ if you were actually wondering. There's also a sweet osx port: http://www.clamxav.com/

Did you ever catch something with it?

If ever, it catches Windows viruses usually. Prevent them from spraying and is also very useful on Linux server setups.

It's great as an additional protection in your mail setup. My personal domains are few and email accounts not widely exposed. ClamAV caught 7 viruses in 2010, though I get about 20 spam emails per day. Since I never check the imap folders for spam, it might be that some of them were not caught by ClamAV, but by spam filters instead.

Anyway, for 7 virus emails per year I couldn't justify 100+Mb memory requirement on my 512 linode, so ClamAV no more.

Not in the practical "you've got a virus" sense, but if I have a suspicious file I want to scan, it gets good detection there.

I think it's mainly used on mail servers.

For scanning tiny individual files, http://www.virustotal.com/ is the site to use.

Maybe you don't remember the root-kitted Redhat boxes in Korea which were, for some years, responsible for a surprising volume of spam.

Linux distributions then started shipping with un-needed services turned off, and increased broadband meant home machines were attractive targets for botnet malware.

In the past anti-virus on Linux tended to be used by people with a Linux mail server and MS Windows clients.

But, to bring it back to this particular discussion: It'd be fairly easy to wrap malware around a Mac OS X software. The user would need to click and give it permission to install. But how many Mac users run as admin and would just click the warning anyway?

rkhunter and chrootkit are two free malware scanners (also in ubuntu repos). There's also Avast for Linux. Avira have a free scanner (no GUI though) etc. If you actually look there are plenty of antivirus and antimalware tools.

It's true for very broad values of true.

Techies know that there are OSX/Linux viruses, rootkits, etc. But there just aren't enough of them to have to expect the grief we get from Windows.

It's "relatively true."

The fact is that there is malware including viruses for Linux. The fact is though that they are pretty rare, and the types involved are unlikely ever to become serious threats on the desktop.

It's not perfectly safe, but it's safe enough that safe enough that basic precautions for the desktop are currently good enough. Of course mobile systems are something different.

Scam emails will likely exploit your email client, your browser or your technical/it sec inability - neither of which is solved by windows alone. Education is the definite answer, not switching platforms.

Scam emails are unlikely to affect your platform in their current form for most users. They affect, instead, in most cases, your bank account.

Yes, education is the key, but certain classes of problems are largely solved by switching platforms.

In fact the PCI-DSS standard requires all desktops in the processing environment to be running antivirus software unless they are on a UNIX-like operating system.

Don't forget smug as fuck.