I'm about to install bazzite on my wife's older (2017) Windows 10 machine, and I've been going over how to recreate everything she currently has. Most programs (even proprietary ones) are not an issue, but I'm not finding much in the antivirus department.
I never even thought to install one on my Linux machine (also on bazzite, but I have used other distros in the past). So although I am no stranger to Linux, this issue blindsided me.
I know clamav exists, and I'm educating myself on how to use it, but a GUI would be nice for the wife. She's not afraid of the terminal, but she likes the convenience of GUI programs.
Any suggestions? What do you use? Or is it just generally accepted that one should be careful and keep things up-to-date and that's enough?
Usually how regular virus scanners work, they download a package with virus signatures every day or so and match the files against that local copy of the database. Unless you decide to use a service like virustotal... Sorry, I'm a bit of the wrong person to answer this question. I've been using Linux for the last 20 years or so. That means last antivirus I installed was about that long ago... I just hope Steam scans their game catalog, seems they do and that is my only source of Windows executables. So I'm fine on my private computers. And for work I'd just use whatever is provided to me.
Yeah, that's out of date. While AV still uses file signatures, the modern stuff is behavioral. If you have a file whose instructions use undocumented or low-level APIs, it can look like an exploit and the AV flags it. Endpoint protection products like Sentinelone also take the role of endpoint firewall, managing access to network resources, not just the OS, disk, etc. So if you start sending encrypted requests through uncommon APIs to a cloud server in China, it's gonna get you blocked.