Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Anti-Virus again... F-PROT anyone? Why I need one
Hi All,

I know there have been endless discussions here about the pros and cons of AV. Regardless,  I have a compelling reason for needing an AV - and this may affect many of us.

My first Linux Lite project is to replace the slow, tired old W7 laptop that I've been using for Internet banking.  I've used F-Prot for Windows on it for years without issues or incident (despite the fact that the application also hasn't been updated for years).  It gets very frequent virus definition updates, often several per hour, so that must count for something, though how effective it really is, I don't know.

Banks are generally risk averse, and my bank seems to be at the upper end of that.  Their Terms and Conditions state the following as a Breach:
  • You have used a computer or device that doesn’t have an up-to-date operating system installed for Internet Banking ... ; or that doesn’t have up-to-date anti-virus software installed for Internet Banking.

I know this is barely necessary in the circumstances, but those are their terms...  All I want to do is comply. I think that means frequent updates are necessary. Real Time scanning isn't specified... In fact, it would seem the AV doesn't even have to be used.  ???

My question is, has anyone used the (Free, Home User) Linux version of F-Prot on LL, and was it a good experience? It requires Perl 5.8 - is that already installed, or does that pose any problems?

Alternatively, I'd be willing to try Sophos for Linux if that works?

Any help much appreciated.
Evolution says that Paranoia is a valuable survival attribute.

Thank God for Evolution!
To be honest I'd contact your bank and see what they say. If you explain you are using Linux you might find the rules concerning the need for antivirus are not that strict. I think the warning is simply because some window users still use their computers on the internet without an up to date security package.
Owner and DJ at WKDfm Radio ( )
Great Suggestion, thanks!

I followed up... but the answer I got was not very useful.  Customer Help Desks.  Gatekeepers. Non-technical CS staff.  Second-handed, relayed information.  No real answers.

The short answer is that the bank is continuing to support W7 in the meantime and will not just suddenly pull the pin. They will let everyone know before they stop support.  Awesome!

They led me to another page of 'helpful info'. Recommendations only... Linux is not even listed as a recommended OS, merely:

"Windows 7 or above
Mac OS X 10.10 or above"  and a list of supported browsers.

That's really all I got.

Welcome to the Age of Mediocrity!  Sad

I guess the banks are not losing enough money through malware, viruses, hacking etc to worry too much about it.  OR, it falls back on the Customer, via the Ts & Cs.  No doubt, they log all the browser and OS version data with every login, but when it goes bad it's all covered under Confidentiality clauses so we don't hear about it.

If anyone else has comments, I'd love to hear them.
Evolution says that Paranoia is a valuable survival attribute.

Thank God for Evolution!
Quote:My question is, has anyone used the (Free, Home User) Linux version of F-Prot on LL, and was it a good experience? It requires Perl 5.8 - is that already installed, or does that pose any problems?

There's no "free, home user" Linux version of F-Prot but a 30 days trial and the Linux one is a tar.gz package, meaning that you have to build it yourself which process might be a difficult or an easy one, you never know until you know. Also, it seems to be only for workstations and servers, I don't really know whether there's a difference or it that means it's not fit for desktop pcs but it is what it is. Also and quite disturbing; last updated January, 2013?? On Thursday it'll be 7 years ago!!

[Image: 4BhbxjC.png] 

FWIW, I've never used an AV in Linux; they serve no purpose and are nothing but a waste of resources, no sir, those days are wayyy behind me along with Windows Smile and I've never ever faced a virus/malware scenario under Linux like I used to in Windows. And I do banking stuff and never had a problem ... just saying.
Without each others help there ain't no hope for us Smile
Need a translation service?
Hi Moltke,

Thanks for your comments.  This is a real puzzle.  I wonder what Jerry & I have installed.

Doing some more research now...

OK!! First, the Cyren F-Prot website is a mess. The Search function appears to be non-functional. The links from the Home page - well, convoluted.  If you click the left-side link on your page it goes to a Paid Version page.

[FWIW, finding the Linux version on the Sophos website isn't any better.  You get what you pay for, I guess.  Google is better.]

I can see how you reached your conclusions, and now, I'm confused as well.

It appears there is, or definitely was, a free Linux version, if you follow this link:

The page looks like this:

[Image: gQvFH4T.png]

It clearly says 'free for home users' - but is it???

The DL link:

includes "unix-trial" so maybe it's only a trial version.  What's more, it's 32-bit, which is what I installed.  I'm guessing Jerry installed the 64-bit version (other thread:, but we'd have to ask him. As he's already said he's not too interested (OWTTE) because the application is so old and not being maintained, I'll leave it to him if he wants to comment.

Not sure where that leaves us, but I may keep digging, at least to see if I can find out what virus scanning scores it gets.  My bet is it's now a trial, and the website hasn't been updated, but we'll have to wait and see.

Hopefully, it's not a trial and I now "comply"...

Evolution says that Paranoia is a valuable survival attribute.

Thank God for Evolution!
A bit more on the question of Banks and Liabilities for losses via Internet Banking...

I have no idea about other banks, but I found this yesterday, relating to my bank.

  • You’ve acted fraudulently or negligently: You’re responsible for all losses, regardless of the balance available in your account.

As we all know, everything at the bank is sweet while the money is flowing in their direction.

But if you stop paying your mortgage, things will turn septic pretty quickly, as a friend of mine found out.  They are quite willing to treat you like something a dog left on the street, and start talking about selling your house.  The lawyers come next... [My friend escaped, with his house, happily minus his wife, and now reports to me constantly how fast he is paying off his mortgage. He's got big kahunas, but obviously, that frightened the c~&p out of him! He wants out of that relationship too, asap!]

Once the lawyers are involved, who knows? It's their job to get the best outcome for their client. Likely, they will argue that failing to install anti-virus on your PC after they have told you it's a condition of doing internet banking with them, is negligent. 

And in our courts, they would almost certainly win. What's more, lawyers fees will no doubt also count as a loss.

Not trying to scare anyone, but I think it's worth thinking about.

Evolution says that Paranoia is a valuable survival attribute.

Thank God for Evolution!
Looking at this thread.. Not sure I'd "try" F-Prot.. It might be ok... BUT.. .
I would 2nd ClamAV (it was referenced in your noob thread).. Its in the repo's and there are instructions in the forums how to install/scan etc etc.. I've installed it.

I giggled at the internet banking - I'd be surprised if half the banks out there know what Browser you have - let alone if update to date, the OS you're running let alone if you have AV software...
LOL  Wink
LL4.8 UEFI 64 bit ASUS E402W - AMD E2 (Quad) 1.5Ghz  - 4GB - AMD Mullins Radeon R2
LL5.8 UEFI 64 bit Test UEFI Kangaroo (Mobile Desktop) - Atom X5-Z8500 1.44Ghz - 2GB - Intel HD Graphics
LL4.8 64 bit HP 6005- AMD Phenom II X2 - 8GB - AMD/ATI RS880 (HD4200)
LL3.8 32 bit Dell Inspiron Mini - Atom N270 1.6Ghz - 1GB - Intel Mobile 945GSE Express  -- Shelved
BACK LL5.8 64 bit Dell Optiplex 160 (Thin) - Atom 230 1.6Ghz - 4GB-SiS 771/671 PCIE VGA - Print Server
Running Linux Lite since LL2.2
Howd'y and thanks for the comments.

Yeah, I'm probably being over the top overcautious, but I read about so many different types of malware out there these days. It's hard to know what's real and what's smoke and mirrors.  Or, how the banks might respond if someone siphons your accounts.  Has anyone ever heard what happens?

I have heard a multitude of stories about suckers falling victim to Russian and other scam artists lurking behind photos of unknown beauties and purported 'Pots of Gold' inheritances, but really nothing about who pays when the money gets taken from your account by someone else. That said, quite a while ago, a family member got her handbag stolen, and before she even knew it was missing, received a call from "the bank".  It cost her $680 to learn never to give out your PIN.  Of course, there was utterly no recourse on that one.

You might be right about what the banks know. They don't even list Linux as an acceptable platform - they would rather you go with Open-Slather Windows, even as old as 7. (Actually, 7 is probably more secure than 8.x or 10, as it's been in Beta Test a lot longer.  Wink)  That said, I don't want to be the one to find out.  Besides, the technology to log all the info, from IP Number to Browser and OS versions is available. I bet the good banks all use it. Many refuse logins from out-of-date browsers. My bank even uses voice-print ID checks, so what they know is a moot point.

AV details - maybe not, (but Windows knows if it's out-of-date) and just look at what the Linux Lite Hardware and Software Reports produce. The Hardware Database knows your Motherboard Model, BIOS Version and Date, your Hard Drive Model, your monitor resolution, and probably gets (but doesn't display) your Motherboard Serial Number, Hard Drive S/N, MAC address, who knows what else.  And it gets it all with I think ONE click on a link! Of course, it requires installed software to do that, but how much can a browser alone tell you these days?

Anyway, I followed Jerry's advice (other thread) and asked Cyren Support - for the F-Prot for Linux AV Virus Detection stats.  Typical American Customer Support!  The answer I got back (in under 24 hours!) was basically, 'We do have an Anti-virus for Linux Workstations, but it is only [a] Command line scanner and updater.' 

I didn't even ask that question; I asked him about its detection performance.  Not even a hint.  [But at least he can check that Support Ticket as "completed".]

What I did do was send him the link to the page (from 2015) containing this graphic, and asked him about why F-Prot was last on the list, but again, not a word. Not even an acknowledgement.  From that, I'll take it as accurate, and will follow Jerry's barge pole recommendation, as soon as my next reinstall. (Am I allowed to direct-link to this image? If not, please advise and I'll screenshot one.)

[Image: 2015_10_Linux_Tabelle_scanwerte_neu2_en.png]

Here's the page link as well:

It's now obvious to me that Cyren has just been milking every dollar they could out of Frisk's once great reputation, while doing virtually nothing to keep the product alive.

So, meantime, I've downloaded and installed Sophos' free Linux Home User version.  Now that is a different story altogether!  Maybe another thread for that?
Evolution says that Paranoia is a valuable survival attribute.

Thank God for Evolution!
[member=10244]alcanz[/member] I think the total AV thing is a waste of time and resources, at least in Linux and I'd say even in Windows; in the end you really never know where that virus/malware came from, they're developing hundreds by day so can they assure us that their AV product will keep us safe? I don't think so , I'd rather put that wasted and valuable RAM and CPU cycles into good use before installing any AV. I used to use 1 AV and 1 AM in Windows and still there was always something.

You could try firejail instead
Quote:a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table.
In case you decide to try it, open a terminal and type
sudo apt-get install firetools
download size is only 531kb.

Here's more info if you're interested:

Hope this helps! Smile
Without each others help there ain't no hope for us Smile
Need a translation service?
I asked Scotiabank about their online security guarantee and got a fairly reasonable response.
I just copy/pasted, my question is at the bottom.

All messages
Communications Centre
Toolbar tools
Use Calculator
Print this page

    Messagescurrent page

Message:Response to your message of February 16, 2015.

March 31, 2015

Hello Wayne,

Thank you for writing back.

I apologize for the long wait as I had to escalate your concern to our Fraud Department.

According to our Security/Fraud Department, unless we can prove that a client was complicit in the fraud, they would be covered by our online guarantee regardless of whether they were LINUX users or other.

We also do expect our customers to do their part by following the messages displayed within the Security Centre. Among there are:

i)                    Scotiabank does not stipulate what Operating System customers have to use

ii)                  Customers need to carefully select and maintain passwords and access codes

iii)                Maintain and install up to date firewall and anti-virus protection software (as a suggested course of action).  The  partnership with McAfee and Trusteer is not an enforced practice

iv)                Trusteer is not offered on Linux (and there are no future plans to offer Trusteer on Linux)

Please also be advised that Trusteer is not a VPN.  It is a globally recognized fraud prevention tool used by Financial Institutions around the world, and owned and operated by IBM.

I trust this information is helpful and hope you find our online services satisfactory.

If you require further assistance, please write back or call our Contact Centre.

Representatives are available 24 hours per day within North America at 1-800-472-6842 or from outside North America call collect at (416) 288-3899.

Thank you for choosing Scotiabank. We appreciate your business and look forward to assisting you in the future.

Scotiabank welcomes your feedback. Kindly copy and paste the link below into a new Internet Browser window and send us your thoughts.


Viviene Dela Cruz | Email and Information Centre
Scotiabank | P.O. Box 4100, Postal Station ?A?  Toronto Ontario, M5W 1T1
Scotiabank is a business name used by The Bank of Nova Scotia

On 2/16/15 9:57 AM, [email protected] wrote:
Thank you for your response to my question about your online security guarantee and whether I would be protected while using my computer with a Linux operating system.
Unfortunatly your answer does not help me at all, I am unable to install the Trusteer VPN as it only runs on Windows and Mac computers.
Thank you and have a great day, Wayne.

Forum Jump:

Users browsing this thread: 3 Guest(s)