I have once used it multiple years ago - decade ?. How good is it in comparison to commercial solutions?

It's been years since I used it aswell, but last time I checked, detection was lackluster with many misses, but also false positives…

Not good. AV-Comparatives tested it a decade ago or so, it was actually the single test they carried out because once they found out that ClamAV caught fewer than 30% in the wild viruses vs. 99.5-100% for top AV vendors, they gave up on it.

ClamAV is basically useless, and not only that - running it gives you an utterly false sense of security.

And even when we speak about top AV vendors such as BitDefender, Norton, Kaspersky, etc. their products are basically useless for catching Linux malware. They are only good for Windows and surprisingly MacOS malware.

For Windows applications they employ a range of deep scanning technologies including automatic reverse engineering and hardware virtualization assisted sand-boxing and there's nothing like that for Linux applications.

And Linux malware runs rampant on infected servers contrary to the myths spread in the open source community that Linux is malware free. It doesn't help that e.g. Windows has pretty much all binaries (including shared libraries) digitally signed, so it's relatively easy to sniff out alien applications and in Linux we only have at best the signed kernel and its modules for Fedora, RHEL and Ubuntu. The entire user space is not signed, so you never know what you're actually running.

And don't get me started on the evil maid attack (tampering with the initrd which can give the attacker full access to your system even it's encrypted) which is still not resolved in a single Linux distro.

The situation with security in Linux despite SeLinux, AppArmor, other MACs, and user virtualization solutions such as FlatPak and Snap is quite sad really.

People often flock to Linux thinking they'll be safer and then they proceed to install software from random sources on the net without thinking twice which leads to a situation when hundreds of thousands of Linux servers run malware and are used in botnets.

Here's the latest quite damning example: https://sysdig.com/blog/analysis-of-...docker-images/

1652 malware ridden docker containers ready for your consumption. And don't get me started on thousands of breaches of NPM, Python, Ruby and other frameworks.

To be honest I feel safer running my Windows 10 installation than a freshly installed Fedora 37.

Is this any good for single-boot Linux only installation?

Why?

all the official packages are verified by the Fedora community. Did you have any negative experience directly tied to them?

Meh... stick to your window$... not sure why you're on these forums!

No problems with distros, if anything happens to "initrd" to any of those distros you mentioned, AND it affects a paying Canonical customer or IBM/RedHat customer or bank... It gets clamped down quite quick.

You're spreading fake news really, from a window$ emotional lubber.

But after the installation these files can be overridden by malware and since they're not digitally signed, you don't know.
Sure I trust Fedora, when I install Fedora, but after you use it, then those files can be overridden.

I have at the very least two dozen applications and libraries not provided by Fedora due to licensing and other restrictions. And even beside that, you've not read my post, have you? Fedora only signs the kernel and its modules. You cannot be sure that Fedora applications/libraries you have installed are actually Fedora's. You may tell me that I could run `rpm -V` but any malware can easily tamper with the RPM database and make it look like you're totally fine. I need to stop now, I don't want to talk to people who don't want to get into the fine details of the huge security fiasco/theater that modern Linux distros are.

Exactly that.

Does Lennart Pottering ring a fucking bell for you? Just a few weeks ago he talked about exactly the same fucking "fake news": https://0pointer.net/blog/brave-new-...oot-world.html

After dealing with Linux users I want to vomit hard. The worst fan base of anything I've ever dealt with. Denying issues, lying through their teeth about issues, telling you to "fuck off" when you expose Linux for what it is.