Situatie
Backup
One of my biggest security concerns is my data being stolen from my system. As a tech writer, I constantly install different apps and tools on my PC, and I would hate it if one of them had some malicious inclinations and decided to phone home sensitive data from my system.
To protect myself from these types of mishaps, I use Portmaster by Safing. It’s a free and open-source (FOSS) network activity monitor and application firewall. I can use it to check which apps are currently accessing the internet, what servers they are connecting to, as well as how much data they are uploading and downloading. I can also use it to block an app from accessing the internet altogether.
Here is a fact-based summary of the story contents:
Do you install a lot of different apps on your Linux computer? Are you worried that one of these apps might have a virus or malicious code that steals your data? Well, here are five security practices I personally follow to keep my Linux PC safe from these threats.
Linux is a reasonably secure operating system, but it’s not virus-free. This is especially true for someone like me who installs and reviews different apps and software. My security risks are higher as I can accidentally install something with sudo privileges that ends up compromising my system. Thankfully, with nearly a decade’s experience in testing new software, I’ve developed a system to keep my Linux PC ultra-secure and virus-free.
Monitor your Network Activity
One of my biggest security concerns is my data being stolen from my system. As a tech writer, I constantly install different apps and tools on my PC, and I would hate it if one of them had some malicious inclinations and decided to phone home sensitive data from my system.
To protect myself from these types of mishaps, I use Portmaster by Safing. It’s a free and open-source (FOSS) network activity monitor and application firewall. I can use it to check which apps are currently accessing the internet, what servers they are connecting to, as well as how much data they are uploading and downloading. I can also use it to block an app from accessing the internet altogether.
On Ubuntu and Ubuntu-based distros, you’ll have to download Portmaster as a DEB file and then install.
For example, take a simple calculator app I might have downloaded. Portmaster can tell me if it’s connecting to the internet, which is strange! But at the same time, it can also tell me if it’s uploading data—which is concerning, versus downloading data—which is understandable, especially for currency conversion tasks! So, while a calculator app accessing the internet is worrisome, Portmaster helps me understand what it’s doing, and make an informed decision instead of being paranoid.
Of course, you could simply use the terminal to get network-level control over your apps, but Portmaster makes it easier through an elegant and modern graphical interface.
Now, apart from Portmaster, I also use taskbar widgets to keep an eye on overall network traffic all the time. I personally use the KDE Plasma desktop environment and the Network Monitor widget. But if you’re on GNOME, you can use the Vitals GNOME extension and get the same functionality.
The idea here is to get a quick view of the current network traffic. I generally have an idea of what normal network activity looks like—download spikes during browsing, upload spikes during, well, uploading stuff. If I notice significant network activity when I’m idle or just typing in a text editor, I instantly know something’s amiss and that it’s time to visit Portmaster to find out what’s wrong.
While a network monitor can help you check if apps are stealing data from your system, it can’t protect you from installing a malicious app in the first place. This is why I prioritize downloading apps from my distro’s official repository (repo). These packages are vetted by the distro’s maintainers and then made available to the you. As such, if you trust your distro, there’s no reason to question the apps it’s distributing.
That said, not all apps are always available in the official repos. This is when I look into containerized options like Flatpak. These apps run in a sandbox, making them generally safe to use, but don’t trust them blindly. Some apps request broad system access, which can pose security risks. Therefore, always check the permissions of an app before installing, see if those are actually necessary for it, and then press the Install button. For Flatpaks, you can generally check the Flathub website to see its security rating.
Sometimes I also need to download stuff from third-party repos like PPAs (Personal Package Archives) and the AUR (Arch User Repository). Here I follow a simple rule of thumb: popularity equals scrutiny. If thousands of users install an app from the AUR, there’s a lot of eyes on it to check for potential malicious code. That said, if you don’t know about the popularity of the app, you can simply search for it on Reddit, or your distro’s official forum and check what others have to say.
The tricky part is when you need to install some random script or tool, e.g., desktop widgets or custom themes from GitHub. This is where I check how many people are watching the project and how many stars it has. Usually something in the thousands or upper hundreds is enough to give me confidence, as most of these people are developers looking into the code and not regular users.