Common sense tends to be the AV of choice. So long as you only download from trusted sources, and don't run unfamiliar commands, especially as root you should be good. Most AV programmes for Linux tend to focus on Windows malware.

If you follow the above your chances of getting a virus on a Linux based system are as low of not lower than if you were running Windows with an AV installed.

In my years of experience as a Linux user I’ve never had a running and active antivirus program such as Norton, Etc. it just is not needed and would not be able to run in a Windows-way on Linux. Instead I use antivirus programs to scan files as needed or periodically using something like ClamAv. It does not run all the time as AV might run on Windows.

There's literally no way you're going to get a virus on the Steam Deck, first because of how much lower the chances are of it happening in the first place on linux, second the Steam Deck is more locked down than your regular linux system out of the box, you can only run flatpaks (if you stick to the official app store where everything is verified you won't get a virus) and even if you somehow did the next system update will reset everything outside your home folder and flatpaks so there's really not much to worry about.
Regardless of OS best antivirus is prevention, if you need an AV to clean up after it's too late you've already lost so just use common sense, only click trusted links, keep your system and programs up to date, use strong passwords and you'll be good.
Mac/iOS/Android doesn't need one either, Mac maybe you can run a scan on sometimes if you download unsigned software outside the App Store but it's likely not necessary, android and especially iOS due to how much different the OS handles these things it's literally impossible to get malware (unless you have rich hackers or the government after you willing to spend millions on the latest 0 day exploits), real antiviruses like you see on Windows don't even exist for mobile because they're completely unnecessary.
Most attacks you should worry about happen online that try to steal your various account logins and sensitive information from them so again focus more on using strong passwords, two factor login, locking down your privacy settings, use an adblocker to prevent malicious ads and phishing sites from loading etc.

Oh my God I feel stupid. I legit had to check this thread because my brain couldn't for the life of it figure out what AV meant (in bed half asleep) I was like AV equipment? On steam deck? Lmao

Linux isn't as popular as other OSes, so there's less incentive for people to make viruses for it.

What you should be concerned about instead is someone tricking you into running commands that will do bad things, especially if that command starts with "sudo"

AVs aren't even a requirement on Android & Windows. They certainly aren't on Linux.

Check out Clam AV, but I don't use it, and I am told by people that do that it may not be worth bothering about. Maybe if you have vulnerability concerns beyond a game platform.

You also might want to check out Linux-based security concepts like hardened kernels or things like apparmor, but be aware that this is more advanced and may lock down elements of the OS that your particular distro might need to run. This requires some learning and research and isn't fire-and-forget. Linux is highly configurable so there's less of a straightforward answer.

I think your best practice is to back up your documents (your steam games are already backed up) and know how to wipe the Deck and restore it to factory. If you use it for more than just a game platform, I would consider taking further steps.

I only use clamav to scan files I downloaded. I just scan the downloads folder. I have retro windows 98 and xp machines and I don't want any incidents. For my Linux machines I'm less scared.

As a linux sysadmin, I'm not worried about the Steam Deck (running SteamOS) getting a Linux Virus or Malware -- as the probability is exceeding low. (If you install Windows, well CYA.)

This is my personal perspective. I'm not a malware specialist. And new exploits are discovered daily so the future may be different. Of course, Steam OS 3.x will be altered over time as well.


The weakest attack vector isn't the Linux OS, it's the applications & their users -- such as web browsers javascript engines (don't visit shady pirate sites.) So, only install trustworthy flatpaks from their project owners. If you're scripting, you'll likely know what you're doing. Scripting language logistic paths are also becoming a focused attack vector.

**IF** by chance malware does land on your Deck (would that be called an SDI XD ) here's the deal:

* By design, both rootfs file systems are read-only. This is how Linux based appliances work. If one fails, fall back to the other. Both will be read-only. All directories that must maintain a read-write state should be on an Overlay filesystem OR mounted from another location (bind mounted or logical volume). Nuke those read-write spaces and you go back to factory default state. This is what happens when you factory reset your Steam Deck.

* The way to change the read-only state is using a sudo command (or becoming the root user). The 'deck' user cannot do this *unless* you set a password. And then, you still must enter the password first. You can set the /etc/suders stuff to use NOPASSWD but that in bad form and you need to do it right or you'll break sudo.

So, ** I've set the deck user password in Desktop mode.** If ANYTHING attempts to sudo a command, I'll know cause I'll be prompted. sudo's default timeout is 15 minutes or so.

It's very likely in the future some Steam OS targeting malware will look for those systems without a deck password set. The malware will set it, sudo a payload download, and be persistent until the device is reset. I'm beating that future malware to punch by setting by setting my 'deck' user's password -- a strong password is important. NOTE: The PIN is not used as the 'deck' password. Besides, a numeric sequence is weak. (I hate that phones use the weakest forms of unlocking - swipes, PIN, fingerprint/faceid.)

Or course, malware could always download a payload to try and crack your deck password, but that can be a challenge to persist where it left off between reboots, the extra energy draw & heat, impact game performance, etc. I'll sense something is off more the likely.

* What about "windows" malware on Linux. Uh, Proton is like a Windows sandbox. Your Arch based Steam OS will not be infected -- just the game space. Nuke the game & proton used, then re-installe - be sure to backup your Game Saves if they don't cloud sync.

* Worse case scenario, re-image your Steam Deck and that would clear its headcold. But wait, what about UEFI malware. That is still pretty specific to Windows machines to run the payload that infects UEFI. I've done some light searching and haven't found articles on UEFI rootkits any targeting Linux.


So basically, don't use Windows on your Deck, use the Steam Deck as intended (doing nothing shady) and you should be fine.

Cheers, retro.

As TFK said... "I only use clamav to scan files I downloaded. I just scan the downloads folder." Yeah, that is basically it. Works great for that purpose, but otherwise, you don't need to worry about AV (anti-virus) for Linux. If you load Windows, well, good luck with that.

Virus's are mostly made for windows. I wouldnt worry. Unless you have a habit of clicking on bad things.

for most users in linux, system issues almost never are virus related. when people download an av program in linux, is usually because they download windows files to later use in a windows pc.

system issues in linux are usually consequence of a bad update with a small bug, a inexperienced user changing something critical, or a compatibility issue after an update. so, you shouldnt worry about an av.

At the moment if you're using steam os it's very unlikely to encounter one. I wouldn't make claim one os security is better than another os. It's really just down to what any security IT would tell you. "Don't download and run sketchy things, and don't visit sketchy websites."

There's always abundant of exploits no matter the os.

Originally posted by Fluffy BUNNY:

Hey everyone, I got my steam deck a few days ago. I had space on this but what would be a good AV solution for the steam deck running Steam OS? My current AV only supports win, mac/ios, and android. unless there's some work around for the Android port? I know there isn't very many viruses for Linux, its just I'm paranoid about getting one. And every time I get one, it's been when I haven't had a AV installed.

bro just use the steam store and you will be fine what kind of paranoia do you have lol

Stay off of the pr0n sites and you’ll be okay.