Yet Linux has whitelisting for all packages almost anyone would likely want by default with strong cryptographic protections. You can take a risk with the latest unsanctioned packages if you wish though but you'll need to do a little more than download and click.
It's not just military, it has been well known for years and years that anyone can recompile an existing virus to avoid Antivirus scanners which is what heuristics attempt to combat.
Linux/Unix has had tripwire type systems which notify you of any baseline changes for years. Useful on more static secure systems like OpenBSD but does nothing for changes in memory until a reboot. Linux raises the bar for memory invading exploits by offering fast system wide updates too.
An easy to look after version of Linux may be far from infallible but it's right to raise the security bar above **** poor.
Keep Up with TechRepublic