There are several layers of security in Fedora, see https://docs.fedoraproject.org/en-US/...
With that in mind, there can be several issues or concerns including bugs and vulnerabilities , for example poodle and shockshell
https://access.redhat.com/articles/12...
http://fedoramagazine.org/shellshock-...
http://fedoramagazine.org/shellshock-...
Your main lines of defense are:
Linux permissions - you should be running as a user , not as root.
Updates - As bugs/vulnerabilities are found, they are patched, so keep your system up to date.
selinux - selinux helps mitigate zero day exploits.
BUT you can have malicious code in your home directory such as browser hijacks. For this remove your files in $HOME
See https://ask.fedoraproject.org/en/ques...
Beyond those issues ....
Use safe browsing. You can run browsers in a selinux sandbox if you wish (install sandbox if needed)
sudo dnf install policycoreutils-sandbox
Then
sandbox -X -H sehome -T tmp -t sandbox_web_t firefox
Adjust your browser as needed ;)
See also http://danwalsh.livejournal.com/28545... and https://www.linux.com/learn/tutorials...
To know if you have malware you need to do some sort of penetration testing. Pentesting is a large topic but you can do some basics
- rpm will confirm system files, but you sort of need to know what a fresh install looks like as the is a large output evein on a fresh install
http://www.sans.org/security-resource... and http://www.rpm.org/max-rpm/s1-rpm-ver...
HIDS - OSEC or similar - http://www.ossec.net/
Antivirus - Antivirus for linux exists, but again often throws false positives.
rootkits - these can be very difficult to detect. there is a program, rkhunter, but as with antivirus, you get more false positives then true positives. See http://www.tecmint.com/install-linux-... and also https://ask.fedoraproject.org/en/ques...
I can not stress enough, you really need to be familiar with all of the tools you wish to use and what a "normal" system looks like BEFORE you go looking for problems.
After all that you are left with forensics
See www.blackhat.com/presentations/bh-usa...
There is a Fedora security spin and you will need to make extensive use of google or obtain training/education.
Privacy is also a broad issue, sort of depends on what you mean by privacy.
First line - give each user a unique home.
If guests use your machine, use xguest.
Internet privacy is , IMO, very much an illusion as "the internet" is public. Take a look at
http://bodhizazen.net/Tutorials/Privacy
and the TOR documentation https://www.torproject.org/docs/faq.h...
XFCE? no, maybe a problem of cache...
I am using GNOME and KDE ; its happened with kde.
By design, nothing can be installed on your system without your permission. Please be careful who your give permissions too.