-167
what’s your thoughts on Linux and Windows…
(pbs.twimg.com)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
Doubt.
Yeah, if you have a fucking clue what you're doing which most casual users don't. (That includes me.)
The only significant advantage it has security-wise over Windows is not defaulting to an admin/root account and instead requiring an elevation of privileges.
...but even modern Windows does the same now.
Exploits exist for Linux and other open source products, corporations with Linux servers and GNU utilities get hacked.... I mean fuck just go look at all the CVE's, they don't make them for nothing.
Every bugfix is a CVE. Even if it is maybe not a security problem in first place, but it might be one in the kernel context, so everything is a CVE. Also other CVEs from other applications, open source or not, doesn't have to mean that much. You have to see those database quite critical. Especially if you need very esoteric, almost magical methods to exploit.
When the people of the Linux Kernel started flooding them, because every bug is a security problem, those Database providers were and are very happy. It makes good money, those data is seller from other providers to companies. And now you really have to use their service, because the kernel have soooooooo many security problems! It is not like developers or security teams are happy about this shit. But if the senior leaders insist on use those CVEs, you don't have any choice. And it is not that unusual, that it is not needed to address them.
The Linux Kernel can provide and provides more security when you use them. It is the decision of the distribution if they want to enable selinux or apparmor, enable kernel options, which make your system more hardened with memory encryption, page poison or kernel lock down and and and. Since this is only the kernel, the userland can provide more features, which some distributions also enables.
The way you can elevate applications and define special rights for the usage of devices or OS functions, is incomparable to standard Windows. Would only user, group and rwx exist, they wouldn't be any lxc, podman, docker or whatever today. Windows does not the same now. Windows does it different and can't do some things regarding elevation of rights and their restriction by design.