Oh for sure, that was true even on the Mac with Wine for a bunch older games. But that was because Wine was doing much of the heavy lifting.Irony is, I can run some Windows software (some select games) in linux that won't run properly on Windows 10 any more.
Maybe if you are running a non enterprise Linux. Not all linux distros are the same. For instance Red Hat keeps a close eye on what goes into that distro (in the past haven't been keeping up to date on them since IBM took over). Unless you are downloading source code from an untrusted source and compiling it to run on a Red Hat supported version, it should be considered just as trusted as a closed source Unix distribution.Ok, this is the old closed source vs open source debate. The problem with Linux is that hackers can write more elegant attacks (and either release them to get recognition, or keep them for their own personal use). Exploits can remain unknown to authorities or the public for years.
Vs closed source *nix (MacOS, derived from FreeBSD) - not that a lot of the code isn't out there....and exploits are still found and could be hidden, but with private companies updating their code on the regular, it's more difficult to find exploits that can be used indefinitely.
You really missed the point. I'm not talking about them injecting code into the tree. I'm talking about them finding exploits in existing code - and keeping it to themselves for their own nefarious purposes, or releasing attack tools for the black hat community.Maybe if you are running a non enterprise Linux. Not all linux distros are the same. For instance Red Hat keeps a close eye on what goes into that distro (in the past haven't been keeping up to date on them since IBM took over). Unless you are downloading source code from an untrusted source and compiling it to run on a Red Hat supported version, it should be considered just as trusted as a closed source Unix distribution.
If you think there wasn’t bad security holes in the closed source Unix, then you haven’t been around long enough to know a few of them. There were plenty that I have spend many of a night patching on production financial systems.You really missed the point. I'm not talking about them injecting code into the tree. I'm talking about them finding exploits in existing code - and keeping it to themselves for their own nefarious purposes, or releasing attack tools for the black hat community.
It's exponentially more difficult to find such elegant attack vectors when you don't have the source code to peruse.
Yes, all OS's have had vulnerabilities over the years. Windows being the darling of the virus authoring crowd. Microsoft has always been disliked for a number of reasons by many (most?) bitheads.If you think there wasn’t bad security holes in the closed source Unix, then you haven’t been around long enough to know a few of them. There were plenty that I have spend many of a night patching on production financial systems.
Sure Linux can be attacked, but like any other OS it is only as secure as you make it. My point is that I don’t think it is any less secure as the older closed Unix grandfather OSes. In fact it could be argued that some of the more enterprises worthy Linux distros have stronger security features.
Like most security attack vectors, they key factor is how good your security posture is and how lazy you sysadmins are. I don’t know how many jobs I started and found their default build had packages and services running that they didn’t need. Do they allow people to just su - (to root), or are you forced to use sudo with a least privledge model? Do they rotated system level passwords and their own on a routine bases, with restrictions on how often the passwords can be used? Are they friends with their local security group to run security scans on a periodic bases? Most importantly are they patching regularly? I remember as a young sysadmin back in the day bragging about how long our Solaris ftp gateway uptime was. If I remember correctly it was over 2.5 years. That was completely foolhardy, and just asking for it to be compromised and used as an entry into a very large and leading Financial sector company.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.