Why Linux is the Safest OS 🙃
- Thread starter dada_dave
- Start date
throAU
Site Champ
Irony is, I can run some Windows software (some select games) in linux that won't run properly on Windows 10 any more.
Oh for sure, that was true even on the Mac with Wine for a bunch older games. But that was because Wine was doing much of the heavy lifting.
fischersd
Meh
Ok, this is the old closed source vs open source debate. The problem with Linux is that hackers can write more elegant attacks (and either release them to get recognition, or keep them for their own personal use). Exploits can remain unknown to authorities or the public for years.
Vs closed source *nix (MacOS, derived from FreeBSD) - not that a lot of the code isn't out there....and exploits are still found and could be hidden, but with private companies updating their code on the regular, it's more difficult to find exploits that can be used indefinitely.
Vs closed source *nix (MacOS, derived from FreeBSD) - not that a lot of the code isn't out there....and exploits are still found and could be hidden, but with private companies updating their code on the regular, it's more difficult to find exploits that can be used indefinitely.
rdrr
Elite Member
- Posts
- 1,231
- Reaction score
- 2,058
Maybe if you are running a non enterprise Linux. Not all linux distros are the same. For instance Red Hat keeps a close eye on what goes into that distro (in the past haven't been keeping up to date on them since IBM took over). Unless you are downloading source code from an untrusted source and compiling it to run on a Red Hat supported version, it should be considered just as trusted as a closed source Unix distribution.
fischersd
Meh
You really missed the point. I'm not talking about them injecting code into the tree. I'm talking about them finding exploits in existing code - and keeping it to themselves for their own nefarious purposes, or releasing attack tools for the black hat community.
It's exponentially more difficult to find such elegant attack vectors when you don't have the source code to peruse.
rdrr
Elite Member
- Posts
- 1,231
- Reaction score
- 2,058
If you think there wasn’t bad security holes in the closed source Unix, then you haven’t been around long enough to know a few of them. There were plenty that I have spend many of a night patching on production financial systems.
Sure Linux can be attacked, but like any other OS it is only as secure as you make it. My point is that I don’t think it is any less secure as the older closed Unix grandfather OSes. In fact it could be argued that some of the more enterprises worthy Linux distros have stronger security features.
Like most security attack vectors, they key factor is how good your security posture is and how lazy you sysadmins are. I don’t know how many jobs I started and found their default build had packages and services running that they didn’t need. Do they allow people to just su - (to root), or are you forced to use sudo with a least privledge model? Do they rotated system level passwords and their own on a routine bases, with restrictions on how often the passwords can be used? Are they friends with their local security group to run security scans on a periodic bases? Most importantly are they patching regularly? I remember as a young sysadmin back in the day bragging about how long our Solaris ftp gateway uptime was. If I remember correctly it was over 2.5 years. That was completely foolhardy, and just asking for it to be compromised and used as an entry into a very large and leading Financial sector company.
Last edited:
fischersd
Meh
Yes, all OS's have had vulnerabilities over the years. Windows being the darling of the virus authoring crowd. Microsoft has always been disliked for a number of reasons by many (most?) bitheads.
We had an AIX cluster that had a similar uptime in the early 90's
. That was many layers deep beyond the reach of any external traffic, but I've seen many shocking security postures over the years. Many in the financial institutions. This is almost a religious debate - my own experience, I give the nod to closed source distributions such as AIX, HPUX or MacOS being more secure than the open source Linux distros. Linux dominates the marketplace, with large corporations opting for enterprise offerings for supportability and consistent patching cycles.
rdrr
Elite Member
- Posts
- 1,231
- Reaction score
- 2,058
Yep, religious war indeed.
If you have 10 guys looking at a piece of code it's hard to find potential vulnerabilities.
If you have 1000 guys, it's easier.
Given enough eyeballs, all bugs are shallow - Linus’s Law
I know Linus wasn’t the original to say it, but it is tied him, and it is what the open source community is about. 1000 of eyeballs vetting all the changes made. Not all changes make it back to the source.
Can someone make a piece of code to exploit the open source code available for all to download? Sure, but I bet you a whole bag of donuts that is the crap closed source applications that get installed on top of the OS(es) that are the very large majority of the attack vectors. That and the idiot users that hit the click throughs without reading them, and give the installer admin rights to “install” something.
If you have 10 guys looking at a piece of code it's hard to find potential vulnerabilities.
If you have 1000 guys, it's easier.
Given enough eyeballs, all bugs are shallow - Linus’s Law
I know Linus wasn’t the original to say it, but it is tied him, and it is what the open source community is about. 1000 of eyeballs vetting all the changes made. Not all changes make it back to the source.
Can someone make a piece of code to exploit the open source code available for all to download? Sure, but I bet you a whole bag of donuts that is the crap closed source applications that get installed on top of the OS(es) that are the very large majority of the attack vectors. That and the idiot users that hit the click throughs without reading them, and give the installer admin rights to “install” something.
