this post was submitted on 26 Sep 2024
341 points (97.2% liked)

linuxmemes

21440 readers
898 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    top 26 comments
    sorted by: hot top controversial new old
    [–] [email protected] 63 points 2 months ago
    [–] [email protected] 52 points 2 months ago (6 children)

    I do wonder, hypothetically, if free Linux distros had 80% of the consumer market, would we see just as many dangerous exploits and malware as we do on Windows today? It seems to me that the consumer community is so small that it's hard to say if it's secure or just obscure.

    I understand in theory Linux is more secure... But are individual users really not opening themselves up to attacks, downloading foss software right and left? Using built in stores? Wine emulation?

    [–] [email protected] 40 points 2 months ago (2 children)

    The Linux software you can get as a regular user from your typical Linux distributions is absolutely not any more secure on average than your typical Windows software.

    I say this as someone who writes application programs on both systems.

    I think it's really debatable whether the Linux kernel is really any more secure than the Windows NT kernel. Linux advocates have pushed the "many eyes, shallow bugs" line for a long time, but high profile lapses seem to really have put the lie to that.

    [–] expr 24 points 2 months ago (1 children)

    The software itself may or may not be more secure, but acquiring software is absolutely more secure. There's so much Windows malware people unwittingly download from the internet. Downloading from a distro's software repository simply doesn't have that problem.

    [–] [email protected] 6 points 2 months ago

    Also, when not using repositories it is much more common to go to the source, like GitHub releases, etc.

    [–] [email protected] 8 points 2 months ago

    I think the kernel is more secure due to the philosophy of not invading users space.

    And the experience of installing software on Linux and on windows is like day and night. On windows you can install since Windows 10 via the appstore. However you don't want to do that since most programs are in there with less features. For example vlc the windows app store app has only basic functionality and is really not worth it.

    So on windows you install some random exe from the Internet. You usually Google that and click the first link. This will send you to the fake website vlc.de for example. Then you install it and get free maleware with it. You have to watch out if the website is the correct one.

    On Linux you go apt install vlc or you Google how to install and get the command. Or you open the software manager and get the vlc app that is definitely the official one.

    [–] [email protected] 24 points 2 months ago

    Yes and no and yes and no

    Yes: Mo people mo problems

    No: Linux is already the world’s most popular os in the server space and no problems

    Yes: the main security risk in any computer is the user so more viruses would be made to target individuals

    No: Linux can be whatever you want it to be that means as open or closed as you want it to be and we think of it as open but every time a Linux program gets popular it has been rebranded and locked down so users can’t put viruses on it.

    [–] [email protected] 17 points 2 months ago

    Yes as if you look at the server market Linux is a prime target

    [–] [email protected] 9 points 2 months ago (2 children)

    Parts of it seem to be inherently more secure, but there are some pretty glaring holes. At least software distribution is much more secure than the Windows approach.

    [–] [email protected] 22 points 2 months ago* (last edited 2 months ago) (3 children)

    I'd say the biggest, most glaring hole is that, much like in Windows, most users don't really understand the file system and user and group permissions.

    Linux, as an OS, requires a lot more on the users part in understanding basic security right out of the gate.

    A lot of folks out here dropping chmod 777 all over the place just because they haven't had any education on how any of it works.

    Source: Years ago, being a newb without knowledge or education, dropping chmod 777 all over the place

    [–] [email protected] 14 points 2 months ago

    They used to login as root

    [–] [email protected] 7 points 2 months ago (1 children)

    Fedora silver blue ftw. Immutable systems are the future.

    [–] [email protected] 1 points 2 months ago

    … yeah :-/

    [–] BatmanAoD 2 points 2 months ago

    Hopefully you only chmod'd your own systems. Early in my career, I worked on a project wherein we gave a contracting company root access to a computer they could use to test the software they were writing for us. One morning, they sent us a message saying they couldn't log in. We looked at the computer and discovered it wouldn't boot. Turned out someone on the remote team had chmod 777'd the entire filesystem. Of course we locked down their access after that.

    [–] [email protected] 4 points 2 months ago

    It has the ability to lock things down a lot more. Also, it doesn't necessarily have a big attack surface

    [–] [email protected] 9 points 2 months ago* (last edited 2 months ago)

    I think it's rather corporate targets get bigger results than individuals.

    Hacking an individual is good if you need a zombie for a botnet.

    Hacking a hospital and hitting them with ransomware? Hospitals got some damn money. Regular people do not.

    Further, while users might be installing FOSS left-right-and-center, unlike corporations who are installing FOSS, most of what the average user installs doesn't need secure networking and access control rules behind it. Most corporations use a variety of different FOSS all together in one package, and most of them are internet and network oriented, to function at scale, and as such, they have way more easy ways to get in and have way more valuable assets.

    I think, even if it had major market share, that most attacks go after big entities these days because the risk just isn't worth it with small potato people like me who are broke, comparatively.

    [–] [email protected] 8 points 2 months ago

    I mean we just got the info on the cups one where you execute arbitrary code by trying to print

    [–] [email protected] 17 points 2 months ago* (last edited 2 months ago) (1 children)

    Most Linux malware/viruses target corporate servers.

    It's not that there isn't Linux malware or viruses, there's plenty.

    It's rather that you and me as individuals just aren't that important nor do we likely have enough assets to justify us as a target to begin with.

    Corporate servers are more likely to have a large combination of technologies that allow hackers to infilatrate to begin with, whereas the average home user might not have many programs installed, especially not a large number that need network access and thus complex access control rules.

    [–] [email protected] 8 points 2 months ago

    Also there is a lot less focus on targeting GUI components for social engineering. Most Linux systems are headless

    [–] [email protected] 9 points 2 months ago* (last edited 2 months ago) (3 children)

    I'm gonna be honest: I've been skimping on anti malware since i moved to Linux.

    Still keeping up the common sense part about running code you don't know and running untrusted code and weird URLs in a virtual environment (well, except for the AUR perhaps), but I only scan for malware once or twice a year, if at all.

    Actually, I just did a scan with RKHunter which came back clean except for the usual false flags, which I find mildly suspicious as one would imagine there to be some malware with all the small time programmers and script kiddies in the Linux community.

    What are you using as anti malware? Anyone knows of good methods for set-and-forget or some good GUIs for easy containment management, scanning, and whitelisting? It can't be that ClamAV, RKHunter, and chkrootkit are the only halfway decent AVs out there.

    [–] [email protected] 8 points 2 months ago* (last edited 2 months ago)

    Most the anti-malware for Linux is aimed at Enterprise/Corporate level stuff.

    For example Bitdefender used to have a Linux version of their free antivirus for home users, but they discontinued it.

    On the other hand, if you're a business customer, they have a lot of paid Security Endpoints for Linux.

    https://www.bitdefender.com/business/support/en/77212-157515-bitdefender-endpoint-security-tools-for-linux-quick-start-guide.html

    Generally, as it stands, most real quality security for Linux setups is genuinely aimed at businesses, not individuals, sadly.

    [–] expr 4 points 2 months ago

    It's not necessary. Unlike on Windows, Linux users rarely download random packages off the internet. We just use package managers.

    [–] [email protected] 2 points 2 months ago

    There is none

    [–] [email protected] 6 points 2 months ago

    Snap fries need updating ..... again

    [–] [email protected] 4 points 2 months ago* (last edited 2 months ago) (1 children)

    Me using Windows: "Oh, yeah, everything costs money. I forgot how much I hate this. Okay, no worries, I'll just download cracked applications."

    virus

    [–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

    Yeah, one of the reasons why I switched to Linux, I just got fed up of looking for cracks for applications... I usually ran everything first in a VM with no virtual Ethernet adapter at all, so viruses were not usually a problem, but still, it was a hassle, you still have to power it up and install the damn thing, than run the crack...