this post was submitted on 19 Jul 2024
35 points (100.0% liked)

linuxmemes

21393 readers
1285 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    top 43 comments
    sorted by: hot top controversial new old
    [–] [email protected] 5 points 4 months ago (3 children)

    the good news is that it does make windows more secure. you cant hack something that has crashed.

    [–] [email protected] 1 points 4 months ago

    Remember guys, it took about a decade for Solar Winds to discover somebody had root access to everybody that used their software, another decade for somebody outside Solar Winds to discover it and tell everybody, and half a decade with nobody claiming to have solved the issue up to now.

    So when you believe that your computer with an EDS is safe just because you can't use it, think again.

    [–] [email protected] 1 points 4 months ago

    The most secure computer is the one not running any software. That's why I recommend Crowdstrike.

    [–] [email protected] 3 points 4 months ago (1 children)

    Also: don't trust your employees to boot into safe mode.
    Trust a 3rd party to freely install system level files at any time.

    I knew how to fix the computers at work today in the morning, but we couldn't get through to the help desk to get the bit locker codes for each computer until near the end of the day.

    [–] [email protected] 1 points 4 months ago* (last edited 4 months ago)

    Also: don’t trust your employees to boot into safe mode. Trust a 3rd party to freely install system level files at any time.

    Exactly. This is exactly the problem, and unless people wisen up the software security problem is only going to get worse. Companies and Governments need to rethink how they approach security entirely. This is a preview of what is to come, its only going to get worse and more damaging from here, and none of the vendors care.

    [–] [email protected] 3 points 4 months ago (1 children)

    I'd laugh if this wasn't affecting me directly.

    [–] [email protected] 1 points 4 months ago

    I can laugh either for or at you, if you want.

    I'll pour one out for the frontliners.

    [–] [email protected] 2 points 4 months ago (1 children)

    The problem is the blind trust of these "vendors"

    Decentralize control

    [–] [email protected] 1 points 4 months ago (1 children)

    Centralize control in house.

    [–] [email protected] 1 points 4 months ago

    Compared to the status quo, that's much more decentralized.

    [–] [email protected] 2 points 4 months ago (1 children)

    The fact that random companies like Crowdstrike have kernel drivers in millions of computers they they ship remotely is a security risk in and of itself. We're lucky crowdstrike just shipped a bug that crashes computers, other companies could have shipped a lot worse.

    [–] [email protected] 2 points 4 months ago

    other companies could have shipped a lot worse.

    other ~~companies~~ governments could have shipped a lot worse.

    FTFY

    [–] [email protected] 1 points 4 months ago (3 children)

    I really don't want to be the guy responsible for this fuck up

    [–] [email protected] 2 points 4 months ago (2 children)

    For a company this big it would also have to have gotten past a code review and QA team, right? ... right? ...

    [–] [email protected] 0 points 4 months ago* (last edited 4 months ago) (2 children)

    And who pushes out production updates on a Friday!

    [–] [email protected] 1 points 4 months ago
    [–] [email protected] 1 points 4 months ago

    We do.

    "If something goes down over the weekend, fewer people see it" - my leadership team.

    I guess Asia can report the problem on Sunday and I'll get a nastygram and fix it that afternoon.

    [–] [email protected] 0 points 4 months ago

    Of course, of course. This is how these things are always done.

    [–] [email protected] 0 points 4 months ago (1 children)

    Yeah, something this big is absolutely not one engineer's fault. Even if that engineer maliciously pushed an update, it's not their fault


    it was a complete failure of the organization, and one person having the ability to wreck havoc like this is the failure.

    And I actually have some amount of hope that, in this case, it is being recognized as such.

    [–] [email protected] -1 points 4 months ago

    I agree but they will still blame it all on that one guy.

    [–] [email protected] 0 points 4 months ago (1 children)

    This is an industry wide issue. This is just the first symptom.

    [–] [email protected] -1 points 4 months ago

    Yeah and that means they won't nail some poor schmuck to the wall over this?

    [–] [email protected] 1 points 4 months ago (7 children)

    I'm actually curious to know, how is Linux inherently more secure than windows?

    [–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

    Few things, in rough order:

    • Smaller = less attack surface. You can strip a Linux OS down to only what is needed.

    • Open source, so it's can be peered review. There are Unix distros like OpenBSD, that share lot of user space component options, where auditing is a big thing. The whole sunlight and oxygen stops things festering as much. As abosed to things locked in a box in another box down in a cellar.

    • Open source transparency forces corporates to be better. We can see what they are and aren't doing.

    • Diversity. The is no "Linux", it's a ecosystem of Linux distros all built and configured differently, using different components. Think of Linux as just a type of base board in a sea of Unix Lego bits. There are plenty of big deployments on BSD bases that share a lot with some Linux deployments.

    • Unix security is simplier than Windows security, so easer to not mess up.

    [–] [email protected] 2 points 4 months ago (1 children)

    In general it is. Opensource software has less bugs that proprietary. And even those bugs can be mitigated with hardening.

    [–] [email protected] 0 points 4 months ago (1 children)

    That's...a gross oversimplification. Super popular open source projects tend to have few bugs from the sheer number of contributors available to fix them, but active proprietary software has dedicated teams working fulltime every week to deal woth issues. Proprietary stuff is often way wider in scope than open source, so more surface for bugs to creep in. Scope and team size have a lot more to do with bug density than open vs closed source.

    [–] [email protected] 1 points 4 months ago (1 children)

    I don't know how much effort thoose proprietary software companies put into the actual software. Why is windows so shit? Why is whatsapp buggy? They try to get money with shit software with no optimisations at all.

    [–] [email protected] 1 points 4 months ago (1 children)

    How many open source projects have 50 million lines of code like Windows, or legal agreements related to backwards compatibility and version support guarantees?

    A for-profit company is going to focus on whatever generates revenue, sure. But crappy software will lose customers in a non-monopoly scenario. They're not exactly incentivized to make broken things nobody wants.

    [–] [email protected] 1 points 4 months ago

    They are neither incentivised to make quality of life improvements to their software. Thats why i hate most of them

    [–] [email protected] 1 points 4 months ago

    Because you can own your system and inspect and alter all of it in case it's needed.

    [–] [email protected] 1 points 4 months ago

    In addition to what others have said, there's the move towards containerized applications on Linux via flatpaks, immutable distributions, and snapshots/rollbacks. There are also distributions like Debian with a delayed package release schedule for added stability and security. Its my understanding that you could have an exceptionally secure, effectively trustless, Linux system beyond what is possible on Mac or Windows.

    [–] [email protected] 1 points 4 months ago

    Sort of an aside, but I am seeing Microsoft more as a hostile entity that I need to protect myself from.

    [–] [email protected] 1 points 4 months ago

    If you follow the philosophy that it follows, that is, giving the least possible permission to any application, to make it work, it easily becomes much more secure than Windows.

    On the other hand, if you log into your GUI desktop as root, Bill Gates save you.

    [–] [email protected] -1 points 4 months ago (1 children)

    It's not, in fact out of the box Linux is SIGNIFICANTLY more insecure than windows.

    The thing is, hackers and hack tool makers target the largest market segment to gain the most conversions.

    Apple users used to gush about how virus proof they were until they hit decent market share, and then they got plenty of malware.

    Same thing with Linux but the real difference is you need a few decades of linux experience to fix anything in a timely manner.

    [–] [email protected] 1 points 4 months ago* (last edited 4 months ago) (1 children)

    Linux is SIGNIFICANTLY more insecure than windows.

    Absolutely not true. I assume you don't have a source for this? Besides your butt...?

    UPDATE:: They did not have a source.

    [–] [email protected] -1 points 4 months ago (1 children)

    Does Linux come out of the box with A/V and firewalls?

    On second thought, you're dismissive little aside just convinced me to excise you from my internet experience for all eternity.

    Ta...

    [–] [email protected] 1 points 4 months ago (2 children)

    AV is a bandaid for the horrible way software is handled in Windows. Linux is far from perfect, but package repositories are such a step up when it comes to security.

    [–] [email protected] -1 points 4 months ago

    There is still the need to add repositories and download packages from the web every so often though. I don’t see why AV isn’t more common. It doesn’t stop the more clever and up to date attacks, but some protection from the simple things wouldn’t hurt.

    [–] [email protected] -1 points 4 months ago (1 children)

    I try not to argue with cultists. Have a day.

    [–] [email protected] 1 points 4 months ago

    Living up to their username...

    [–] [email protected] 0 points 4 months ago (1 children)

    I'm pretty sure Windows is plenty secure. It isn't private or usercentric but of on a security perspective it isn't bad.

    Linux has plenty of security problems just like any OS

    [–] [email protected] 1 points 4 months ago

    Defending Windows in a linux memes community.

    That's a bold move cotton, let's see how that works out for 'em