• brombek@lemmy.ml
    link
    fedilink
    arrow-up
    6
    ·
    3 years ago

    Yeah, would be nice to have some of the mitigations in Linux but in practice these are not needed when you don’t run malware on your system by default and keep the attack surface small. And if you do run malware or have the system full of crazy bloat (just look at the MSHTML exploit) then no amount of sandboxing or hardening is going to help you.

    • MarcellusDrum@lemmy.mlOPM
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      3 years ago

      I think this has worked till now because:

      1. Linux’s user base is small, so it isn’t a very attractive to malware developers.

      2. Linux’s userbase is mostly tech savvy people, who don’t do stupid stuff.

      But the question is, does it scale up if Linux became mainstream and popular among the tech illiterate?

      • poVoq@lemmy.ml
        link
        fedilink
        arrow-up
        6
        ·
        3 years ago

        If the Linux desktop is used like Windows (downloading and running random malware from the internet as the default way to install apps) it is about as secure as Windows, meaning not at all…

        Is this the fault of the Kernel developers and should they add a lot of security bloat that at best mitigates this issue a bit? I don’t think so.

      • Helix 🧬@feddit.deB
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        3 years ago

        Linux’s user base is small, so it isn’t a very attractive to malware developers.

        Linux’ user base is huge and there were lots of malware for all kinds of devices, e.g. Linux routers. I think what you meant was that the market share for GNU/Linux on desktop devices is pretty small.

        Linux’s userbase is mostly tech savvy people, who don’t do stupid stuff.

        Both of these assumptions are false:

        • There’s a difference on being an active administrator of a Linux system and not even knowing you run Linux.
        • Tech savvy people do stupid stuff all the time, just nobody catches them doing it because most of the time they don’t go around telling people (they can usually fix it themselves).
      • brombek@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Yes, I and hope the “the day of the Linux desktop” never comes due to this :D Well, you can see what happens where this two does not hold with Linux, just looks at Android and ChromeOS. Would the community jump on the mitigations/sandboxing side of things same way Google did?

        Linux is secure thanks to they way it is used and developed. If you change the way it is used the whole security model changes and it would not be as secure as for example Android in the same use cases.