IT Department's Plan - eviltoast
  • Angry_Autist (he/him)@lemmy.world
    link
    fedilink
    arrow-up
    12
    arrow-down
    19
    ·
    4 months ago

    It’s not, in fact out of the box Linux is SIGNIFICANTLY more insecure than windows.

    The thing is, hackers and hack tool makers target the largest market segment to gain the most conversions.

    Apple users used to gush about how virus proof they were until they hit decent market share, and then they got plenty of malware.

    Same thing with Linux but the real difference is you need a few decades of linux experience to fix anything in a timely manner.

    • Empricorn@feddit.nl
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      4 months ago

      Linux is SIGNIFICANTLY more insecure than windows.

      Absolutely not true. I assume you don’t have a source for this? Besides your butt…?

      UPDATE:: They did not have a source.

      • Angry_Autist (he/him)@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        12
        ·
        4 months ago

        Does Linux come out of the box with A/V and firewalls?

        On second thought, you’re dismissive little aside just convinced me to excise you from my internet experience for all eternity.

        Ta…

        • itslilith@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          5
          ·
          4 months ago

          AV is a bandaid for the horrible way software is handled in Windows. Linux is far from perfect, but package repositories are such a step up when it comes to security.

          • Abnorc@lemm.ee
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            4 months ago

            There is still the need to add repositories and download packages from the web every so often though. I don’t see why AV isn’t more common. It doesn’t stop the more clever and up to date attacks, but some protection from the simple things wouldn’t hurt.

        • Empricorn@feddit.nl
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          4 months ago

          What a dumb argument. You have to configure firewall rules for Windows and Linux. That is like the first thing any competent admin will do, no matter what OS they are working with…

      • MehBlah@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        4 months ago

        It isn’t. Most distro’s leave the firewall disabled on install but what services are exposed? None. Most are set to localhost only and ssh is normally not installed or enabled. Antivirus on windows especially defender just seems to keep me from doing my job. For instance every decent utility from nirsoft is detected by defender as being infected. I suspect microsoft hates those utilities that allow you to back up credentials and most critically license keys.

        I do agree that the main thing that keeps linux from being as easily exploited is the more about the average linux user and less about inherent security. I’ve only had one Linux machine exploited in thirty years and it was a older version of Debian that a vendor disabled the automatic updates on when it was installed. I woke one morning to 10gb of upstream traffic on my traffic graphs. The attacker had gained access through a outdated version of apache. The fools who had compromised the system couldn’t understand why he had to work through a rdp session to reinstall his product when I reloaded it with the latest version. The fool was pissed that I had updated debian. My boss pressed them until they agreed it was time to let debian 7 go since the latest at the time was debian 9.

        But in the end the breach happened because of a foolish vendor with outdated ideas regarding updating a OS.

        • KubeRoot@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          4 months ago

          Does windows come preinstalled and preconfigured with more potentially vulnerable software on open ports?

          I personally don’t value an antivirus that much, since it can only protect you from known threats, and even then, it only matters when you’re already getting compromised - but fair point for Windows, I suspect most distros come without antivirus preinstalled and preconfigured.

          A firewall, on the other hand, only has value if you already have insecure services listening on your system - and I’m pretty sure on Windows those services aren’t gonna be blocked by the default settings. All that said though… Most Linux distros come with a firewall, something like iptables or firewalld, though not sure which ones would have it preconfigured for blocking connections by default.

          So while I would dispute both of those points as not being that notable, I feel like other arguments in favor of Linux still stand, like reduced surface area, simpler kernel code, open and auditable source.

          One big issue with Linux security for consumers (which I have to assume is what you’re talking about, since on the server side a sysadmin will want to configure any antivirus and firewall anyways) could be that different distributions will have different configurations - both for security and for preference-based things like desktop environments. This does unfortunately mean that users could find themselves installing less secure distros without realizing it, choosing them for their looks/usage patterns.

    • vsis@feddit.cl
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      4 months ago

      target the largest market segment to gain the most conversions.

      Windows market share is bigger in desktop only. In fact, is kinda sad that still there are serious institutions using Windows for non-desktop stuff. I hope this incident changes it.

      the real difference is you need a few decades of linux experience to fix anything in a timely manner.

      [ citation needed ] Probably you are meaning desktop again. Although troubleshooting Windows is not easy task neither, there are way more desktop users familiar with it.

      The real thing is

        1. There is no single “linux” OS. There are lots of different OSes based on Linux kernel. And they are for servers, desktop, embedded systems, smartphones, etc.
        1. More important. Security is a process, not a product from a vendor. The root cause of this incident is that some institutions are seeing that you just buy “security”, install it, and call it a day. No important stuff should auto-update. And no institution should auto-update lots of important stuff at the same time.

      So, Linux is not really more secure. But is built in a culture where security is taken more seriously.