• brombek
    link
    fedilink
    arrow-up
    7
    ·
    3 years ago

    Yeah, would be nice to have some of the mitigations in Linux but in practice these are not needed when you don’t run malware on your system by default and keep the attack surface small. And if you do run malware or have the system full of crazy bloat (just look at the MSHTML exploit) then no amount of sandboxing or hardening is going to help you.

    • MarcellusDrumOPM
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      3 years ago

      I think this has worked till now because:

      1. Linux’s user base is small, so it isn’t a very attractive to malware developers.

      2. Linux’s userbase is mostly tech savvy people, who don’t do stupid stuff.

      But the question is, does it scale up if Linux became mainstream and popular among the tech illiterate?

      • Helix 🧬@feddit.de
        link
        fedilink
        arrow-up
        7
        arrow-down
        1
        ·
        3 years ago

        Linux’s user base is small, so it isn’t a very attractive to malware developers.

        Linux’ user base is huge and there were lots of malware for all kinds of devices, e.g. Linux routers. I think what you meant was that the market share for GNU/Linux on desktop devices is pretty small.

        Linux’s userbase is mostly tech savvy people, who don’t do stupid stuff.

        Both of these assumptions are false:

        • There’s a difference on being an active administrator of a Linux system and not even knowing you run Linux.
        • Tech savvy people do stupid stuff all the time, just nobody catches them doing it because most of the time they don’t go around telling people (they can usually fix it themselves).
      • brombek
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Yes, I and hope the “the day of the Linux desktop” never comes due to this :D Well, you can see what happens where this two does not hold with Linux, just looks at Android and ChromeOS. Would the community jump on the mitigations/sandboxing side of things same way Google did?

        Linux is secure thanks to they way it is used and developed. If you change the way it is used the whole security model changes and it would not be as secure as for example Android in the same use cases.