this post was submitted on 18 Jul 2025
678 points (98.3% liked)
Linux
56511 readers
582 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, unfortunate to rain in the parade but GNU/Linux definitely needs some attention sooner rather than later. Plenty of design benefits, but also plenty of pitfalls from an OS sec POV.
Average users aren't installing SELinux or Qubes so I hope no-one was actually going to reply with what Linux can do as opposed to the everyday user experience.
A few years outdated, but relevant: https://madaidans-insecurities.github.io/linux.html
Can't possibly be more vulnerable than Windows, the system where you can elevate yourself to highest privileges by simply clicking "Yes" on a prompt without a password, and where most users are running outdated versions of their software because they never update anything, or have a thousand background "updater" applets that are scheduled to run periodically and have the ability to install arbitrary executables from their servers.
The linked article provides many examples where security techniques lag far behind Windows. Vulnerability isn't as simple as being 'more vulnerable' or 'less vulnerable', it's a complex concept, and both GNU/Linux and Windows have design decisions which make each better than the other in various ways. We need to understand security in a more nuanced way than "x is better than y" if we actually want to protect ourselves from threats.
A Linux installation can be set to run root with no password or prompt. A Linux user can choose to never update their software - one could argue that Windows forced OS updates are an improvement here. The argument that the typical user has more technical understanding is a weak defense (as in, we really really really should not rely on that) and also irrelevant when we're talking about Linux gaining a wider audience.
If you run a repo-only system, where everything you install comes from the first-party distro repo, you'll likely be fine. Just as you are on Windows or Android if you only download apps from the first-party store.
But like on Windows and Android, you'll quickly reach the limit of what you can do with first-party store only.
Especially stuff like gaming requires non-repo/non-store stuff pretty quickly, and then you are on exactly the same turf as on Windows.
There's no world where Windows users only use the official store. In fact, that's why every "S" version of Windows always failed.
Exactly my point. Also on Linux you quickly get to the limits of what you can find in the first-party repos without ppas or downloading .rpm/.deb/... files. And same as on Windows, having a malware-free first-party repo/store won't protect you from malware if you download your programs from elsewhere.
Canonical’s Snapcraft has a bad reputation for a reason. Many reasons. But compromised apps is a major one.