Why do you guys keep pretending that linux is safe?

>>61783540
Why does it trigger you?

>>61783540
Anyone using Linux knows it isn't. It simply isn't targeted as much (the desktop anyway) compaired to Windows. Also most users know what they're doing and won't get their computers infected even while using Windows.

>>61783540
why isn't it safe?

>>61783754
Cause that forms the misconception of Linux not having vulnerabilities which is naive and leads to exploitation and data breaches.

OpenBSD is the safe OS.

>>61783817
One of the biggest (and the the only one that costs money) distros (Redhat) is endorsed and funded by the department of defense.

You could argue that makes it more secure or more of a personal risk, either are valid.

Either way, linux only continues to be "safe" through obscurity.

>>61783904
>Either way, linux only continues to be "safe" through obscurity.
As opposed to what?

File: 20130419_penguin-fedora-fin.jpg (36KB, 500x800px) Image search: [Google]

36KB, 500x800px

>>61783540(You)(OP)

>>61783881
Because nothing works :^)

>>61783956
As opposed to being safe because of design.

The only thing that makes linux inherently safer than something like windows is the fact that it is open source, but because there are literally thousands upon thousands of packages and billions if not trillions of lines of source code to comb through, the chances of someone finding a vulnerability that isn't obvious aren't as high as they want you to think, especially considering how many packages haven't been updated in years and haven't been audited in god knows how long. 99% of users just download whatever their package manager farts out with no second thought or any real scrutiny.

>>61783992
hey man, if the malware doesn't run, it doesn't run.

>>61784015
Well I agree, but it's still the best option that exists right now

>>61783956
most viruses are made for windows, partly because windows is easier to develop for, and partly because windows has a userbase of morons

>>61784015
In a way, being open source makes things worse because malware devs can go into the source code and find all of the systems vulnerabilities

>>61784015
>the chances of someone finding a vulnerability that isn't obvious aren't as high as they want you to think
This goes both ways though.

If there do exist unknown vulnerabilities within the kernel/package manager/whatever, then there's no possible way for malicious hackers to utilize them.

>>61784063
>that exists right now
Not him but in terms of security I don't know if it's at all possible to estimate versus others.

>>61784098
>In a way, being open source makes things worse because malware devs can go into the source code and find all of the systems vulnerabilities

True. Yet another angle I hadn't even considered.


>>61784106
The difference is a hacker has an INCENTIVE to pour through source code looking for a vulnerability, there's really no reason for people to go auditing old packages or kernels if they aren't getting paid like most hackers are.

>>61784098
>has a userbase of morons
Judging by /g/ the situation is probably even worse on Linux.

Oh and 95% desktop market dominance is a miles high more substantial reason to develop Windows malware.
Don't forget, those company data leaks happen with Linux servers, not so secure, are we?

>>61784126
>there's really no reason for people to go auditing old packages or kernels if they aren't getting paid like most hackers are.
I wouldn't be so sure.
Linux is a pretty intricate piece of software for absolutely no enthusiast/hobbyist to want to figure out its inner workings.

Implying an attacker would even want to get into your weeb animue system

Implying an attacker could isolate and exploit your animue system.

Any sophisticated Linux user should be using pretty intense network security.

File: PcvqdRD.jpg (399KB, 1920x1200px) Image search: [Google]

399KB, 1920x1200px

It's not safe, it's just safer.

I use Debian 9 and I'm not that happy about systemd. It's made by Red Hat and it's a large attack surface if anyone wanted to compromise it, but I'm just too lazy at this point to move to a non-systemd distro. As well as that I don't care THAT much and I enjoy Debian.

Moving to an easier distro would be less satisfying and, as well as being lazy, I don't have the time to learn Arch or Gentoo now. And, more crucially, I need the stability of a distro like Debian.

>>61783904
>linux only continues to be "safe" through obscurity
>runs 75+% of all servers/databases/websites

Certainly you must mean GNU+Linux

>>61783540
Should have shopped the image to say Dr. Suse

>>61784015
You are correct to an extent, the thing is, Linux is far easier to secure and monitor. There's nothing hidden from you like there is in Windows.

>>61784575
>I don't have the time to learn Arch or Gentoo now.
You're using a systemd distro, Arch is no different. Gentoo isn't "hard" it's simply tedious to install the first couple of times. Don't let the horror stories deter you, you're not giving yourself enough credit.

File: Untitled.jpg (136KB, 325x355px) Image search: [Google]

136KB, 325x355px

>>61783904
>DoD, the only client of Redhat, ordered them to build them an os full of exploits so they can hack themselves since nobody else is using it
obviously the government is evil, but Jesus Christ on a pita you're retarded

>>61783540
security is an asymptotic concept

Linux is only "safe" in relation to less safe things like Windows and OS X

Safe from what? The scary hackers?

>>61785639
the botnets and viruses you dumb fuck

>>61783811
This is also misleading. GNU/Linux isn't exceptionally secure as much as it isn't egregiously insecure. Windows is nightmare fuel even by proprietary software standards.

>>61783904
"Security through obsurity" doesn't mean what you think it means.

SAFEST WE'VE GOT DAMMIT

Security through obscurity.
-depending on secret code. (proprietary)
Security through minority
-apple
Security through design.
-GNU/Linux.

>>61783811
>It simply isn't targeted
about 40% servers run GNU/Linux, stop being dumb.

GNU/Linux also have advanced security features as SELinux or AppArmor and has less security-related bugs.

>>61786934
>"Security through obsurity" doesn't mean what you think it means.
That's just the point.
It does mean whatever he thinks it means. To him.

>>61787075
>>61787075
Right, and they frequently fall victim to massive data breaches and far reaching exploits. See : Target, Glibc exploit, Mint hack, etc.

It's just that nobody bothers to mention the fact that it was a linux system that was breached because the public doesn't give a shit. Linux is a lot more vulnerable than you seem to think it is, especially since every piece of software has a million fucking dependencies you can never hope to completely audit.

>>61783540
It's safer. I don't have to scan flash drives before using it

>>61788275
>my Model T is safer because I never forget to put my seatbelt on because it doesn't have one

>It's also more secure because nobody knows how the fuck to start it and even if they did I could literally run after them and catch them so it can never be stolen

>also it's better because it has no features and I'm the only one retarded enough to use one as a daily driver, which makes me feel special and cool

>People who drive modern cars are literally retarded, enjoy your airbag burns fags!

>>61788373
what

>>61788382
I'm calling you a dumbass.

>>61783540
it is, prove me wrong

216.58.211.238

I installed flash for 8 minutes on gentoo once to play some dumb flash thing, and it triggers my OCD all the time that the botnet has me.

File: 1472049403678.jpg (283KB, 1024x683px) Image search: [Google]

283KB, 1024x683px

>>61788499
I even had a tomoyo policy on it too. Is that seriously any reason to be concerned?

>>61783540
it's safER than windows
it's not safE as an absolute. nothing is. the closest is perhaps OpenBSD, but it pays a high price in that it's barely functional as a desktop OS.

>>61785499
security via obscurity vs openness is a double-edged sword

I don't know how split the crowd is on black or white hats, but for it to even work, you'd need around 50% of white hats disclosing vulnerabilities. if 99% of exploits were found and used by black hats, the idea of openness fails.
closed source is probably harder because you have to work back from assembly. so each has its own benefits and problems.

>>61784063
you discount the non-closed BSD's

The most linux users use a root account for browsing like on windows. The software is installed via repositories and not on download sites with 7 fake download buttons. The most users are more in tech so it is no so likely that they get a virus while simply browsing in the net. Furthermore a lot of viruses are spred via ads, hijacked websites and emails, i guess a server does not do so much browsing in the internet. And the script kiddies are more after windows machines, then after linux.

>>61788417
Only dumb people call others dumb

File: linus-fuckyou.jpg (413KB, 1280x720px) Image search: [Google]

413KB, 1280x720px

>>61788721
>"I think the OpenBSD crowd is a bunch of masturbating monkeys, in that they make such a big deal about concentrating on security to the point where they pretty much admit that nothing else matters to them."

>>61784098
>muh open src lets hackers search vulnerabilities argument

Thread confirmed for being full of retarded non-security people.

>>61789387
He's right though, we should remove ingredients lists from food products too so they can't be used to poison people with allergies.

>>61783540
It's safER than Windows. It can never be 100% safe because there's no accounting for user error.

>>61789319
He's right. Whenever he talks about security, he repeats the really basic concept of network of trust and how security work without that is really just masturbation.

The problem is people want their little computers to be online 24/7 and reachable from the internet and anyone can talk to it. HTTP servers gotta talk to literally anyone who connects because muh economic interests. New TVs and shit all have network-connected computers built-in. And then some malicious motherfucker sends a specially crafted payload and owns the computer.

You could implement cryptographic port knocking so that the server wouldn't even respond to pings and network maps unless the user sends a packet signed by a pre-authorized trusted key beforehand. But then mere mortals wouldn't be able to access the computer services.

People want security but they also want to be able to blindly trust any incoming data from any origin. Is it any wonder they get pwn3d?

>>61789411
That's hilarious