Like a privacy based fully open source browser. Wouldnt it be more hackable because every one know the script and is a glopal privacy based gpay alternative possible ? What about targeted hacking is someone using closed source application more better off than someone with ooen source ?
Not really, windows is most targeted because it’s most used. If Linux had comparable market share it would be attacked way more.
Most of the services you use every day run on Linux servers. Even Microsoft uses Linux on their servers. And these services, not an average laptop, are the main targets of malicious actors.
The vast majority of behind-the-scenes infra that the end user never sees are open-source, even if the end-user part is proprietary. Eg. Facebook and Xwitter are proprietary, but run on open-source infrastructure like Docker, Kubernetes, Nginx etc.
Proprietary OS-s are workstation/office/home PC land. They have way more security issues due to crap coding whereas security problems with open-source server stuff are as a rule the fault of the admins misconfiguring services and not keeping their software up to date.
Linux servers are hacked left and right on a daily basis.
Yes, because vast majority of orgs both in private and public sectors suck at securing their systems. Either:
-The admins lack the knowledge and skills to properly configure their stuff.
-The admins are not given the resources they need to update and secure the systems.
-The in-house parts of the system rely on some deprecated functionality of an old version of some underlying service. Updating in-house parts to make it work with new versions is not made possible because “Phil knew how but Phil was laid off 10 years ago” or “the company who made it is out of business” or “we don’t have the money to do it” or “it works now, so why bother?”
-The servers are fine, up-to-date and secure, but the in-house service itself has glaring security issues that go unfixed due to above reasons.
And thus came along little Bobby Tables and was able to completely incapacitate his school district…
Generally a Linux installation is very good at keeping itself up-to-date and installing security patches automagically. Updating Docker containers is somewhat more involved, but can be easily automated with Watchtower.
Linux is used a lot, though, in a lot of high value situations (servers).
Oh yeah, definitely but those tend to be different attacks than would target random consumer computers.
Being open source definitely plays a role in Linux security, but it’s minor compared to stuff like market share, user privilege, package management vs just installing random exes, different distros using different packaging systems.
Linux is the most used OS, it has many attacks every day. The problem is that you can’t see it and that’s why you think there aren’t Linux systems or attacks to it, because you can’t see them.
I like how you just ignored the comment you replied to which acknowledged linux makes up most servers and instead just argued against a guy you made up.
I didn’t ignore.
That doesn’t mean attacks on Linux are minors, just different kind of attacks, because a user mistake is easier to exploit than a vulnerability in a software/code. That’s not about software mistakes that create vulnerabilities, that’s a user mistake that install malware.
This kind of attacks you are saying are actually the “minor” attacks that daily occurs, but normally the most effective, there is a lot of scam, but daily or hourly there are millions or billions of attacks everywhere, or that’s what my cybersecurity team at my company showed me, they are 24/7 there to never let any attack penetrate to the organization. Imperva and Cloudflare (for example) are or have powerful firewalls that block many attacks every minute. And you are comparing that to a malware that a user install.
So that’s why I am saying, because you can’t see them, doesn’t mean there aren’t attacks.
Edit: More data added on bottom.
I found this: https://www.imperva.com/cyber-threat-index/
Is saying the role open source plays in Linux security is minor compared to the role other aspects play, not that the attacks are minor.
But I still think it’s wrong. Linux is the most used because it’s open source, anyone can audit it and adapt it to their servers or any infrastructure that can compute, as many libraries like OpenSSH and others that most closed source repositories are using to not re-make them from 0.
Someone hasn’t been paying attention for decades and instead chose to be confidently incorrect