• jabjoe@feddit.uk
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      4 months ago

      Few things, in rough order:

      • Smaller = less attack surface. You can strip a Linux OS down to only what is needed.

      • Open source, so it’s can be peered review. There are Unix distros like OpenBSD, that share lot of user space component options, where auditing is a big thing. The whole sunlight and oxygen stops things festering as much. As abosed to things locked in a box in another box down in a cellar.

      • Open source transparency forces corporates to be better. We can see what they are and aren’t doing.

      • Diversity. The is no “Linux”, it’s a ecosystem of Linux distros all built and configured differently, using different components. Think of Linux as just a type of base board in a sea of Unix Lego bits. There are plenty of big deployments on BSD bases that share a lot with some Linux deployments.

      • Unix security is simplier than Windows security, so easer to not mess up.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      In general it is. Opensource software has less bugs that proprietary. And even those bugs can be mitigated with hardening.

      • count_dongulus@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        That’s…a gross oversimplification. Super popular open source projects tend to have few bugs from the sheer number of contributors available to fix them, but active proprietary software has dedicated teams working fulltime every week to deal woth issues. Proprietary stuff is often way wider in scope than open source, so more surface for bugs to creep in. Scope and team size have a lot more to do with bug density than open vs closed source.

        • mexicancartel@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          I don’t know how much effort thoose proprietary software companies put into the actual software. Why is windows so shit? Why is whatsapp buggy? They try to get money with shit software with no optimisations at all.

          • count_dongulus@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            How many open source projects have 50 million lines of code like Windows, or legal agreements related to backwards compatibility and version support guarantees?

            A for-profit company is going to focus on whatever generates revenue, sure. But crappy software will lose customers in a non-monopoly scenario. They’re not exactly incentivized to make broken things nobody wants.

    • Simulation6@sopuli.xyz
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      Sort of an aside, but I am seeing Microsoft more as a hostile entity that I need to protect myself from.

    • ulterno@lemmy.kde.social
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      If you follow the philosophy that it follows, that is, giving the least possible permission to any application, to make it work, it easily becomes much more secure than Windows.

      On the other hand, if you log into your GUI desktop as root, Bill Gates save you.

    • save_the_humans@leminal.space
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      In addition to what others have said, there’s the move towards containerized applications on Linux via flatpaks, immutable distributions, and snapshots/rollbacks. There are also distributions like Debian with a delayed package release schedule for added stability and security. Its my understanding that you could have an exceptionally secure, effectively trustless, Linux system beyond what is possible on Mac or Windows.

    • Angry_Autist (he/him)@lemmy.world
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      4 months ago

      It’s not, in fact out of the box Linux is SIGNIFICANTLY more insecure than windows.

      The thing is, hackers and hack tool makers target the largest market segment to gain the most conversions.

      Apple users used to gush about how virus proof they were until they hit decent market share, and then they got plenty of malware.

      Same thing with Linux but the real difference is you need a few decades of linux experience to fix anything in a timely manner.

      • Empricorn@feddit.nl
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        4 months ago

        Linux is SIGNIFICANTLY more insecure than windows.

        Absolutely not true. I assume you don’t have a source for this? Besides your butt…?

        UPDATE:: They did not have a source.

        • Angry_Autist (he/him)@lemmy.world
          link
          fedilink
          arrow-up
          0
          arrow-down
          1
          ·
          4 months ago

          Does Linux come out of the box with A/V and firewalls?

          On second thought, you’re dismissive little aside just convinced me to excise you from my internet experience for all eternity.

          Ta…

          • itslilith@lemmy.blahaj.zone
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            AV is a bandaid for the horrible way software is handled in Windows. Linux is far from perfect, but package repositories are such a step up when it comes to security.

            • Abnorc@lemm.ee
              link
              fedilink
              arrow-up
              0
              arrow-down
              1
              ·
              4 months ago

              There is still the need to add repositories and download packages from the web every so often though. I don’t see why AV isn’t more common. It doesn’t stop the more clever and up to date attacks, but some protection from the simple things wouldn’t hurt.

          • KubeRoot@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            0
            ·
            4 months ago

            Does windows come preinstalled and preconfigured with more potentially vulnerable software on open ports?

            I personally don’t value an antivirus that much, since it can only protect you from known threats, and even then, it only matters when you’re already getting compromised - but fair point for Windows, I suspect most distros come without antivirus preinstalled and preconfigured.

            A firewall, on the other hand, only has value if you already have insecure services listening on your system - and I’m pretty sure on Windows those services aren’t gonna be blocked by the default settings. All that said though… Most Linux distros come with a firewall, something like iptables or firewalld, though not sure which ones would have it preconfigured for blocking connections by default.

            So while I would dispute both of those points as not being that notable, I feel like other arguments in favor of Linux still stand, like reduced surface area, simpler kernel code, open and auditable source.

            One big issue with Linux security for consumers (which I have to assume is what you’re talking about, since on the server side a sysadmin will want to configure any antivirus and firewall anyways) could be that different distributions will have different configurations - both for security and for preference-based things like desktop environments. This does unfortunately mean that users could find themselves installing less secure distros without realizing it, choosing them for their looks/usage patterns.