Clickbaity title on the original article, but I think this is the most important point to consider from it:
After getting to 1% in approximately 2011, it took about a decade to double that to 2%. The jump from 2% to 3% took just over two years, and 3% to 4% took less than a year.
Get the picture? The Linux desktop is growing, and it’s growing fast.
Yeah, unfortunate to rain in the parade but GNU/Linux definitely needs some attention sooner rather than later. Plenty of design benefits, but also plenty of pitfalls from an OS sec POV.
Average users aren’t installing SELinux or Qubes so I hope no-one was actually going to reply with what Linux can do as opposed to the everyday user experience.
A few years outdated, but relevant: https://madaidans-insecurities.github.io/linux.html
Can’t possibly be more vulnerable than Windows, the system where you can elevate yourself to highest privileges by simply clicking “Yes” on a prompt without a password, and where most users are running outdated versions of their software because they never update anything, or have a thousand background “updater” applets that are scheduled to run periodically and have the ability to install arbitrary executables from their servers.
The linked article provides many examples where security techniques lag far behind Windows. Vulnerability isn’t as simple as being ‘more vulnerable’ or ‘less vulnerable’, it’s a complex concept, and both GNU/Linux and Windows have design decisions which make each better than the other in various ways. We need to understand security in a more nuanced way than “x is better than y” if we actually want to protect ourselves from threats.
A Linux installation can be set to run root with no password or prompt. A Linux user can choose to never update their software - one could argue that Windows forced OS updates are an improvement here. The argument that the typical user has more technical understanding is a weak defense (as in, we really really really should not rely on that) and also irrelevant when we’re talking about Linux gaining a wider audience.
If you run a repo-only system, where everything you install comes from the first-party distro repo, you’ll likely be fine. Just as you are on Windows or Android if you only download apps from the first-party store.
But like on Windows and Android, you’ll quickly reach the limit of what you can do with first-party store only.
Especially stuff like gaming requires non-repo/non-store stuff pretty quickly, and then you are on exactly the same turf as on Windows.
Canonical’s Snapcraft has a bad reputation for a reason. Many reasons. But compromised apps is a major one.
There’s no world where Windows users only use the official store. In fact, that’s why every “S” version of Windows always failed.
Exactly my point. Also on Linux you quickly get to the limits of what you can find in the first-party repos without ppas or downloading .rpm/.deb/… files. And same as on Windows, having a malware-free first-party repo/store won’t protect you from malware if you download your programs from elsewhere.