I'm sure it already has... This type of issues that happen from time to time are not a good indication of how good security overall is.
To reference something I said earlier, that the impact or feasibility of the issue should also be taken into account, this issue requires physical access to a powered computer. Those two factors combined are more than enough to enable a myriad of attacks on just about any system.
Which of course is not to say this particular bug isn't critical or unimportant.
Remember the (in)famous Windows 10 update? It made your system so secure it wiped all of your data and made it irrecoverable! On the networking side, that isn't secure either. I was able to install Zorin on a non-networked notebook and added it to the work's Domain without recourse to the IT Department. I could also install networked MFD with Linux drivers with no problem!
From what I understood about that issue when it happened it was isolated incidents. Still extremely annoying. But let us not pretend Linux updates have never gone bad. This is kind of what I am talking about with biases. You mentioned that bad Windows 10 update but not Linux updates that break features or even essentially brick an OS
Upon researching the Windows 10 update the data is recoverable
This is more to do with the Security Policy than an OS.
Easy enough to limit connections by mac address if they wanted.
Yet you failed to name or research any positive elements of Windows because that is not the point you wanted to make. You concluded that since the things you said are true and you have not been disproven so are correct.
It can not really be proven either way. It is Apples and Oranges comparisons. The only thing we can do is try and follow the logic.
Since security firms spend more time studying and researching Windows and its applications it is less likely for there to be security flaws.
If Linux was that much more secure kinda odd that every bank I go into uses Windows.
If Linux is more secure then why does most businesses use Windows? Do you think they would not better protect user data if they could?
These are logical assumptions but it can not be proven.
I am honestly a bit biased towards Linux myself over Windows or MacOS. But I can still be objective on matters concerning all 3.
I made the point based on how each handles security and user access. It is not relevant to try to introduce Red herrings in to the argument in order to create a false sense of fairness.
You say that we should not include "isolated incidents", but then use the lack of them to then resort to a personal attack calling the opposition biased. This demonstrates that you will reject any opposing point.
Yet, these statements made by you contradict the other statements made by you:
These are all assertions you made. And all of them are unsupported assumptions.
When you could not support your assumptions, you then changed tactics to claiming that none of us are capable of even knowing at all... And when that failed, you went to Ad Hom.
And if I close the thread due to the fallback to ad homs, you can then claim I am abusing the Moderator Position to silence opposition.
If I provide Links, as someone already has, you will dismiss that on the basis of:
You say that we are not able to know, but when presented information from the Security Experts, you claim they cannot be trusted.
What all this means is that this discussion has turned into Rolltide saying: "I believe this. Prove me wrong." It is a logical fallacy to try to prove a negative.
This thread is not about meaningfully discussing Linux Security in an informative way with merit based statements.
These brush offs are not objective in any way whatsoever and what remains behind is a gasoline filled flamewar waiting for a spark.
I reiterate, though, that depending on the services offered publicly by the computer and what the user does, will defeat any measure created to secure the OS. My credentials, CompTIA A+, CompTIA Network+, MCSA and MCP. I can provide the ID numbers of the certifications if necessary. I hold many more but not relevant to this conversation.
Instead of spreading misinformation, this isn't Facebook, you may want to research some of this yourself. It would definitely save you some embarrassment and hurt feelings when you find you're opinion isn't fact.
I have unlocked the thread (temporarily) due to two separate Moderators posting counter-arguments that could be viewed as a "last word."
Here is the breakdown:
Discussions must focus on the merit of ideas. Not character attacks.
If you see a rebuttal, it may be worth examining. Don't just dismiss it with a handwave and change the topic. I mean, it's not against the rules or anything. But you won't likely get more than a fight out of that instead of productive discourse.
Lastly, this is a topic where accuracy really matters. It may well be that Windows is more secure or Linux is more secure. We need facts that we can verify, studies that have basis - not speculation and accusation.
Throwing around links does not mean anything. I can fling them around just as well as any of you can. My complaint is you are googling looking to prove the point YOU want to make. Not caring what the truth is.
To be clear I think both of the links above are bonk as well and I do not put much stock in them. I am just saying it is annoying people trying to shut down a logical argument because you have "better links"
When two parties debate an issue, they present their case. That is inherent.
One thing you can find pretty often on this forum is where I see a counter point made by another use and my response is:
that is valid.
You make a very good point.
I stand corrected
and so on. This is demonstrative of being willing to examine arguments and really listen to what the other person has to say. Examining the merit of the ideas is the point.
Presenting support in the form of links, articles that have researched and studied the issue and so on is how we support our claims. Links are not useless. Making an unsupported claim is what is useless.
I can demonstrate:
Ancient dragons destroyed Atlantis.
Without anything to support it, it means nothing to anyone.
I agree that links can and will contradict each other. And I agree that there are plenty of biased sources. That is why we provide information, verify information, fact-check and research what information is provided. It is more logical than just posting an unsupported assertion and expecting others to accept that assertion at face value or lacking anything to compare it against.
In other words; pull the substance out of what is there, rather than having expectations that anything you say must be taken for granted as having substance.
I concede that there is no perfectly secure internet connected computer today. There are many security holes in Linux, which 9 out of 10 require physical access to the machine. When was the last time you had physical access to your company's web server? Unless you are an IT Technician or Network Administrator, you don't. If you are, you are in a trusted position and expected not to do harm.
On desktops, the market for Linux is much smaller, which adds to the security for lack of targeting. The kernel itself is not bulletproof.
The same can be said about windows. How many times have I fixed a computer allowed by spamware, malware, Trojans and viruses. This was because windows ships with very little in the way of security enabled.
Once configured correctly, windows can be secure, with a firewall, anti spam and antimaleware and antivirus. On Linux I use a firewall, nothing else.
Trying to compare them for security is attempting to compare an ecar to a diesel truck for gas mileage.
Each OS has its own unique positives and negatives.
This right here is a key point.
I quote from the link @rolltide101x posted:
Although note that some of the other figures mentioned represent a full two decades of existence – like Debian, which has been around since 1993 – so it’s difficult to make direct comparisons in that respect.
Still, this serves to underline that Windows security is perhaps not as shaky as you might believe, at least historically, and indeed that Linux and Mac users shouldn’t be complacent.
Of course, there’s a lot more to security than the mere number of vulnerabilities which pop up in any given operating system or product. There are a number of other important points to consider here, too, such as the nature of those vulnerabilities, the likelihood of them being targeted, and of course the response and ease of patching them, among many other factors.
The point still stands, however, that no users should be complacent, no matter how secure they believe any particular product might be.
The security vulnerabilities in question range on a scale and that scale is not presented in this article. Severity really matters, as well as ease of access. Anyone that has worked in Security knows this.
But what the article presents is a very good point: Do not take security for granted.