The processor argument comes into the discussion because Macs use Intel Processors (Perhaps they should have stuck with Motorola processors!) and meltdown was cross platform, apart from AMD processors which suffered from Spectre. I don't know if Intel speed-step exists on Macs but that is yet another security issue that has been around for at least 10 years and only relatively recently been acknowledged.
The reddit thread in question was a mixture of facts, false claims, and opinions.
There is an almost inifinite amount of variables that come into play with operating system security. That is further complicated by flaws and vulnerabilities in hardware, software, libraries used by programming languages and so on and so on.
To have a proper discussion about it you first need to clearly define what is being discussed / debated. That was never done. It was all over the place.
Having " link wars " where all you do is post link after link in response to links posted by others gets you nowhere in the end. You can always find at the bare minimum thousands of posts that support your claim or sound good.
The OP in this thread linked to what he called a blog post that won him over about Apple security. That was marketing material from Apple and not what I would call a blog post.
Linux, Apple , and Microsoft are all concerned about security. Microsoft and Apple have faced additional challenges by having to maintain ease of use / convenience while keeping their products secure as possible. All the systems know there is room for improvement.
I think that products such as SilverBlue from Fedora and MicroOS from Suse will receive more attention in the coming years. The use of an immutable file system would have a big impact on Linux security as well as stability.
DJ Ware recently did a video on Is Ubuntu more secure than Debian
I hope people that watch the video are able to learn from his approach.
2 Likes
All are creative videos. Suberb
Forgot as i have stated elsewhere in the past - OS's are written by humans so won't be secure. OS's written by AI would be the most secure - you just wouldn't be able to access them!
1 Like
A most strange system. The only winning strategy is not to access.
How about a nice game of Chess?
1 Like
Macs use their own chips now called the M1, M1 pro and the M1 max. Intel processors are no longer included in macs since 2020.
Yes you do. You can't use your computer unless you log into the desktop and therefore I don't see how this argument stands straight. You can't even use cli apps unless you login either in your personal user account or the root account or a dummy account like in a live session via USB. Once you login, an un-sandboxed app can then freely interact with your desktop and can access all files and folders, unless you change permissions, which you can't do in traditional packaging formats.
Then it was wrong of you to say that I never provided proofs of what I claimed.
And I did that very well. I added links to support my points and my points were well explained as well.
Easy hit a stone in that general direction. It is bound to hit the elf unless it is minuscule in size
Yes - you must Log In using your Security password.
You must address how "interact freely" gets past the users password credentials given that the user must input their credentials prior to using the desktop.
You have not supported your argument - at all.
You posted links that address the fact that All OS's continually examine how to address security concerns.
This does not demonstrate, in any fashion - that Linux is Insecure. It also does not show that Mac is clearly More Secure.
The most you have done is post a Reddit post where some-guy-on-the-internet said some stuff that doesn't actually make sense or add up.
My elf dodged your stone.
Moreover, not only may the elf dodge, but even if you strike with the rock- this will not "prove me wrong" - a stone may have struck an unknown invisible object but this does not show that it was, in fact, an invisible ELF* that it struck.
Simply put - you cannot "Prove that something isn't there."
You cannot prove a negative. You can only provide evidence that something is true, likely or present.
Even your Stone Throw attempt was not an effort to prove there is no Elf but an attempt to try to show that it is there.
The posts are long and I get it that it's easy to miss a line or two.
To add even more clarity. There are three kinds of vulnerabilities.
- Malwares and dangerous scripts: These are results of user negligence and is common to all Operating Systems.
- Vulnerabilities in the code: Also common to all Operating Systems. Severity varies time to time but the get patched almost immediately after spotted.
- Vulnerabilities in the system of things: This is the one I am talking of in particular. When the way things are done or to be precise the system of doing things is flawed. The only way to fix it is by replacing it completely with a new system. In Linux this is way too common than other operating systems and even the transition is not smooth.
The Pop!_OS switch to Pipewire, broke my speakers. Things in Wayland don't work properly. For example the cursor is not visible when I am playing CS:GO when I am logged into wayland. The startup time of an app after cold boot is too long if the app is a flatpak or a snap. Even the permissions are not set properly. For example, after you install WPS Office snap, you must also give it printing permissions and most other communication apps like discord and telegram can't upload or download from/to a user file unless given the permission.
No security concerns with Pipewire though.
You do blame the person if you say that they "did not bother to read properly."
Needless to say, I agree with Steely. You have not at any point defined what you mean by security.
You mention vulnerabilities- then make a big giant leap to calling Linux "insecure" based on vulnerabilities that you do not understand and reject any explanation of how they work or whether they are even an issue.
You simply reject any attempt to address the concerns that you started the thread with.
This suggests that you have already made up your mind based on a Reddit post and now, seek only to validate your opinion - facts notwithstanding.
Yes I have.
Now tell, Didn't I define security?
Vague and undefined.
It does not address the depth of security when you claim Linux is "insecure" - as you clearly have done numerous times, based on whether or not a desktop application can access X11 - which by necessity it must do - when the user is on a Password Protected account.
In claiming a secured system is "insecure" merely by your statement - you must define Security in a way that is applicable.
To add clarity to the above:
By stating that Linux is "insecure" based on one potential vulnerability (The severity of which I have pointed out is minor but you contest may not be minor) - this defines Computing Security as so strict as to be that Secure means Totalitarian Security. No Vulnerabilities.
I think it is because this thread has gone to Such Extremes that the debate heats and that confusion as to what the defined terms mean is essential.
This makes no sense. Well, at least to me. I would require an explanation. You must always log into your computer to bring it in an usable state. You don't get an option to run even a CLI app just because you don't want to run a GUI app because it is a potential security threat.
What is this post all about?
In order to access X11 - you must enter your password credentials. That is a security checkpoint that I mentioned above.
Your statement about a Vulnerability in X11 ignores this security checkpoint- thereby which you state that Linux is insecure.
In the referenced post, you cover issues you have with Linux in general... not just security ones... But either way, you cover issues you contest about Linux Security. You do not define what makes a system secure in any of it.
I can only repeat:
In order to make a meaningful comparison of Mac Security vs Linux Security, you need meaningful definitions to compare against.
This is much like having a Control in a science experiment. The data is meaningless unless you have data to compare it against.
You do realise that this getting you nowhere, don't you? You keep pushing same statements again and again. I very well explained everything in my posts before.
If it is not immediately patched - does this make the system Insecure?
This statement is simply false.
In Windows and in Mac, the O.S. base remains just as fundamental as in Linux. Mac OS is unix-like and is so similar to Linux, that open source software for Linux can work on Mac. Mac Proprietary software often will not work on Linux.
This ignores the security checkpoints - such as providing a secure password in order to install an application - a secure password provided in order to access the desktop in the first place.
This statement does not define what makes a secure system. It merely asserts a claim that ignores the security checkpoints that are inconvenient to itself.
Yes, I keep repeating myself because you reject anything that is not aligned to the narrative you wish to validate.
It would be simpler if:
- The O.P. defined what Security is essential to consider an O.S. secure given that your current statements imply Total Security as essential.
- If the debate took only One Security Topic at a time, rather than flying all over the place.
- If each topic were discussed on merit, rather than a weeing for distance contest about who wants to be Right, regardless of facts.
You have a lot of nerve making that statement. You do not know me and it just reinforces your condescending attitude in this thread.
It is an attitude that you have shown elsewhere on this forum.
I stopped reading all of your replies when you posted a link that was marketing material.
It is obvious your knowledge and experience in security is limited.
This thread is an interesting one as it can cover, in depth, many security advantages and disadvantages across systems. All have pros and cons, but the security aspect is largely governed by The Human Element.
Or as @swarfendor437 calls it: PICNIC. 
Using X11 as an example:
A member has noted a potential security flaw in X11 that applications can access the Window Manager. It is essential that they must... However, this bears a necessary and crucial to understand distinction that cannot be ignored: That the User must enter a password in order to access the desktop. They must use their password in order to install applications. This is the Human Element - that all actions must be vetted by the user - an aspect that is inherent in Linux Operating Systems.
This is inherent Security which mitigates the vulnerability the O.P. expresses concerns about and is also the opposite of being an "inherent flaw."
There are hundreds of Operating Systems out there. Some are independently made like Temple OS.
Some are the Operating Systems written by Hardware manufacturers for the hardware that interacts with your chosen O.S. on the computer.
Some are the Operating Systems used on Aircraft, locomotives and automobiles.
We tend to focus on End User Operating systems that are familiar to us. Like Windows, Android, Mac and Linux.
Let's examine what we can readily observe in these four common O.S.'s:
- Security is touted as a marketable selling point.
- All common average user Operating Systems stand as a higher security risk than obscure operating systems do.
- None of the common average user O.S.'s can attain perfect security. This is largely due to the Human Element. user control is essential for a user to access and make efficient use of their desktop. Removing that control can create more security. However, it undermines the usefulness and viability of the desktop to the user. All of the above four rely on the User to vet installations and allow permissions.
The primary question raised in the O.P. is:
Is Linux less secure than an O.S. like Mac OS due to Inherent Design of Linux making it harder to patch or change vulnerabilities?
The evidence provided to Justify The Question in the first place was very weak and neglects and ignores essential aspects of Linux Security in order to present the illusion of self-importance.
That would be the X11 argument, which has been roundly hashed out at this point.
So, yes... If the user gives permission to install, run and access to an application, using their Security Password, it can, then, interact with the desktop.
This is true for all the common user operating systems. Mac. Linux. Windows. Android.
If the user gives permission- then it has been granted permission.
The only security vulnerability in this is whether or not the user has been diligent and rational in choosing what to give their permission to.
And since a User Experience O.S. must orient on the User, this cannot be altered in Any of these O.S.'s - it is not inherent in the design of the OS; it is inherent in the Users Expectations.
Examining statistically, with direct observational evidence, we can quickly and neatly discard certain absurdities, such as the notion that Linux is an insecure system. The CIA, FBI, U.S. Military as well as a great many corporations all prefer Linux in order to keep a Secure Server.
We all have a pretty good idea of Windows security and the chaos that is... Much less access to the World Wide Web to search on that topic ad infinitum.
Is Mac OS more secure than Linux? Without clear definitions against which to compare- I can give no opinion on this. It would be irrelevant to call Linux "insecure" in order to justify the claim. They are likely on generally equal footing, with wiggle room about applicability- how the systems are being used and by who - to determine which may meet a particular users needs the best.
But to the average user- each is probably as secure as the other.
With such a conclusion:
I do. I agree that this discussion continuously turns away from the weight of merit. Rather, it is more about Ego, than about facts.
This being the case, it has become a distraction on the forum, rather than a meaningful intelligent discussion that is informative and enlightening. Any member may post a rebuttal to a claim, For example: "Yes, the user must log in to the desktop with a secure password, but I contend that is not enough to provide security given that 'yadda yadda and such and such issue' persists"
That this is not happening, only repetition, it is not fruitful. It swiftly devolves into fighting.
This thread is not progressing with meaningful discussion in which the merit of points is carefully weighed and considered.
It is just becoming a Fight.
Members of this forum look here for sound advice, encouragement, helpful information and reasonable discussion.
This thread is closed on these grounds.
1 Like