You do blame the person if you say that they "did not bother to read properly."
Needless to say, I agree with Steely. You have not at any point defined what you mean by security.
You mention vulnerabilities- then make a big giant leap to calling Linux "insecure" based on vulnerabilities that you do not understand and reject any explanation of how they work or whether they are even an issue.
You simply reject any attempt to address the concerns that you started the thread with.
This suggests that you have already made up your mind based on a Reddit post and now, seek only to validate your opinion - facts notwithstanding.
Yes I have.
Now tell, Didn't I define security?
Vague and undefined.
It does not address the depth of security when you claim Linux is "insecure" - as you clearly have done numerous times, based on whether or not a desktop application can access X11 - which by necessity it must do - when the user is on a Password Protected account.
In claiming a secured system is "insecure" merely by your statement - you must define Security in a way that is applicable.
To add clarity to the above:
By stating that Linux is "insecure" based on one potential vulnerability (The severity of which I have pointed out is minor but you contest may not be minor) - this defines Computing Security as so strict as to be that Secure means Totalitarian Security. No Vulnerabilities.
I think it is because this thread has gone to Such Extremes that the debate heats and that confusion as to what the defined terms mean is essential.
This makes no sense. Well, at least to me. I would require an explanation. You must always log into your computer to bring it in an usable state. You don't get an option to run even a CLI app just because you don't want to run a GUI app because it is a potential security threat.
What is this post all about?
In order to access X11 - you must enter your password credentials. That is a security checkpoint that I mentioned above.
Your statement about a Vulnerability in X11 ignores this security checkpoint- thereby which you state that Linux is insecure.
In the referenced post, you cover issues you have with Linux in general... not just security ones... But either way, you cover issues you contest about Linux Security. You do not define what makes a system secure in any of it.
I can only repeat:
In order to make a meaningful comparison of Mac Security vs Linux Security, you need meaningful definitions to compare against.
This is much like having a Control in a science experiment. The data is meaningless unless you have data to compare it against.
You do realise that this getting you nowhere, don't you? You keep pushing same statements again and again. I very well explained everything in my posts before.
If it is not immediately patched - does this make the system Insecure?
This statement is simply false.
In Windows and in Mac, the O.S. base remains just as fundamental as in Linux. Mac OS is unix-like and is so similar to Linux, that open source software for Linux can work on Mac. Mac Proprietary software often will not work on Linux.
This ignores the security checkpoints - such as providing a secure password in order to install an application - a secure password provided in order to access the desktop in the first place.
This statement does not define what makes a secure system. It merely asserts a claim that ignores the security checkpoints that are inconvenient to itself.
Yes, I keep repeating myself because you reject anything that is not aligned to the narrative you wish to validate.
It would be simpler if:
- The O.P. defined what Security is essential to consider an O.S. secure given that your current statements imply Total Security as essential.
- If the debate took only One Security Topic at a time, rather than flying all over the place.
- If each topic were discussed on merit, rather than a weeing for distance contest about who wants to be Right, regardless of facts.
You have a lot of nerve making that statement. You do not know me and it just reinforces your condescending attitude in this thread.
It is an attitude that you have shown elsewhere on this forum.
I stopped reading all of your replies when you posted a link that was marketing material.
It is obvious your knowledge and experience in security is limited.
This thread is an interesting one as it can cover, in depth, many security advantages and disadvantages across systems. All have pros and cons, but the security aspect is largely governed by The Human Element.
Or as @swarfendor437 calls it: PICNIC.
Using X11 as an example:
A member has noted a potential security flaw in X11 that applications can access the Window Manager. It is essential that they must... However, this bears a necessary and crucial to understand distinction that cannot be ignored: That the User must enter a password in order to access the desktop. They must use their password in order to install applications. This is the Human Element - that all actions must be vetted by the user - an aspect that is inherent in Linux Operating Systems.
This is inherent Security which mitigates the vulnerability the O.P. expresses concerns about and is also the opposite of being an "inherent flaw."
There are hundreds of Operating Systems out there. Some are independently made like Temple OS.
Some are the Operating Systems written by Hardware manufacturers for the hardware that interacts with your chosen O.S. on the computer.
Some are the Operating Systems used on Aircraft, locomotives and automobiles.
We tend to focus on End User Operating systems that are familiar to us. Like Windows, Android, Mac and Linux.
Let's examine what we can readily observe in these four common O.S.'s:
- Security is touted as a marketable selling point.
- All common average user Operating Systems stand as a higher security risk than obscure operating systems do.
- None of the common average user O.S.'s can attain perfect security. This is largely due to the Human Element. user control is essential for a user to access and make efficient use of their desktop. Removing that control can create more security. However, it undermines the usefulness and viability of the desktop to the user. All of the above four rely on the User to vet installations and allow permissions.
The primary question raised in the O.P. is:
Is Linux less secure than an O.S. like Mac OS due to Inherent Design of Linux making it harder to patch or change vulnerabilities?
The evidence provided to Justify The Question in the first place was very weak and neglects and ignores essential aspects of Linux Security in order to present the illusion of self-importance.
That would be the X11 argument, which has been roundly hashed out at this point.
So, yes... If the user gives permission to install, run and access to an application, using their Security Password, it can, then, interact with the desktop.
This is true for all the common user operating systems. Mac. Linux. Windows. Android.
If the user gives permission- then it has been granted permission.
The only security vulnerability in this is whether or not the user has been diligent and rational in choosing what to give their permission to.
And since a User Experience O.S. must orient on the User, this cannot be altered in Any of these O.S.'s - it is not inherent in the design of the OS; it is inherent in the Users Expectations.
Examining statistically, with direct observational evidence, we can quickly and neatly discard certain absurdities, such as the notion that Linux is an insecure system. The CIA, FBI, U.S. Military as well as a great many corporations all prefer Linux in order to keep a Secure Server.
We all have a pretty good idea of Windows security and the chaos that is... Much less access to the World Wide Web to search on that topic ad infinitum.
Is Mac OS more secure than Linux? Without clear definitions against which to compare- I can give no opinion on this. It would be irrelevant to call Linux "insecure" in order to justify the claim. They are likely on generally equal footing, with wiggle room about applicability- how the systems are being used and by who - to determine which may meet a particular users needs the best.
But to the average user- each is probably as secure as the other.
With such a conclusion:
I do. I agree that this discussion continuously turns away from the weight of merit. Rather, it is more about Ego, than about facts.
This being the case, it has become a distraction on the forum, rather than a meaningful intelligent discussion that is informative and enlightening. Any member may post a rebuttal to a claim, For example: "Yes, the user must log in to the desktop with a secure password, but I contend that is not enough to provide security given that 'yadda yadda and such and such issue' persists"
That this is not happening, only repetition, it is not fruitful. It swiftly devolves into fighting.
This thread is not progressing with meaningful discussion in which the merit of points is carefully weighed and considered.
It is just becoming a Fight.
Members of this forum look here for sound advice, encouragement, helpful information and reasonable discussion.
This thread is closed on these grounds.