>no antivirus >no personal firewall >no UAC >X11 allows anything with user rights record you typing root password >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves >repos routinely offer outdated versions with bugs
Remind me, how is Linux the safe operational system?
Because poojeet haxxors are too fucking stupid to create malware that takes advantage of anything but the most simple to exploit security holes. The government already owns you through remote DMA via cellular modem or IME/PSP.
>no personal firewall imagine unironically wanting the least secure type of firewall because it's all your pleb brain can handle
Isaac Hernandez
That doesn't make any sense user, different types of firewalls do different things. This one for example prevent Bitcoin miner hidden in something from phoning home
Cooper Lewis
retard
Nicholas Ortiz
>No UAC And that's a good thing!
Cooper Richardson
>no antivirus You don't need one, you just need to have a functioning pair of eyes to look at the source code and/or trust in the repo maintainers
>no personal firewall what?
>no UAC what?
>X11 allows anything with user rights record you typing root password That can be changed, you know.
>integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves Unless you use something like Slackware, or equivalent
>repos routinely offer outdated versions with bugs Unless you use something like Slackware. Or just compile it yourself. It only takes like half a brain.
Angel Roberts
Fuck off, retard. Linux is an operating system. Go read what that means
Noah White
>no antivirus wrong >no personal firewall wrong >no UAC wrong >X11 allows anything with user rights record you typing root password wrong >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves wrong >repos routinely offer outdated versions with bugs wrong
>no antivirus repos are updated constantly, and if you see something as unsecure, you can change it to your needs. >no personal firewall ufw, pfsense >no UAC literally any DE has one, if you want to be spoonfed >X11 allows anything with user rights record you typing root password i mean you can change that. it's better than os* having rootkit on boot or windows being probably the most vulnerable thing to that >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves how about not using *bsd >repos routinely offer outdated versions with bugs any software update for any system will have bugs.
Linux has nothing to do with any of these points outside of SELinux and iptables/nftables/bpf firewall.
rest of the points are userland problems.
antiviruses are spyware as well. a few exist for linux--such as carbonblack, but that shit is useless garbage if you know what SELinux is and how it works. why the fuck should you be trapping random syscalls and doing whatever "analysis" on shit instead of just saying, this app can't fucking open this file or network connect to this port.
Kayden Wood
>no antivirus ClamAV >no personal firewall UFW, iptables >no UAC Not true, UAC is actually flexible compared to Wangblows >X11 allows anything with user rights record you typing root password It could modified not to do that. >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves Varies. There are many Linux distros that don't do this. >repos routinely offer outdated versions with bugs Again, it depends on what distro you're using. Distros offering rolling release updates tend to be buggy than say a stable distribution. >Remind me, how is Linux the safe operational system? It's safer than Windows 10, that's for sure.
>Firejail That's a sandbox program for isolating other programs. Not a firewall.
Ayden Perry
>no antivirus clamav / rkhunter >no personal firewall iptables / GUFW for nobs >no UAC It's called sudo, dumbass. You're the UAC. >X11 allows anything with user rights record you typing root password Got me there. >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves You say that like it actually makes a a difference when considering malicious actors inside development companies. >repos routinely offer outdated versions with bugs Install Gentoo
Jonathan Baker
>av ClamAV >fw ufw >uac "sudo" + command/executable >X11 Wayland >whoever is in charge of repo You can always download user software from dedicated websites or github/gitlab, or download source codes and self compile. >repos routinely offer outdated versions with bugs Flatpak, snaps and appimages
Luke Mitchell
>repos are updated constantly hahaha >pfsense not a personal firewall >ufw doesn't allow filtering per application >literally any DE has one Maybe try learning what Windows UAC does before commenting >how about not using *bsd that's not an answer >any software update for any system will have bugs. what the fuck does that even mean? In Windows you can simply download latest version from developer's website, in Linux good luck if your repository has old version, good luck
Nathan Jenkins
Firejail
Firejail allows filtering per application. It can force processes and their children to a specific network interface, which can be further restricted by iptables "Personal firewall" generally refers to per-application filtering which has only been made possible recently with the addiction of Linux namespaces, which firejail uses
Caleb Reed
>>no antivirus ClamAV >>no personal firewall iptables >>no UAC sudo >>X11 allows anything with user rights record you typing root password Which is why we're getting Wayland >>integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves Not necessarily >>repos routinely offer outdated versions with bugs Even Debian, the stone age distro, pushes lots of security updates and backports
James Brooks
>Lol just compile it yourself, what are you a noob?
How is this an acceptable answer in 2018? You guys wonder why can't Linux pass 1% and then write shit like this
Dominic Thomas
lol just compile it yourself; what are you a noob?
fucking whiny pussy bitch.
Ian Flores
Are you a fucking retard? It's one of the 3 presented options and you decide to cherry pick in order to """prove""" something. Your post is just as worthless as you are. Kill yourself.
Zachary Phillips
Usually you want to whitelist applications you wish to give access, not the other way around. If you can do something like running everything in firejail, feel free to tell but I haven't found a comfortable way to do that.
Austin Morgan
As a Linux user for 10+ years, I've literally never have had to compile a single package. I wouldn't even know how. As far as I can see it, compiling is a last ditch attempt for anyone who needs some exceedingly obscure program. I'm sure there are some hardcore neckbeards out there who would disagree, but compiling isn't really a necessity for normal users anymore.
Chase Sanders
>Wayland, Flatpak
It's worth noting how recent and not adopted these things are in comparison with Windows who has context separation for over than decade and "just werks" installation from very beginning.
Brayden Bailey
Sure, it's nice and dandy if the thing you're looking for is in a repository. Post you are replying to is written with outdated version in mind, which is pretty common occurrence. Unless devs distribute x64 binaries themselves (which is extremely unpopular in free software world for some reason) they you are toast.
And I wouldn't say obscure, just anything outside of repository. Even if they do have your repository's package, in my experience it fails 5 0% of time on some dependency that I can't solve. I'm hopeful for Flatpak though.
Grayson Scott
I thought that one of the motivation for Wayland is that X11 can't be modified to do that.
Jaxon Collins
Because they are shit and not worth replying to. I don't know what "dedicated websites" are you talking to and no, it's not a common practice to put binaries on github.
Oliver Perry
>they are shit and not worth replying to. You're shit and not worth replying to, but I'll do it anyway since you're obviously too stupid to exit without your hand being held. >it's not a common practice to put binaries on github. It is for most user software. >don't know what "dedicated websites" are Website of the fucking project which contains the binary or it's own repository. Example, wire.com/en/download/ or mpv.io/installation/ . If a website states that it's software is already in an official repo then it's safe to assume it's a safe to use package. You'd have to be autistic not to trust the maintainer, developer and the distro itself for no reason when everything is transparent.
Owen Peterson
>it's not a common practice to put binaries on github. How the fuck would you put a gender on github?!?
>66476775 >no antivirus >no personal firewall >no UAC >X11 allows anything with user rights record you typing root password >integrity of software is guaranteed by whoever is in charge of repo instead of developers themselves >repos routinely offer outdated versions with bugs we showed them
Linux is a kernel, a program you install with your package manager.
Eli Green
I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX. Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.
Colton Kelly
How do you block firefox in ufw then?
Angel Flores
Good post.
Grayson Gonzalez
based
Jacob Jackson
Cool bro, you showed me two examples. Doesn't change the fact that it's not common practice.
And if you are lucky enough, there is good chance you won't be able to install package because of dependency that unsurprisingly is also outdated in your repository. Good luck going that rabbit hole.
Meanwhile on Windows, Mac, it just works.
Easton Cooper
>muh dependency Irrelevant, things just work. It's just as rare to get a dependency issue on Linux as it is on windows. And snaps/flatpaks/appimages will fix that issue.
Because Linux is a meme OP, just like AMD and ThinkPads
Jayden Johnson
>things just work They don't though, especially if repository itself is outdated
Christopher Hall
>sudo apt update Wow
Wyatt Torres
>especially if repository itself is outdated what does this even mean?
Nathan Clark
Not them but I'm assuming they meant that the repo has outdated software. It isn't that fucking hard to get.
Henry Morris
>has outdated software pretty understandable considering that not all software get a newer version at the same exact time. Would you rather have a slightly outdated software or do you want a deep dive into dependency by keeping two versions of the same package because one software is updated and needs the newer version as a dependency while countless other programs need the older version since they're not updated yet? Fuckton of people complained about dependency hell on Windows but when Linux tries to do it right people still complain like retards and don't know how to think any deeper.
Cooper Ramirez
he's not referring to outdated software the wording is pretty fucking clear and it's a clear indication that he has absolutely no idea what he's talking about
Josiah Allen
>dependency hell on Windows
Jaxon Ortiz
Yes I am, perhaps I should have written it more clearly but then again it's good enough for all that aren't braindead.
It's a real problem I had, wanted to install OpenTTD but apt had only seriously outdated version. No problem, just install deb file they provide on their website? Well that package depends on libraries that are also outdated in repo. At that point you can try download those from web and hope that you don't break anything which is about as far from "it just works" as possible.
Luckily in this case they provide statically linked version with everything in it, but how many developers actually do that?
Thomas Garcia
>Fucking brainlets, wanting to have latest versions
We'll do it right way and run something full of disclosed security holes. It's the price we pay for software freedom
>what are security patches do you seriously think the repos just include the completely unmodified versions of everything direct from the upstream devs?
>clamav >firewalls are a thing >privileges are separated by groups >X keylogger meme here is vague >so what? >depends how repos are maintained for each distro
Josiah Evans
that's a very bad analogy.
Angel White
Nobody is claiming that GNU+Linux is very safe
Charles Baker
>not liking pubes gay
Brandon Ortiz
>that pic It really makes you think, I had sex with a girl with shaved pubes and a girl with a full bush (not at the same time or occasion) but I couldn't feel a difference between them. When you are j-jamming it you don't care too much really.
Brody Robinson
>point out flaws in the OS >sperg chiefs make pedantic shitpost about Linux being a kernel and say nothing else then run away
Every time.
Luke Harris
He looks like a cuck, what else do you expect him to be able to think of other than being cucked?
Jack Ramirez
nice
Oliver Parker
This is why Linux enterprise desktop usage adoption is fairly low and is largely focused on developers. Windows is much better and easier to securely deploy with minimal tweaks out of the box for your average user environment.
Aiden Jones
Yea it actually doesn't stop shit, surprise surprise.
Liam Rogers
No, natural pubes are homosex. Trimmed pubes are GOAT.