Anyone got any comments on these claims about GNU/Linux security flaws?
@strypey A lot of these vulns require already gaining access, which isn't exactly a trivial matter on many systems so assuming you can get in, then there is a lot of really bad stuff you can do... It's a big if and I think the risk for most users is blown out of proportion. With good sandboxing a lot of the damage an attacker could do could be mitigated significantly. Also things like tripwire help a lot, but there are ways out of sandboxes and you can alias tripwire.
@tomosaigon there are all sorts of security concepts (Object Capabilities, Reproducible Builds etc) that will improve the whole situation as devs learn to apply them. But security is and will always be about managing risks, with different levels of predictability. The most vulnerable component in a computer system is usually the human user. It's never a purely technical discussion.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!